The Cybersecurity and Infrastructure Security Agency’s (CISA) fiscal year (FY) 2023 budget request came in at $2.5 billion – 18 percent more than requested in FY2022 – but CISA Director Jen Easterly told members of Congress that the agency’s funding needs will continue to increase if CISA hopes to meet the goal of being the nation’s cyber defense agency. […]
The Cybersecurity and Infrastructure Security Agency (CISA), along with Federal and international partners, released a list of frequently exploited common vulnerabilities and exposures (CVEs), including the top 15 most exploited CVEs of 2021. […]
The Cybersecurity and Infrastructure Security Agency (CISA) is bringing on Bob Lord – who has served as the first chief security officer for the Democratic National Committee since 2018 – as a senior technical advisor to the agency, CISA announced April 25. […]
The Cybersecurity and Infrastructure Security Agency (CISA) said today it adding to its Joint Cyber Defense Collaborative (JCDC) group several private sector firms with expertise in protecting industrial control systems (ICS) and operational technology (OT). […]
As the Russian invasion of Ukraine continues through its second month with no let-up in sight, Federal cybersecurity and law enforcement officials are warning that they still see indications of potential Russian cyberattacks on United States critical infrastructure, and are reiterating their “Shields Up” warning to meet those potential threats. […]
The Cybersecurity and Infrastructure Security Agency (CISA) held its second Cybersecurity Advisory Committee meeting on March 31, where committee members provided updates on their subcommittee work that will help inform key deliverables for the committee’s next meeting in June. […]
Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly has set what she called an “ambitious goal” to fill talent gaps in the cybersecurity industry by targeting a 50 percent share of that workforce for women by 2030. […]
After a few failed attempts, cyber incident reporting legislation made it over the finish line as part of the fiscal year (FY) 2022 appropriations bill – a victory hailed by Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly and lawmakers as a necessary step for more visibility to protect critical infrastructure. […]
The Cybersecurity and Infrastructure Security Agency (CISA) and FBI are warning United States-based organizations of two destructive malware programs used by Russia against Ukrainian organizations in the leadup to Russia’s invasion of Ukraine, and the threat vectors seen in those attacks. […]
With tensions mounting between Russia and Ukraine, the Cybersecurity and Infrastructure Security Agency (CISA) is warning critical infrastructure (CI) owners and operators – as well as any other United States-based organizations – to keep their guard up. To help organizations do that, the cybersecurity agency released insights for the CI sector, as well as a new webpage Feb. 18 to help organizations better steel themselves against a potential Russian cyber threat. […]
The Cybersecurity and Infrastructure Security Agency (CISA) has launched a new webpage featuring a catalog of free cybersecurity tools and resources that the agency hopes will serve as a “one-stop resource where organizations of all sizes can find free public and private sector resources to reduce their cybersecurity risk.” […]
Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly made a strong pitch on Feb. 17 for the agency’s push to create an underlying culture of organizational success that she said is critical to creating optimal performance at the nation’s cyber defense agency. […]
Ross Nodurft, executive director of the Alliance for Digital Innovation and former chief of the Office of Management and Budget’s (OMB) cybersecurity team, gave positive reviews to the final version of OMB’s zero trust security directive to Federal agencies, but also noted agencies’ ability to find funding to implement the strategy in the near term remains somewhat cloudy. […]
Officials from the Cybersecurity and Infrastructure Security Agency (CISA) and within the cybersecurity industry are warning of the potential for threat actors to have already exploited the Log4j vulnerability, but are waiting to pull the trigger on any planned exploits until focus on the vulnerability abates. […]
A month after its first public warnings about the Log4j vulnerability, the Cybersecurity and Infrastructure Security Agency (CISA) is continuing to work with Federal agencies and the public to mitigate potential exposure, and also renewing calls for a software bill of materials (SBOM) to aid in system visibility and inventory management. […]
Sen. Gary Peters, D-Mich., is renewing calls for mandatory incident reporting legislation, after meeting virtually with Biden administration cybersecurity leaders on Jan. 5 for a briefing about the Log4j critical vulnerability. […]
The Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive to Federal agencies today, requiring them to assess their internet-facing network assets for the Apache Log4j vulnerabilities and immediately patch these systems or implement other appropriate mitigation measures. […]
The Cybersecurity and Infrastructure Security Agency (CISA) released a statement on Dec. 11 with guidance for organizations to protect themselves against the “log4j” critical vulnerability that surfaced over the weekend. […]
The Cybersecurity and Infrastructure Security Agency (CISA) held its inaugural Cybersecurity Advisory Committee meeting Dec. 10, focusing heavily on how CISA and the committee can increase the Federal and national cybersecurity workforce. […]
The Cybersecurity and Infrastructure Security Agency (CISA) held its first Cybersecurity Advisory Committee meeting today, in which agency officials laid out their expectations for the committee and called for actionable cyber recommendations from committee members that CISA can implement. […]
As the Federal government continues to focus on boosting the nation’s cybersecurity hygiene, Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly said Nov. 18 that visibility and modernization are the keys to improving the nation’s cybersecurity posture. […]
Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly said November 10 that the agency’s Binding Operational Directive (BOD) issued earlier this month to Federal agencies to remediate against a list of 300 known exploited cyber vulnerabilities appears to be getting a good reception from government and industry as an effective roadmap on how to prioritize action against prevalent cyber threats. […]
The Cybersecurity and Infrastructure Security Agency (CISA) today issued a Binding Operational Directive (BOD) to significantly boost the nation’s cyber hygiene by creating a catalog of known exploited vulnerabilities and forcing Federal agencies to remediate them. […]
Legislative and Federal policy efforts are coming together to focus on protecting the top-most tiers of critical infrastructure in the United States, top officials from the House and the Cybersecurity and Infrastructure Security Agency (CISA) agreed today. […]
The Department of Homeland Security (DHS) has taken on a number of recent initiatives to build a diverse cyber workforce, which DHS Secretary Alejandro Mayorkas and Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly outlined today during the third week of the CISA Cybersecurity Summit. […]
The Cybersecurity and Infrastructure Security Agency (CISA) is in the process of building out its Joint Cyber Defense Collaborative (JCDC) office, and CISA Director Jen Easterly today said that while the office is being established based on the Cyberspace Solarium Commission recommendation of creating a joint collaborative planning office, the JCDC will be about more than just planning. […]
The fiscal year (FY) 2022 National Defense Authorization Act (NDAA) passed the House of Representatives late Sept. 23 with a bipartisan 316-113 vote. Among the amendments are a number of tech provisions focusing heavily on cybersecurity, along with some focusing on the digital workforce, cloud, and AI. […]
The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) announced today that cybersecurity veteran Kiersten Todt will be the agency’s next chief of staff. […]
The Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) today announced its Joint Cyber Defense Collaborative (JCDC) initiative which to use collaboration to drive down cyber risks faced by Federal agencies, state and local governments, and the private sector. […]
The Senate on July 12 voted unanimously to confirm Jen Easterly as director of the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA). Easterly will assume the role following a wave of recent cyberattacks targeting critical infrastructure and businesses. […]