Sean Connelly, who has been long been a prime mover on zero trust and other security policies for the Cybersecurity and Infrastructure Security Agency (CISA), will soon be leaving Federal government service to join cloud security provider Zscaler, the company confirmed to MeriTalk. […]

The Cybersecurity and Infrastructure Security Agency (CISA) publicly issued an emergency directive today calling on Federal agencies to take immediate action to reset authentication credentials following a breach of Microsoft corporate email accounts by Russian state-sponsored cyber actor Midnight Blizzard. […]

The Cybersecurity and Infrastructure Security Agency (CISA) is well on its way to implementing new cloud and IT environments that the agency has been working on for the past two years, a top agency tech official said this week. […]

Matt House, who runs the Cybersecurity and Infrastructure Security Agency’s (CISA) Continuous Diagnostics and Mitigation (CDM) program, previewed today that his office is working on an effort to better explain how the CDM program supports the Federal government’s push toward zero trust security architectures, and specifically the Zero Trust Maturity Model (ZTMM) that CISA last updated in April 2023. […]

The Cybersecurity and Infrastructure Security Agency (CISA) published a new dedicated High-Risk Communities webpage today with a range of cybersecurity resources for civil society organizations and other high-risk communities. […]

The Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) published its long-awaited cyber incident reporting rule today for the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA), requesting public input on the forthcoming regulations. […]

In response to the evolving threat environment, the Cybersecurity and Infrastructure Security Agency (CISA) is looking to better coordinate cybersecurity operations across the Federal government through a newly released Federal Operational Cyber Alignment Plan, or FOCAL. […]

The Cybersecurity and Infrastructure Security Agency (CISA) announced on March 18 the availability of the Repository for Software Attestation and Artifacts that software developers can use to share software attestation forms and relevant artifacts. […]

The Cybersecurity and Infrastructure Security Agency (CISA) has released new guidance to help deal with identity management capabilities when transitioning from on-premises enterprise networks to cloud-based solutions. […]

The Biden-Harris administration approved a secure software development attestation form on Monday, taking a crucial step towards ensuring Federal contractors provide secure products to the Federal government. […]

The Federal government should provide economic incentives such as tax deductions or Federal grants to critical infrastructure providers and other organizations that adopt cybersecurity best practices, the National Security Telecommunications Advisory Committee (NSTAC) said in a March 7 report. […]

The Cybersecurity and Infrastructure Security Agency (CISA) has announced three initial key actions to help secure the open source ecosystem upon the conclusion of its two-day Open Source Software (OSS) Security Summit this week. […]

The Cybersecurity and Infrastructure Security Agency (CISA) is undergoing a large-scale modernization process with plans to migrate the majority of its legacy IT systems to a brand-new “greenfield solution” later this year, according to CISA Chief Information Officer (CIO) Robert (Bob) Costello. […]

The Cybersecurity and Infrastructure Security Agency (CISA), along with the FBI and international partners, released a cybersecurity advisory (CSA) today to warn about the ongoing exploitation of multiple vulnerabilities within the Ivanti Connect Secure and Ivanti Policy Secure gateways. […]

Government agencies and private sector firms need to boost their cybersecurity capabilities to keep pace with increasing threats and should turn to AI and quantum computing for help in pursuing that goal, Federal cybersecurity experts said today at the Visualyze Zero Trust Security Summit hosted by MeriTalk and Gigamon in Washington, D.C […]

The Cybersecurity and Infrastructure Security Agency (CISA) – along with the UK National Cyber Security Centre (NCSC) and other international partners – has released a joint advisory warning of tactics and techniques used by alleged Russian Foreign Intelligence Service (SVR) hackers to infiltrate cloud systems. […]

The Cybersecurity and Infrastructure Security Agency (CISA) has given its Information and Communications Technology (ICT) Supply Chain Risk Management (SCRM) Task Force another two-year term to continue its work on creating solutions for managing global ICT supply chain risk. […]

The Cybersecurity and Infrastructure Security Agency (CISA) is moving to consolidate disparate zero trust security policy functions into a new single office at the agency. […]

The Cybersecurity and Infrastructure Security Agency (CISA) issued 2024 Priorities today for its Joint Cyber Defense Collaborative (JCDC) – aligning its priorities for the first time under three focus areas to help establish resources required and strategic direction. […]

As polls across the United States begin to open for the 2024 election cycle, the Cybersecurity and Infrastructure Security Agency (CISA) is warning election officials of the role generative AI could play in threatening election infrastructure. […]

The Cybersecurity and Infrastructure Security Agency (CISA) has released nine new Industrial Control Systems (ICS) advisories that the agency says will “provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS.” […]

The Cybersecurity and Infrastructure Security Agency (CISA) is looking to test the technical capabilities of teams and individuals in its fifth annual 2024 President’s Cup Cyber Competition, where teams will be pitted against each other in a competition to recognize and reward some of the very best in the cybersecurity world.’ […]

The Department of Homeland Security (DHS) is looking for information that will support the agency’s Advanced Analytics Platform For Machine Learning (CAP-M) Project – a program under development at the Cybersecurity Infrastructure Security Agency (CISA) – to support new software and tools in a multi-tenant cloud environment. […]

The Cybersecurity and Infrastructure Security Agency (CISA) on Dec. 15 released the results of a January 2023 Risk and Vulnerability Assessment (RVA) performed on an unidentified organization in the Healthcare and Public Health (HPH) sector that found exploitable misconfigurations and the use of weak passwords, among other cybersecurity weaknesses. […]

The Cybersecurity and Infrastructure Security Agency (CISA) issued a formal request for information (RFI) in the Federal Register today looking for feedback on its secure-by-design software practices. […]

The Cybersecurity and Infrastructure Security Agency (CISA) is pushing equipment and software manufacturers to eliminate the use of default passwords in their products. […]

The National Security Agency (NSA), the Office of the Director of National Intelligence (ODNI), and the Cybersecurity and Infrastructure Security Agency (CISA) have released a new report providing guidance on industry best practices on open source software and software bills of materials (SBOM). […]

As cyber threats continue to evolve in complexity, collaboration is more crucial than ever and serves as the “fuel” of cyber operations, according to David Carroll, associate director for mission engineering at the Cybersecurity and Infrastructure Security Agency (CISA). […]

Lawmakers and industry leaders on Tuesday highlighted ways the Cybersecurity and Infrastructure Security Agency (CISA) should seek to secure artificial intelligence (AI) technologies, starting with integrating the emerging technology into the agency’s existing cyber policies and guidelines. […]

The Federal government has come a long way in improving civilian agency and critical infrastructure cybersecurity over the past ten years. Central to that improvement effort is the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), which has the weighty mission of managing and reducing risk to U.S. cyber and physical infrastructure. […]