The U.S. government’s Zero Trust progress is paying off as organizations across the public and private sectors address Ivanti security breach risks.  […]

The Cybersecurity and Infrastructure Security Agency (CISA) issued 2024 Priorities today for its Joint Cyber Defense Collaborative (JCDC) – aligning its priorities for the first time under three focus areas to help establish resources required and strategic direction. […]

Top IT experts at the Departments of Treasury and Veterans Affairs (VA) said that the Cybersecurity and Infrastructure Security Agency’s (CISA) Joint Cyber Defense Collaborative (JCDC) program holds a lot of promise, but is “still in its infancy” with program kinks to be worked out. […]

Federal agencies have until the end of the day to shut down two widely used software products due to major cybersecurity vulnerabilities. […]

As polls across the United States begin to open for the 2024 election cycle, the Cybersecurity and Infrastructure Security Agency (CISA) is warning election officials of the role generative AI could play in threatening election infrastructure. […]

Federal agency officials are looking for more collaboration across agencies to combat cybersecurity threats fueled by relentless adversaries who are employing the latest technologies in their attacks. […]

As the 2024 presidential election draws near, Senate Intelligence Committee Chairman Mark Warner, D-Va., is looking to the Cybersecurity and Infrastructure Security Agency (CISA) to share critical information to help combat foreign election threats. […]

In joint guidance released on Jan. 17, the Cybersecurity and Infrastructure Security Agency (CISA) – alongside the FBI – is warning critical infrastructure and state, local, tribal, and territorial partners of  cybersecurity threats posed by Chinese-manufactured unmanned aircraft systems (UAS), more commonly known as drones. […]

The Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive today requiring agencies to mitigate “widespread and active exploitation” of vulnerabilities in Ivanti Connect Secure VPN and Policy Secure network access control appliances. […]

The Cybersecurity and Infrastructure Security Agency (CISA) has released nine new Industrial Control Systems (ICS) advisories that the agency says will “provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.” […]

The Cybersecurity and Infrastructure Security Agency (CISA) is looking to test the technical capabilities of teams and individuals in its fifth annual 2024 President’s Cup Cyber Competition, where teams will be pitted against each other in a competition to recognize and reward some of the very best in the cybersecurity world.’ […]

The Department of Homeland Security (DHS) is looking for information that will support the agency’s Advanced Analytics Platform For Machine Learning (CAP-M) Project – a program under development at the Cybersecurity Infrastructure Security Agency (CISA) – to support new software and tools in a multi-tenant cloud environment. […]

The Government Accountability Office (GAO) is urging the U.S. Food and Drug Administration (FDA) and the Cybersecurity and Infrastructure Security Agency (CISA) to update their five-year-old arrangement to cooperate on improving medical device cybersecurity. […]

The Cybersecurity and Infrastructure Security Agency (CISA) on Dec. 15 released the results of a January 2023 Risk and Vulnerability Assessment (RVA) performed on an unidentified organization in the Healthcare and Public Health (HPH) sector that found exploitable misconfigurations and the use of weak passwords, among other cybersecurity weaknesses. […]

The Cybersecurity and Infrastructure Security Agency (CISA) issued a formal request for information (RFI) in the Federal Register today looking for feedback on its secure-by-design software practices. […]

The Cybersecurity and Infrastructure Security Agency (CISA) said that it will begin a two-year strategic effort to modernize its approach to enterprise cyber threat information sharing in 2024 “to maximize value to our partners and keep pace with a changing threat environment.”  […]

The Cybersecurity and Infrastructure Security Agency (CISA) is pushing equipment and software manufacturers to eliminate the use of default passwords in their products. […]

The National Security Agency (NSA), the Office of the Director of National Intelligence (ODNI), and the Cybersecurity and Infrastructure Security Agency (CISA) have released a new report providing guidance on industry best practices on open source software and software bills of materials (SBOM). […]

As cyber threats continue to evolve in complexity, collaboration is more crucial than ever and serves as the “fuel” of cyber operations, according to David Carroll, associate director for mission engineering at the Cybersecurity and Infrastructure Security Agency (CISA). […]

While technology advancements are reshaping the way IT teams work together and driving organizational change across the Federal government, a top tech leader at the Office of Personnel Management (OPM) said Tuesday that a major piece of modernization for better citizen experiences is rooted in training the agency workforce in tech adoption. […]

Lawmakers and industry leaders on Tuesday highlighted ways the Cybersecurity and Infrastructure Security Agency (CISA) should seek to secure artificial intelligence (AI) technologies, starting with integrating the emerging technology into the agency’s existing cyber policies and guidelines. […]

The Cybersecurity and Infrastructure Security Agency (CISA), as part of its Secure Cloud Business Applications (SCuBA) program, released a series of nine security configuration baselines for Google Workspace today, including applications like Gmail, Google Drive, and Google Meet.  […]

The Federal government has come a long way in improving civilian agency and critical infrastructure cybersecurity over the past ten years. Central to that improvement effort is the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), which has the weighty mission of managing and reducing risk to U.S. cyber and physical infrastructure. […]

The Cybersecurity and Infrastructure Security Agency’s (CISA) Cybersecurity Advisory Committee (CSAC) voted on Dec. 5 to approve two recommendations for the agency to consider on advancing memory safe system languages (MSSL), and on further strengthening operational collaboration. […]

The Cybersecurity and Infrastructure Security Agency (CISA) – along with the National Security Agency (NSA), Environmental Protection Agency (EPA), and the Israel National Cyber Directorate (INCD) – have released a new cybersecurity advisory warning of continued Iranian-backed cybersecurity attacks aimed towards American and Israeli water and wastewater systems (WWS). […]

The Federal Cybersecurity Workforce Expansion Act has been reintroduced in the House as part of a bipartisan, bicameral effort to strengthen the nation’s cyber defenses and cybersecurity workforce by creating two new training programs within the Federal government. […]

The Cybersecurity and Infrastructure Security Agency (CISA) – in partnership with the United Kingdom’s National Cyber Security Centre (NCSC) – has released guidelines to help AI developers make informed cybersecurity decisions.  […]

The Cybersecurity and Infrastructure Security Agency (CISA) has announced it will relaunch its Cybersecurity Insurance and Data Analysis Working Group (CIDAWG) to help combat ransomware, evaluate the effectiveness of security controls, and drive down cyber risk. […]

The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI cautioned today that the LockBit ransomware gang is exploiting the Citrix Bleed security flaw in exploits against critical infrastructure sectors, according to a joint cybersecurity advisory (CSA) issued with the Multi-State Information Sharing and Analysis Center and the Australian Cyber Security Center.  […]

The Cybersecurity and Infrastructure Security Agency (CISA) has announced the launch of its new Cybersecurity Shared Services Pilot Program, which is designed to deliver cutting-edge cybersecurity shared services on a voluntary basis to critical infrastructure entities such as the healthcare, water, and K-12 education sectors. […]