Sean Connelly, who has been long been a prime mover on zero trust and other security policies for the Cybersecurity and Infrastructure Security Agency (CISA), will soon be leaving Federal government service to join cloud security provider Zscaler, the company confirmed to MeriTalk. […]

The Cybersecurity and Infrastructure Security Agency (CISA) publicly issued an emergency directive today calling on Federal agencies to take immediate action to reset authentication credentials following a breach of Microsoft corporate email accounts by Russian state-sponsored cyber actor Midnight Blizzard. […]

The Department of Homeland Security (DHS) has a new chief information security officer (CISO) as of April 7, a DHS spokesperson confirmed to MeriTalk today. […]

The Cybersecurity and Infrastructure Security Agency (CISA) is well on its way to implementing new cloud and IT environments that the agency has been working on for the past two years, a top agency tech official said this week. […]

A new bipartisan bill in the House would require the Department of Homeland Security (DHS) to deliver a plan to Congress on how it can integrate emerging technology such as AI and machine learning at the border. […]

The Department of Homeland Security’s (DHS) Cyber Safety Review Board (CSRB) released findings late Tuesday following its independent review of the summer 2023 Microsoft Exchange Online intrusion that attributed the success of the China-based hack to “a cascade of security failures at Microsoft” and an “inadequate” security culture at the company. […]

Matt House, who runs the Cybersecurity and Infrastructure Security Agency’s (CISA) Continuous Diagnostics and Mitigation (CDM) program, previewed today that his office is working on an effort to better explain how the CDM program supports the Federal government’s push toward zero trust security architectures, and specifically the Zero Trust Maturity Model (ZTMM) that CISA last updated in April 2023. […]

The Cybersecurity and Infrastructure Security Agency (CISA) published a new dedicated High-Risk Communities webpage today with a range of cybersecurity resources for civil society organizations and other high-risk communities. […]

The Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) published its long-awaited cyber incident reporting rule today for the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA), requesting public input on the forthcoming regulations. […]

The Department of Homeland Security’s (DHS) first Chief AI Officer (CAIO) Eric Hysen said this week that he is aiming for DHS to be a national leader in AI technologies – not only for the rest of the Federal government but for industry as well. […]

In response to the evolving threat environment, the Cybersecurity and Infrastructure Security Agency (CISA) is looking to better coordinate cybersecurity operations across the Federal government through a newly released Federal Operational Cyber Alignment Plan, or FOCAL. […]

The Cybersecurity and Infrastructure Security Agency (CISA) announced on March 18 the availability of the Repository for Software Attestation and Artifacts that software developers can use to share software attestation forms and relevant artifacts. […]

The Cybersecurity and Infrastructure Security Agency (CISA) has released new guidance to help deal with identity management capabilities when transitioning from on-premises enterprise networks to cloud-based solutions. […]

The Biden-Harris administration approved a secure software development attestation form on Monday, taking a crucial step towards ensuring Federal contractors provide secure products to the Federal government. […]

The Federal government should provide economic incentives such as tax deductions or Federal grants to critical infrastructure providers and other organizations that adopt cybersecurity best practices, the National Security Telecommunications Advisory Committee (NSTAC) said in a March 7 report. […]

The Cybersecurity and Infrastructure Security Agency (CISA) has announced three initial key actions to help secure the open source ecosystem upon the conclusion of its two-day Open Source Software (OSS) Security Summit this week. […]

The Cybersecurity and Infrastructure Security Agency (CISA) is undergoing a large-scale modernization process with plans to migrate the majority of its legacy IT systems to a brand-new “greenfield solution” later this year, according to CISA Chief Information Officer (CIO) Robert (Bob) Costello. […]

As Federal agencies continue on their zero trust journeys, Federal officials on Thursday stressed the importance of being intentional with their cybersecurity tools and budgets in order to remain a step ahead of adversaries. […]

The Cybersecurity and Infrastructure Security Agency (CISA), along with the FBI and international partners, released a cybersecurity advisory (CSA) today to warn about the ongoing exploitation of multiple vulnerabilities within the Ivanti Connect Secure and Ivanti Policy Secure gateways. […]

Government agencies and private sector firms need to boost their cybersecurity capabilities to keep pace with increasing threats and should turn to AI and quantum computing for help in pursuing that goal, Federal cybersecurity experts said today at the Visualyze Zero Trust Security Summit hosted by MeriTalk and Gigamon in Washington, D.C […]

The Cybersecurity and Infrastructure Security Agency (CISA) – along with the UK National Cyber Security Centre (NCSC) and other international partners – has released a joint advisory warning of tactics and techniques used by alleged Russian Foreign Intelligence Service (SVR) hackers to infiltrate cloud systems. […]

The Cybersecurity and Infrastructure Security Agency (CISA) has given its Information and Communications Technology (ICT) Supply Chain Risk Management (SCRM) Task Force another two-year term to continue its work on creating solutions for managing global ICT supply chain risk. […]

The Cybersecurity and Infrastructure Security Agency (CISA) is moving to consolidate disparate zero trust security policy functions into a new single office at the agency. […]

The Cybersecurity and Infrastructure Security Agency (CISA) issued 2024 Priorities today for its Joint Cyber Defense Collaborative (JCDC) – aligning its priorities for the first time under three focus areas to help establish resources required and strategic direction. […]

The Department of Homeland Security (DHS) is launching a new initiative focused on hiring 50 new artificial intelligence experts to help leverage AI technology across strategic areas of the department. […]

Beth Cappello, the Department of Homeland Security (DHS) deputy chief information officer who is set to leave her post later this year, this week talked about the agency’s tech to-do list for 2024 and indicated that further work to mature agency security, and to boost its cybersecurity workforce, are prominent on the horizon. […]

As polls across the United States begin to open for the 2024 election cycle, the Cybersecurity and Infrastructure Security Agency (CISA) is warning election officials of the role generative AI could play in threatening election infrastructure. […]

The Department of Homeland Security (DHS) Science and Technology Directorate (S&T) today announced the launch of Track 3 of the Remote Identity Validation Technology Demonstration (RIVTD), in which remote identity validation systems will showcase their ability to differentiate between real users and attackers attempting to impersonate other users. […]

The Cybersecurity and Infrastructure Security Agency (CISA) has released nine new Industrial Control Systems (ICS) advisories that the agency says will “provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.” […]

The Cybersecurity and Infrastructure Security Agency (CISA) is looking to test the technical capabilities of teams and individuals in its fifth annual 2024 President’s Cup Cyber Competition, where teams will be pitted against each other in a competition to recognize and reward some of the very best in the cybersecurity world.’ […]