Eric Goldstein, the executive assistant director for cybersecurity at the Cybersecurity and Infrastructure Security Agency (CISA), is stepping down from his role next month. […]
With the 2024 U.S. elections just six months away, top Federal intelligence and security officials warned lawmakers that America’s foreign adversaries will again seek to influence the upcoming elections by harnessing the latest innovations in artificial intelligence (AI) technology. […]
Sen. JD Vance, R-Ohio, is calling on the Cybersecurity and Infrastructure Security Agency (CISA) to provide more details on a People’s Republic of China (PRC) state-sponsored cyber actor – known as Volt Typhoon – which he says poses a national security threat. […]
The head of the Cybersecurity and Infrastructure Security Agency (CISA) said today that her team has plans to unveil its own international cyber strategy on the heels of the State Department’s release of its International Cyberspace and Digital Policy Strategy during the RSA Conference in San Francisco last week. […]
A total of 68 tech firms have signed onto the Cybersecurity and Infrastructure Security Agency’s (CISA) Secure by Design pledge under which they will use best efforts over the next year to build better security into their products. […]
Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly said her agency is due to reveal later on Wednesday at the RSA Conference in San Francisco that 60 tech companies will be signing onto a voluntary secure-by-design pledge to make their technology products more secure against ransomware and other forms of cyberattacks. […]
The Cybersecurity and Infrastructure Security Agency (CISA) is adding four new members to the Cyber Safety Review Board (CSRB) established by the Department of Homeland Security (DHS) in 2022 to review and assess major cybersecurity events, including former CISA Director Chris Krebs. […]
Pro-Russia hacktivists are targeting and compromising small-scale operational technology (OT) systems in North American and European critical infrastructure sectors – including water and wastewater systems (WWS), dams, energy, and food and agriculture – according to a joint fact sheet released today by leading Federal cyber agencies. […]
Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly told lawmakers on April 30 that the Biden administration’s fiscal year 2025 request for CISA will help fund agency activities in three key areas, including to fight malign Chinese cyber actors. […]
As the Cybersecurity and Infrastructure Security Agency (CISA) celebrates the one-year anniversary of its Secure by Design initiative, the agency is looking to elevate the effort in public conversation and have customers make more demands of software vendors. […]
The head of the Cybersecurity and Infrastructure Security Agency (CISA) said Wednesday that some of the agency’s key ransomware initiatives have sent out more than 2,000 warnings of vulnerabilities over the last year. […]
Individuals and teams from the U.S. military service branches took home top prizes in the fifth annual President’s Cup Cybersecurity Competition organized by the Cybersecurity and Infrastructure Security Agency (CISA), CISA announced on April 19. […]
The Government Accountability Office (GAO) is calling on two Federal agencies in charge of overseeing the implementation of President Biden’s 2021 cybersecurity executive order (EO) to fully complete the remaining five requirements tasked to them in the order. […]
The Cybersecurity and Infrastructure Security Agency (CISA), FBI, and the Office of the Director of National Intelligence (ODNI) issued guidance on Wednesday that details how to protect election infrastructure from foreign malign influence operations. […]
The head of the Cybersecurity and Infrastructure Security Agency (CISA) said today that the Federal government has a “powerful” ability to mandate security standards for software vendors through its procurement process. […]
While the Cybersecurity and Infrastructure Security Agency (CISA) developed its Continuous Diagnostics and Mitigation (CDM) program in 2012 with a monolithic software architecture, a top CISA tech official said today the program is looking to evolve to become “a lot more flexible and modular.” […]
Sean Connelly, who has been long been a prime mover on zero trust and other security policies for the Cybersecurity and Infrastructure Security Agency (CISA), will soon be leaving Federal government service to join cloud security provider Zscaler, the company confirmed to MeriTalk. […]
The Cybersecurity and Infrastructure Security Agency (CISA) publicly issued an emergency directive today calling on Federal agencies to take immediate action to reset authentication credentials following a breach of Microsoft corporate email accounts by Russian state-sponsored cyber actor Midnight Blizzard. […]
The Cybersecurity and Infrastructure Security Agency (CISA) is well on its way to implementing new cloud and IT environments that the agency has been working on for the past two years, a top agency tech official said this week. […]
Matt House, who runs the Cybersecurity and Infrastructure Security Agency’s (CISA) Continuous Diagnostics and Mitigation (CDM) program, previewed today that his office is working on an effort to better explain how the CDM program supports the Federal government’s push toward zero trust security architectures, and specifically the Zero Trust Maturity Model (ZTMM) that CISA last updated in April 2023. […]
The Cybersecurity and Infrastructure Security Agency (CISA) published a new dedicated High-Risk Communities webpage today with a range of cybersecurity resources for civil society organizations and other high-risk communities. […]
The Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) published its long-awaited cyber incident reporting rule today for the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA), requesting public input on the forthcoming regulations. […]
Sen. Gary Peters, D-Mich., chairman of the Senate Homeland Security and Governmental Affairs Committee, is calling on the Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Health and Human Services (HHS) to prioritize cybersecurity efforts in the healthcare sector. […]
The Cybersecurity and Infrastructure Security Agency (CISA) is slated to receive $2.8 billion in fiscal year (FY) 2024 under a government funding package lawmakers unveiled on Thursday – marking a more than $34 million cut from the FY2023 level and leaving some key cybersecurity programs funded at sharp discounts to amounts the White House proposed. […]
In response to the evolving threat environment, the Cybersecurity and Infrastructure Security Agency (CISA) is looking to better coordinate cybersecurity operations across the Federal government through a newly released Federal Operational Cyber Alignment Plan, or FOCAL. […]
The Cybersecurity and Infrastructure Security Agency (CISA) announced on March 18 the availability of the Repository for Software Attestation and Artifacts that software developers can use to share software attestation forms and relevant artifacts. […]
The Cybersecurity and Infrastructure Security Agency (CISA) has released new guidance to help deal with identity management capabilities when transitioning from on-premises enterprise networks to cloud-based solutions. […]
Two of the Federal government’s top cybersecurity officials praised a new White House report this week that offers four recommendations to fortify the resilience of the nation’s critical infrastructure – including establishing performance goals and ramping up funding for agencies that oversee the sectors. […]
The Biden-Harris administration approved a secure software development attestation form on Monday, taking a crucial step towards ensuring Federal contractors provide secure products to the Federal government. […]
A new report from the Government Accountability Office (GAO) is urging the Cybersecurity and Infrastructure Security Agency (CISA) to improve its workforce planning functions and collaboration with critical infrastructure providers as it helps those providers to address security weaknesses in operational technologies (OT). […]