The Cybersecurity and Infrastructure Security Agency’s (CISA) new Cyber Supply Chain Risk Management (C-SCRM) Office is in the process of developing training and maturity models for Federal agencies, with an eye of releasing these resources in the new fiscal year (FY) to begin on Oct. 1. […]
Tags
CISA
The Cybersecurity and Infrastructure Security Agency (CISA) held its third quarter Cybersecurity Advisory Committee (CSAC) meeting on Sept. 13, where members voted to approve a number of recommendations offered by each subcommittee to the agency, including one that could result in the creation of a national cyber alert system. […]
The Cybersecurity and Infrastructure Security Agency (CISA) released its new Open Source Software Security Roadmap today that lays out the agency’s path forward to help ensure a secure open source software ecosystem within the Federal government. […]
The Cybersecurity and Infrastructure Security Agency (CISA) has released new actionable guidance that focuses on mitigating volumetric distributed denial-of-service (DDoS) attacks against government websites. […]
As the Cybersecurity and Infrastructure Security Agency (CISA) finishes up the rulemaking process for the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA), CISA Director Jen Easterly said today that trusted partnerships are vital to sharing threat information in the meantime. […]
The Cybersecurity and Infrastructure Agency (CISA) has announced on Sept 5 a “voluntary pledge” for K-12 education technology software developers and manufacturers to commit to creating products with a greater emphasis on cybersecurity built in. […]
Rep. Andrew Garbarino, R-N.Y., is asking the Cybersecurity and Infrastructure Security Agency (CISA) to provide some clarity on its partnerships in the critical infrastructure sectors. […]
Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly called on Congress today to reauthorize the Chemical Facility Anti-Terrorism Standards (CFATS) program – which the cybersecurity chief said has resulted in improving the security posture of high-risk facilities by 60 percent. […]
The Cybersecurity and Infrastructure Security Agency (CISA) reported that its Vulnerability Disclosure Policy (VDP) platform has helped agencies uncover and address more than 1,000 bugs through December 2022. […]
It has officially been two years this week since Robert Costello joined the Cybersecurity and Infrastructure Security Agency (CISA) as its chief information officer (CIO) and pledged to make workplace culture one of his top priorities. […]
The Federal government needs to be proactive in shoring up its defenses in order to better ward off cyberattacks, and cybersecurity experts this week said that sharing data across organizations is a great place to start. […]
Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly announced this week that the agency’s workforce has expanded to 3,160 employees, after the agency made more than 1,300 new hire over the past two years. […]
As part of its broad efforts to foster a secure-by-design and -default technology ecosystem, the Cybersecurity and Infrastructure Security Agency (CISA) called on AI software makers last week to build security into systems from the outset. […]
The Cybersecurity and Infrastructure Security Agency (CISA) – alongside the National Security Agency (NSA) and National Institute of Standards and Technology (NIST) – released a joint factsheet today encouraging early planning for migration to post-quantum cryptographic standards by developing a Quantum-Readiness Roadmap. “Quantum-Readiness: Migration to Post-Quantum Cryptography” is urging organizations – especially those that support critical infrastructure […]
The Cybersecurity and Infrastructure Security Agency (CISA) is looking to change the technology ecosystem through its secure-by-design and -default guidelines, and CISA officials explained the agency’s plan to foster this ecosystem at the Black Hat USA Conference in Las Vegas last week. […]
The Cybersecurity and Infrastructure Security Agency’s (CISA) Joint Cyber Defense Collaborative (JCDC) today published the Cyber Defense Plan for Remote Monitoring and Management (RMM), making it the first-ever plan developed by industry and government partners through the JCDC. […]
The Cybersecurity and Infrastructure Security Agency (CISA) has led a handful of identity security initiatives over the past year, and, according to a CISA official, is closing in on finalized guidance on recommended cybersecurity configuration baselines for select cloud products – like Microsoft 365 and Google Workspace. […]
The Cybersecurity and Infrastructure Security Agency (CISA) is launching a new program that will collect information to provide tailored technical assistance, services, and resources to critical infrastructure (CI) organizations and state, local, Tribal, and territorial (SLTT) governments. […]
The head of the Cybersecurity and Infrastructure Security Agency (CISA) said this week that the United States needs to take a page out of Ukraine’s cyber playbook and build more resiliency into its critical infrastructure now. […]
The Cybersecurity and Infrastructure Security Agency (CISA) is looking to utilize AI capabilities to keep Americans safe from cyber threats and bolster the nation’s cyber defense, CISA Director Jen Easterly said this week. […]
Faced with increasing cyberattacks on K-12 schools, the Biden-Harris administration today unveiled several government actions to help bolster their cyber defenses, along with numerous commitments from private-sector organizations that aim for the same result. […]
The Cybersecurity and Infrastructure Security Agency (CISA) today debuted its cyber plan for the next three years, noting that the agency’s planning document builds on the White House’s National Cybersecurity Strategy released earlier this year. […]
The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), the FBI, and international cybersecurity agencies issued a joint cybersecurity advisory on August 3 warning organizations of common vulnerabilities and exposures (CVEs) that were frequently exploited by malicious actors in 2022. […]
The Cybersecurity and Infrastructure Security Agency (CISA) released the latest version of its Risk and Vulnerability Assessments (RVA) report, which found that threat actors had the most attack success through “common methods” such as phishing techniques in fiscal year (FY) 2022. […]
The Cybersecurity and Infrastructure Security Agency (CISA) is planning to hold a virtual industry day event on August 15 to discuss its Joint Collaborative Environment (JCE) – a recently established effort that aims to enhance CISA’s industry partnerships and enrich cyber threat data. […]
Microsoft cloud service customers will now have access to expanded cloud logging capabilities at no additional cost, thanks to a new collaborative partnership announced today between the tech company and the Cybersecurity and Infrastructure Security Agency (CISA). […]
The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) released new guidance on July 17 that provides recommendations to protect against threats to 5G standalone network slicing. […]
The Cybersecurity and Infrastructure Security Agency (CISA) is rolling out its Joint Collaborative Environment (JCE) project in an effort to enhance its industry partnerships and enrich its cyber threat data. […]
Microsoft said late Tuesday that it took action in recent weeks to mitigate China-based cyberattacks that exposed email account information of government agencies and other organizations, along with customer accounts of people tied to those agencies and organizations. […]
The Cybersecurity and Infrastructure Security Agency (CISA) said the agency is surpassing its own target for the rate at which Federal agencies are using automated Continuous Diagnostics and Mitigation (CDM) program reporting. […]