The Cybersecurity and Infrastructure Security Agency (CISA) said today it is aiming to responsibly use artificial intelligence (AI) technologies in its missions to protect Federal civilian agencies and critical infrastructure sectors, while also assisting government and private sector organizations in making sure that the AI-enabled software they use is secure by design. […]

The Cybersecurity and Infrastructure Security Agency (CISA) – which in recent years has taken an outsized role in helping to ensure the security of elections run by state and local authorities throughout the country – said today that it had seen no credible threats to election infrastructure and processes as many states held off-year elections for state legislative and other offices. […]

With the Continuous Diagnostics and Mitigation (CDM) Program – one of the Cybersecurity and Infrastructure Security Agency’s (CISA) top security efforts for Federal agencies – hitting its 11-year anniversary, Program Manager Matt House last week discussed some of the program’s major priorities for fiscal year 2024. […]

The Cybersecurity and Infrastructure Security Agency (CISA) has released a request for comment, looking for public comments on its latest white paper on software identification ecosystems. […]

The Cybersecurity and Infrastructure Security Agency (CISA) has introduced Logging Made Easy (LME), a new Windows-based, free and open log management toolset designed to help organizations better use security data. […]

A top Cybersecurity and Infrastructure Security Agency (CISA) official said this week that the House Republicans’ proposed 25 percent budget cut to the cyber agency would have “catastrophic” effects on CISA’s programs – like the Continuous Diagnostics and Mitigation (CDM) Program. […]

The Cybersecurity and Infrastructure Security Agency (CISA) is leading an effort to update the National Cyber Incident Response Plan (NCIRP) by the end of 2024, as directed in the Biden administration’s National Cybersecurity Strategy released earlier this year. CISA, in close coordination with the Office of the National Cyber Director (ONCD), is embarking on a […]

A new report out today from the Center for Strategic and International Studies (CSIS) focuses on the Cybersecurity Infrastructure Security Agency’s (CISA) growth and mission needs, and offers a range of findings and recommendations that go beyond basic funding needs to bolster CISA’s ability to defend the nation’s cyberspace and the security of Federal Civilian Executive Branch agencies (FCEB). […]

Federal agencies are increasingly adopting edge computing, citing its transformative power to enable field agents and military personnel to make faster decisions and respond to crisis situations, experts said. […]

The Cybersecurity and Information Security Agency (CISA) is making some major changes to how it manages the infrastructure behind official government websites. The next change, CISA said, is launching a new .gov registrar.  […]

The Cybersecurity and Infrastructure Security Agency (CISA) and 17 international partners rolled out the first new batch of updates to its “secure-by-design” guidance document Monday. […]

The Executive Director of the Cybersecurity and Infrastructure Security Agency (CISA) said today that the threat posed by China within the cyber realm is evolving and much more serious today than it was a decade ago ­– particularly when it comes to potentially targeting the United States’ critical infrastructure. […]

The Cybersecurity and Infrastructure Security Agency (CISA) is asking organizations that deliver essential internet services to quickly apply updates and patches to their networks after news emerged this week detailing what are thought to be the largest-ever distributed denial-of-service (DDoS) attacks. […]

The Cybersecurity and Infrastructure Security Agency (CISA) published new guidance today to improve security and risk management of open source software (OSS) use at operational technology (OT) vendors and critical infrastructure facilities. […]

A newly released advisory from the Cybersecurity and Infrastructure Security Agency (CISA), in partnership with the National Security Agency (NSA), highlights the most common cybersecurity misconfigurations in large organizations.  […]

New guidance from the Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) highlighted significant ongoing challenges Federal agencies and industry face in implementing security controls like multifactor authentication (MFA) to manage identity security. […]

Hours before it appeared the government was set to shut down, President Biden issued an executive order Friday to extend the activities of the National Security Telecommunications Advisory Committee (NSTAC) until Sept. 30, 2025.   […]

A new report from the Government Accountability Office (GAO) finds that Federal agencies and critical infrastructure owners must do a better job at sharing information to tackle increasingly complex cyber threats. […]

The Department of Homeland Security (DHS) – the Cybersecurity and Infrastructure Security Agency’s (CISA) parent agency – said yesterday that only 571 of CISA’s 3,117 employees would continue to work through a government shutdown – meaning that 79 percent of the agency’s staff would be staying home until government funding is restored. […]

The Cybersecurity and Infrastructure Security Agency (CISA) is kicking off its public service announcement (PSA) “Secure Our World” campaign that is focused on increasing cybersecurity awareness across government and private entities. […]

The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) released a joint Cybersecurity Advisory (CSA) on Sept. 20 warning about new and evolving threats from hackers utilizing Snatch ransomware. […]

Today, the Cybersecurity and Infrastructure Security Agency (CISA) released the new Hardware Bill of Materials (HBOM) Framework for Supply Chain Risk Management product from the Information and Communications Technology (ICT) Supply Chain Risk Management (SCRM) Task Force.   […]

As AI technologies are increasingly used to create deceptive content, Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly said on Tuesday that Americans can remain confident in U.S. election infrastructure, but also warned that the information environment is at risk. […]

Cybersecurity experts across the private sector expressed concerns today that a Federal government shutdown would have major negative impacts on the Cybersecurity and Infrastructure Security Agency’s (CISA) ability to defend Federal networks and keep its critical cyber programs running. […]

The Cybersecurity and Infrastructure Security Agency’s (CISA) new Cyber Supply Chain Risk Management (C-SCRM) Office is in the process of developing training and maturity models for Federal agencies, with an eye of releasing these resources in the new fiscal year (FY) to begin on Oct. 1.   […]

The Cybersecurity and Infrastructure Security Agency (CISA) held its third quarter Cybersecurity Advisory Committee (CSAC) meeting on Sept. 13, where members voted to approve a number of recommendations offered by each subcommittee to the agency, including one that could result in the creation of a national cyber alert system. […]

The Cybersecurity and Infrastructure Security Agency (CISA) released its new Open Source Software Security Roadmap today that lays out the agency’s path forward to help ensure a secure open source software ecosystem within the Federal government. […]

The Cybersecurity and Infrastructure Security Agency (CISA) has released new actionable guidance that focuses on mitigating volumetric distributed denial-of-service (DDoS) attacks against government websites. […]

As the Cybersecurity and Infrastructure Security Agency (CISA) finishes up the rulemaking process for the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA), CISA Director Jen Easterly said today that trusted partnerships are vital to sharing threat information in the meantime. […]

The Cybersecurity and Infrastructure Agency (CISA) has announced on Sept 5 a “voluntary pledge” for K-12 education technology software developers and manufacturers to commit to creating products with a greater emphasis on cybersecurity built in. […]