Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency (CISA), said today that her agency has found no “credible” threats that would disrupt U.S. elections infrastructure. […]
The Department of Education and the Cybersecurity and Infrastructure Security Agency (CISA) need to do better in coordinating efforts to aid K-12 schools in cybersecurity, according to a recent report by the Government Accountability Office (GAO). […]
The Cybersecurity and Infrastructure Security Agency (CISA) along with the Federal Bureau of Investigation (FBI) and the Department of Health and Human Services (HHS) released a new Cybersecurity Advisory (CSA) on Oct. 21 warning about ransomware attacks by the Daixin Team hacking group. The advisory says the Daixin Team has been targeting U.S. healthcare organizations […]
The Cybersecurity and Infrastructure Security Agency (CISA) on Oct. 20 released new security configuration baseline recommendations for Microsoft 365 cloud services. […]
Sen. Jacky Rosen, D-Nev., requested information on Oct. 17 from the Department of Transportation (DoT) and the Cybersecurity and Infrastructure Security Agency (CISA) about cyberattacks that targeted the U.S. aviation sector last week. […]
With the U.S. midterm elections just around the corner and security concerns running high, a new survey finds that three-quarters of local election websites are not using the .gov domain to help boost site security and engender a higher degree of user trust. […]
Improving the cybersecurity of the water critical infrastructure sector, K-12 schools, and healthcare sector are among the top priorities for the Cybersecurity and Infrastructure Security Agency (CISA), agency Director Jen Easterly said today during Mandiant’s mWISE conference in Washington. […]
The Cybersecurity and Infrastructure Security Agency’s (CISA) Continuous Diagnostics and Mitigation (CDM) Program is helping Federal agencies to make progress on mandates in President Biden’s cybersecurity executive order to install endpoint detection and response (EDR) on their networks, a senior CISA official said. […]
Rep. Ritchie Torres, D-N.Y., asked Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly in an Oct. 14 letter for a rundown on how CISA is carrying out its outsized role as risk manager for about half of the U.S. critical infrastructure sectors designated by the Department of Homeland Security (DHS). […]
The Cybersecurity and Infrastructure Security Agency (CISA) is chalking up two significant milestone victories in its ongoing campaign to help Federal agencies put into action recent cybersecurity improvement mandates. […]
The Cybersecurity and Infrastructure Security Agency (CISA) has selected Mona Harrington to be the assistant director for the agency’s National Risk Management Center (NRMC), a position she has been serving on a temporary basis since March. […]
The Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) released an advisory this week detailing how multiple nation-state hacking groups potentially targeted a Defense Industrial Base (DIB) sector organization’s enterprise network as part of a cyber espionage campaign. […]
In a public service announcement (PSA) issued Oct. 4., the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) said they believe that “any attempts by cyber actors to compromise election infrastructure are unlikely to result in largescale disruptions or prevent voting.” […]
Federal officials urged state and local government and education leaders this week to focus on some of the Federal government’s top existing resources in the fight against ransomware attacks – including one principle that’s easy to say but harder to do – don’t meet ransom demands. […]
The Cybersecurity and Infrastructure Security Agency (CISA) has opened their annual, voluntary cybersecurity assessment for state, local, tribal, and territorial (SLTT) entities across the nation and aims to provide a broad picture of the current cybersecurity gaps and capabilities. […]
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a binding operational directive (BOD) that sets baseline requirements for Federal civilian agencies to identify assets and vulnerabilities on their networks, and to provide data to CISA on those assets and on vulnerability detection. […]
President Biden has declared October 2022 as Cybersecurity Awareness Month – making it the 19th consecutive year of that designation. […]
By Melissa Trace, VP, Global Government Solutions at Forescout As we approach the upcoming midterm elections, U.S. officials are on high alert for bad actors looking to target election networks and devices. Both state and non-state threat actors view our nation’s democratic processes as threats against their beliefs and see disrupting our upcoming election as […]
The Cybersecurity and Infrastructure Security Agency (CISA) announced this week that its Protective Domain Name System (DNS) – the agency’s latest shared service offering – is available to all Federal civilian agencies to enhance their cyber defenses. […]
The Senate Homeland Security and Governmental Affairs Committee on September 28 approved by voice vote the Securing Open Source Software Act, which aims to put more Federal government muscle behind protecting open source software following the emergence of the Log4J vulnerability late last year. […]
The Senate Homeland Security and Governmental Affairs Committee on Sept. 28 voted to approve legislation that would authorize the Cybersecurity and Infrastructure Security Agency (CISA) to undertake and fund a new initiative to provide industrial control systems (ICS) security training. […]
The Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) released a new cybersecurity advisory on September 22 to help owners and operators of critical infrastructure better protect operational technology (OT) and industrial control systems (ICS) assets from the increasing probability of cyberattacks. […]
The Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) released a joint Cybersecurity Advisory on Sept. 21 that revealed Iranian hackers had access to the Albanian government’s network about 14 months before launching the destructive July cyberattack. […]
The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have published a report that details some of the security concerns of Open Radio Access Network (Open RAN), as well as some of the ways to mitigate such concerns. […]
The Federal government’s Joint Ransomware Task Force (JRTF) kicked off its inaugural meeting with a discussion of new initiatives to collaborate with state, local, tribal, and territorial entities to protect against ransomware intrusions and disrupt malicious actors, according to a September 14 press release from the Cybersecurity and Infrastructure Security Agency (CISA). […]
The Cybersecurity and Infrastructure Security Agency (CISA) is working closely with industry and the National Institute of Standards and Technology (NIST) to finalize its cyber performance goals, an agency official told lawmakers on September 15. […]
Reps. Jason Crow, D-Colo., and Brian Fitzpatrick, R-Pa., on September 13 introduced bipartisan legislation to protect Americans’ healthcare data from cyberattacks. […]
A Federal advisory committee this week approved a set of recommendations to help the Cybersecurity and Infrastructure Security Agency (CISA) protect critical infrastructure, even as the panel criticized some of the government’s current efforts to do so as unfocused and lacking clear national goals. […]
The Cybersecurity and Infrastructure Security Agency (CISA), along with its partners, released a Cybersecurity Advisory (CSA) on Sept. 14 to warn agencies about continued malicious cyber activity from actors affiliated with the Iranian Government’s Islamic Revolutionary Guard Corps (IRGC). […]
The Cybersecurity and Infrastructure Security Agency (CISA) has issued its strategic plan for 2023 to 2025, setting forth four main goals of cyber defense, risk reduction and resilience, operational collaboration, and agency unification. […]