Kevin Cox, who has led by the Cybersecurity and Infrastructure Security Agency’s (CISA) Continuous Diagnostics and Mitigation (CDM) program for the past five-plus years, will be leaving the agency later this year to take on deputy CIO duties at the Department of Justice (DoJ). […]
The Cybersecurity and Infrastructure Security Agency (CISA) has issued Emergency Directive (ED) 21-03 that requires Federal civilian departments and agencies running Pulse Connect Secure products “to assess and mitigate any anomalous activity or active exploitation detected on their networks.” […]
The Department of Energy (DoE) – with help from industry and the Cybersecurity and Infrastructure Security Agency (CISA – is kicking off a 100-day effort to improve electric infrastructure cybersecurity, the White House and DoE said today. […]
The Federal government is curtailing its “surge” response to the SolarWinds Orion and Microsoft Exchange hacks after seeing improvements in patching that have helped to remediate the impacts of the cyber attacks, the Biden administration said today. […]
As promised in President Biden’s executive order today that sanctions the Russian government for the SolarWinds Orion cyberattack and other transgressions, U.S. intelligence and law enforcement agencies published a list of five active Russian Foreign Intelligence Service cyberattack vectors that they say need network operators to defend against urgently. […]
President Biden will nominate Jen Easterly, a cyber veteran who helped stand up U.S. Cyber Command, to be the next director of the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) component, the White House announced Monday. […]
President Biden is proposing $2.1 billion of funding for the Cybersecurity and Infrastructure Security Agency (CISA), along with large scoops of cyber funding for other Federal agencies, according to the White House’s FY 2022 request for discretionary funding released today. […]
Disinformation is undoubtedly on more people’s radars – Federal IT pros included – heading into 2021 and beyond. But just because we know more about it doesn’t mean we are better prepared to face the challenge that disinformation is posing. […]
The Cybersecurity and Infrastructure Security Agency (CISA) has released finalized versions of two Trusted Internet Connections (TIC) 3.0 use cases that Federal agencies can use to advance their security postures. […]
Following a joint cybersecurity advisory warning of potential vulnerabilities in Fortinet’s cybersecurity operating system from the Federal Bureau of Investigation (FBI) and the Department of Homeland Security’s (DHS) Cybersecurity Infrastructure and Security Agency (CISA), the company is urging customers to update their software to include the latest patches. […]
Focusing on diversity and inclusion in the cybersecurity space is “paramount” to protecting the United States against cyber risks, female cyber leaders said April 6 during the Women Leaders in Cybersecurity Webinar hosted by the Cybersecurity and Infrastructure Security Agency (CISA). […]
The FBI and the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) are warning about advanced persistent threat (APT) actors exploiting a Fortinet vulnerability to gain access to government and other networks, according to an April 2 joint advisory. […]
Back in December 2019, months before the COVID-19 pandemic hit, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) released a draft document of its Trusted Internet Connections (TIC) 3.0 guidance. […]
The Cybersecurity and Infrastructure Security Agency (CISA) is partnering with the Office of the Director of National Intelligence, the Department of Defense and other entities to recognize National Supply Chain Integrity Month and promote a call to action for strengthening global supply chains. […]
Department of Homeland Security (DHS) Secretary Alejandro Mayorkas on March 31 previewed six “sprints” planned by DHS and its Cybersecurity and Infrastructure Security Agency (CISA) component throughout 2021 to bolster Federal cybersecurity across a range of areas including ransomware, industrial control system (ICS) security, and workforce development. […]
The Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) has released supplemental directions to help agencies root out and mitigate vulnerabilities in their Microsoft Exchange on-premises products. […]
The Accreditation Body (AB) in charge of the Department of Defense’s (DoD) Cybersecurity Maturity Model Certification (CMMC) program appointed Matthew Travis to serve as the body’s first CEO to oversee day-to-day operations and management. […]
The acting director of the Cybersecurity and Infrastructure Security Agency (CISA) told senators on March 18 that CISA is making efforts to complete deployment at Federal civilian agencies of the first two phases of the Continuous Diagnostics and Mitigation (CDM) program by the end of this year as part of a push to shore up Federal cybersecurity after the SolarWinds Orion hack. […]
Federal CISO Christopher DeRusha said today that new IT modernization and security funding streams stemming from the American Rescue Plan Act represent a “down payment” on extensive work that needs to be done to improve Federal agency network security. […]
The House Homeland Security Committee approved the DHS Industrial Control Systems Capabilities Enhancement Act of 2021 today. […]
Brandon Wales, acting director of the Cybersecurity and Information Security Agency (CISA) today defended the value of CISA’s EINSTEIN cyber defense program against criticism leveled by the ranking member of the Senate Homeland Security and Governmental Affairs Committee and suggested that the program be improved rather than scrapped. […]
Department of Homeland Security (DHS) Secretary Alejandro Mayorkas addressed a range of questions about the nation’s cybersecurity and spoke on how to better secure Federal networks in a March 17 House Homeland Security Committee hearing. […]
The White House said today the Federal government’s Unified Coordination Group (UCG) of intelligence and law enforcement agencies responding to the Microsoft Exchange hack now includes private sector firms. […]
The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have released new guidance on selecting a Protective Domain Name System (PDNS) provider. […]
A bipartisan group of legislators introduced has the Department of Homeland Security (DHS) Industrial Control Systems Enhancement Act of 2021. The legislation will solidify the Cybersecurity & Infrastructure Security Agency’s (CISA) lead role in protecting critical infrastructure – particularly industrial control systems (ICS) – from cyber threats. […]
James Burd has taken over the role of Chief Privacy Officer (CPO) at the Cybersecurity and Infrastructure Security Agency (CISA). […]
The Cybersecurity and Infrastructure Security Agency (CISA) needs to update its milestones and fully implement its plans related to CISA Act of 2018 in order to provide more effective cybersecurity for the United States, the Federal government’s chief watchdog agency said. […]
In the wake of the recent SolarWinds and Microsoft Exchange hacks, the Cybersecurity and Infrastructure Security Agency (CISA) is emphasizing the need to shore up supply chain integrity, adopt a zero trust security concepts mindset, and direct more resources to best address vulnerabilities. […]
The House voted today to approve the Senate’s version of President Biden’s $1.9 trillion American Rescue Plan Act – and in the process release billions of new funding for Federal IT modernization and security improvements. […]
The Cybersecurity and Infrastructure Security Agency (CISA) announced that it will begin overseeing the .gov top-level domain (TLD) in April 2021, with a mandate to enhance security for the domain which is considered critical infrastructure. […]