CISA

Federal vision to streamline cyber incident reporting expected this summer

The Cyber Incident Reporting Council will issue a report to Congress "in the next month or two" with recommendations on ways to achieve harmony across a complex network of federal cyber mandates. 

  • By Chris Riotta

CISA is growing up, CIO says

CISA's Bob Costello talks top priorities, challenges and growing pains and progress for a CIO office in a relatively young federal agency.

  • By Natalie Alms

CISA: 'Multiple threat actors' used old exploit to access federal agency servers

At least two groups tried to exploit the vulnerability to get deeper into the agency’s networks, including a Vietnamese criminal gang.

  • By Aaron Boyd

CISA teases industry day for operational strategy support

The cybersecurity agency is planning to field a multiple award schedule contract for consultant services to help shape its operational strategy.

  • By Carten Cordell

White House looks to shore up public trust in government websites

Federal agencies need to use 'memorable' and succinct domain names for government websites, per guidance issued on Wednesday.

  • By Chris Riotta

Hackers used legit remote monitoring software to hack agency networks

Guidance from the National Security Agency and the Cybersecurity and Infrastructure Security Agency describe a phishing attack on a federal employee that used fake help desk domains to gain access to at least two federal civilian executive branch networks.

  • By Carten Cordell

CISA, NSA and industry outline security responsibilities of software suppliers

New guidance from the federal agencies—and major companies serving the government—tries to distinguish between the security duties of software developers, suppliers and consumers.

  • By Mariam Baksh

CDM team helped define cyber directives

Governmentwide cyber hygiene orders are increasingly taking into account the capabilities of Continuous Diagnostics and Mitigation tools.

  • By Adam Mazmanian

CISA sets voluntary cyber performance targets for critical infrastructure

A new set of documents and resources from the agency is designed to help critical infrastructure operators manage the basics of cybersecurity.

  • By Chris Riotta

CISA seeks feedback on baseline measures to secure cloud configuration

Initial baselines address Microsoft services, and baselines for configuring rival services from Google are up next. 

  • By Mariam Baksh

CISA orders agencies to conduct weekly scans of networks and digital assets

The Cybersecurity and Infrastructure Security Agency is taking a major step towards increasing its visibility into the risks facing federal networks.

  • By Chris Riotta

CISA launches DNS resolution shared service

The nation's cyber defense agency is launching a new shared service offering for all federal civilian agencies to bolster governmentwide cybersecurity and help thwart emerging internet traffic threats.

  • By Chris Riotta

CISA warns critical infrastructure to prepare for mass post-quantum systems migration

Quantum computing is the latest frontier in technological innovation, and its hacking potential has regulators advising companies to begin to safeguard their networks. 

  • By Alexandra Kelley

CISA's cyber info sharing program didn't always deliver, watchdog says

The Cybersecurity and Infrastructure Security Agency did not always provide more than 300 participants of a public-private cyber threat partnership with actionable information to address potential vulnerabilities, according to an oversight report.

  • By Chris Riotta
Featured eBooks

Cyber Safety Review Board staffs up

The chair of the Cyber Safety Review Board has ambitious goals for the organization following its public review of the Log4j software vulnerability.

  • By Chris Riotta

Former CISA chief wants a new, cross-cutting new agency to lead federal cyber

Chris Krebs wants to establish a new agency to focus on privacy, data and cyber risks facing the U.S., or to pull the Cybersecurity and Infrastructure Security Agency from under the Department of Homeland Security.

  • By Chris Riotta

Misinformation campaigns and threats are undermining confidence in U.S. elections, official says

CISA is ramping up efforts to defend voting systems from outside intrusion, but the spread of online misinformation and threats against election officials still damage faith in the electoral process.

  • By Edward Graham

CISA’s first international office set to open later this month in London

CISA’s planned international attaché office will help promote the agency’s first-ever global strategy announced last year.

  • By Chris Riotta

CISA expands Joint Cyber Defense Collaborative

The JCDC is gaining over a dozen new experts focused on enhancing the cybersecurity posture for industrial control systems and operational technology as CISA ramps up security efforts around critical infrastructure.

  • By Chris Riotta

CISA releases finalized IPv6 guidance for agencies

The network guidance document is years in the making.

  • By Frank Konkel

NSA to get binding operational directive authority under new cyber policy

A new memo signed by President Biden outlines how the May 2021 executive order on cybersecurity applies to national security systems.

  • By Adam Mazmanian