A large-scale spear-phishing campaign led by a foreign adversary is targeting government and IT sector systems, the Cybersecurity and Infrastructure Security Agency (CISA) warned in an Oct. 31 alert. […]
The Cybersecurity and Infrastructure Security Agency (CISA) released its first-ever International Strategic Plan this week, which covers the 2025-2026 period and aims to serve as a complement to the agency’s first comprehensive strategic plan published two years ago. […]
The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI released draft guidance on product security bad practices last week, highlighting practices that are deemed “exceptionally risky” and providing recommendations for software manufacturers to mitigate these risks. […]
During its quarterly meeting on Friday, the Cybersecurity and Infrastructure Security Agency’s (CISA) Cybersecurity Advisory Committee (CSAC) approved recommendations in four reports delivered to Director Jen Easterly aimed at bolstering resilience for critical infrastructure and open source security, as well as ensuring adoption of the agency’s secure by design initiative and increasing the agency’s public outreach. […]
Government agencies and critical infrastructure entities are not prepared for a cyber conflict with China, according to a new draft report from a subcommittee of the Cybersecurity and Infrastructure Security Agency’s (CISA) Cybersecurity Advisory Committee (CSAC). […]
The Cybersecurity and Infrastructure Security Agency (CISA) and the National Cybersecurity Alliance, along with other Federal agency partners, this week kicked off the 21st annual Cybersecurity Awareness Month. […]
Just a few months after taking over the helm as the executive assistant director for cybersecurity at the Cybersecurity and Infrastructure Security Agency (CISA), Jeff Greene laid out his priorities on Tuesday with partnerships topping the list. […]
The Cybersecurity and Infrastructure Security Agency (CISA), through its Vulnerability Disclosure Policy (VDP) platform, has helped save an estimated average of $4.45 million in potential remediation costs for critical and severe vulnerabilities across the Federal government. […]
Senate Intelligence Committee Chair Mark Warner, D-Va., is calling on the Cybersecurity and Infrastructure Security Agency (CISA) to do more to combat the spread of election misinformation and disinformation, especially in the age of artificial intelligence. […]
The Cybersecurity and Infrastructure Security Agency (CISA) unveiled a new plan Monday to align collective operational defense capabilities across the Federal government and drive down cybersecurity risks to more than 100 Federal Civilian Executive Branch (FCEB) agencies. […]
The Cybersecurity and Infrastructure Security Agency’s (CISA) Associate Director for China Operations, Andrew Scott, has stepped down from his role, a CISA spokesperson confirmed to MeriTalk. […]
The Cybersecurity and Infrastructure Security Agency (CISA) has launched a new streamlined cyber incident reporting portal featuring enhanced reporting and security features, as well as a new “collaboration” function that allows users to have informal discussions with CISA. […]
A new report out from the Government Accountability Office (GAO) outlines 37 open recommendations that the Department of Homeland Security (DHS) should prioritize, including an important one at the heart of how DHS’s Cybersecurity and Infrastructure Security Agency (CISA) undertakes its mission. […]
The Cybersecurity and Infrastructure Security Agency (CISA) hosted its seventh annual Tabletop the Vote election security exercise on Aug. 22-23 and Aug. 26-27. […]
The Cybersecurity and Infrastructure Security Agency (CISA) announced on Thursday the release of its “Software Acquisition Guide for Government Enterprise Consumers: Software Assurance in the Cyber-Supply Chain Risk Management (C-SCRM) Lifecycle.” […]
The Cybersecurity and Infrastructure Security Agency (CISA) announced today it has selected Lisa Einstein to serve as the agency’s first-ever chief artificial intelligence officer (CAIO). […]
As the Cybersecurity and Infrastructure Security Agency (CISA) prepares to issue its final rule to implement the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA), the agency is also preparing to implement new technology solutions and hire additional staff to help with the coming influx in cyber incident reports. […]
The Cybersecurity and Infrastructure Security Agency (CISA) made public a report Monday detailing the findings of a pilot that examined whether current Federal vulnerability detection software products that use AI – including large language models – are more effective. […]
The Cybersecurity and Infrastructure Security Agency (CISA) said today it is promoting to permanent titles Jeff Greene as the executive assistant director for cybersecurity, and Trent Frazier as the assistant director for stakeholder engagements. […]
The Cybersecurity and Infrastructure Security Agency (CISA) wants cybersecurity for the average American to become second nature – as normalized as putting on your seatbelt when you get into a car. However, cybersecurity is often misunderstood by those outside of the field, who view it as a job reserved for IT professionals in a high-tech environment. […]
The Cybersecurity and Infrastructure Security Agency (CISA) released a new update this week to its Secure Tomorrow Series Toolkit to help stakeholders in the critical infrastructure community better prepare for future cyber threats. […]
Eric Goldstein, the executive assistant director for cybersecurity at the Cybersecurity and Infrastructure Security Agency (CISA), stepped down from his role last month and announced on June 30 that he has landed at Capital One. […]
More than half of critical open-source tools are built on code that doesn’t internally manage memory overflow risks, potentially leaving them vulnerable to exploitation by hackers, according to findings released by the Cybersecurity and Infrastructure Security Agency (CISA) on June 26. […]
The Cybersecurity and Infrastructure Security Agency (CISA), along with the National Council of Statewide Interoperability Coordinators (NCSWIC), has released updated SAFECOM Guidance on Emergency Communications Grants (SAFECOM Guidance), which is focused on assisting state and local governments in accessing funding for emergency communications. […]
A top Cybersecurity and Infrastructure Security Agency (CISA) official emphasized today that CISA can’t do its job as the nation’s cyber defense agency without the help from industry and academia. […]
The Cybersecurity and Infrastructure Security Agency (CISA) and its Joint Cyber Defense Collaborative (JCDC) conducted their first-ever AI tabletop security incident exercise on June 13 with more than 50 AI experts from government agencies and private sector tech firms. […]
The Cybersecurity and Infrastructure Security Agency (CISA) is preparing to release a Buyer’s Guide, which CISA Director Jen Easterly on Wednesday said she’s particularly excited about because it will help to shift consumers’ mindset from secure by design to secure by demand. […]
A key advisory panel to leadership of the Cybersecurity and Infrastructure Security Agency (CISA) voted on Wednesday to approve three recommendations to CISA Director Jen Easterly that aim to improve the operations of the Joint Cyber Defense Collaborative (JCDC). […]
The Cybersecurity and Infrastructure Security Agency (CISA) issued guidance on Thursday that aims to help Federal agencies meet requirements related to the encryption of Domain Name System (DNS) traffic and bolster the cybersecurity of their IT networks. […]
Eric Goldstein, the executive assistant director for cybersecurity at the Cybersecurity and Infrastructure Security Agency (CISA), is stepping down from his role next month. […]