Cybersecurity
CISA orders agencies to patch and replace end-of-life devices, citing active exploitation
The directive gives agencies three months to identify unsupported edge devices, a year to begin removing them and 18 months to eliminate them entirely.
Cybersecurity
AI info-sharing center is in development, CISA official says
CISA’s Nick Andersen told reporters that he didn’t know of a completion timeline, but talks were ongoing across government and industry.
Cybersecurity
CISA to cease participation at RSAC conference after Biden-era cyber leader named CEO
The decision, which has been in motion over the last week, highlights the Trump administration’s push to strictly control how current officials participate in industry events linked to former senior leaders now under White House scrutiny.
Cybersecurity
Democrats press CISA’s acting chief over major staffing cuts
Madhu Gottumukkala also faced questions about a reported failed polygraph exam and attempts to reassign the agency’s chief information officer.
People
CISA budget bill would require agency to maintain ‘sufficient’ staffing levels
The congressional justification diverges from steps taken last year to curb the agency’s workforce and election security footprint.
People
Trump officials consider skipping premier cyber conference after Biden-era cyber leader named CEO
Jen Easterly, who led the Cybersecurity and Infrastructure Security Agency under Biden, was named CEO of RSAC Conference Thursday.
People
Trump renominates Plankey to lead CISA
The cyberdefense agency has been without a permanent director for the past year.
Cybersecurity
Senate adjourns without confirming CISA director
Sean Plankey’s nomination faltered as lawmakers ran out the clock after a tumultuous year of workforce reductions. The cyberdefense agency enters the new year without a permanent leader as the White House finalizes a sweeping national cyber strategy.
People
CISA opens 100 applications for CyberCorps students
Earlier hiring snags had forced the scholarship program to pause recruitment of top student talent for cyber jobs.
Cybersecurity
Rep. Garbarino ‘disappointed’ Senate hasn’t approved Trump’s CISA nominee
The House Homeland Security Committee chairman also questioned a recent FCC vote to reverse telecom security rules put in place after a major Chinese cyber intrusion.
People
DHS, cyber industry mobilize to get CISA director nominee confirmed
“It’s a national security risk to not have him,” said a current U.S. official.
Cybersecurity
China is using advanced ‘Brickstorm’ malware against government and IT orgs, US assesses
The malware was detected in the recently disclosed breach of F5, an application delivery and security provider.
Cybersecurity
CISA tells staff to not speak with reporters, internal email shows
“CISA does not comment on leaked internal emails, especially when they’re about leaking internal emails,” CISA Director of Public Affairs Marci McCarthy told Nextgov/FCW when asked for comment.
Cybersecurity
Dem lawmakers renew calls for release of delayed telecom security report
In a letter to DHS and ODNI, Sens. Ron Wyden of Oregon and Mark Warner of Virginia said the release of a 2022 report detailing cyber vulnerabilities in the U.S. telecommunications sector is “critically important to U.S. national security.”
People
DHS says shutdown layoffs at CISA will proceed despite court injunction
The cybersecurity agency says it has complied with the court’s order because the firing of 54 people in its Stakeholder Engagement Division was planned beforehand and doesn’t affect unionized employees.
People
Top CISA official exits for TSA role amid recent cyber office reductions
Ryan Donaghy had served at CISA since 2016. It’s not clear if she was voluntarily moved to TSA or was given transfer orders.
Cybersecurity
US cyber policy goals have regressed during Trump 2.0 in ‘unprecedented setback,’ landmark report says
Cuts to various agencies and the politicization of disinfo-tracking work have slowed implementation goals set out five years ago by a congressionally authorized cybersecurity policy group.
Exclusive
Cybersecurity
House Democrats want answers on CISA reassignments to border security, immigration roles
A letter led by Rep. James Walkinshaw, D-Va., argues DHS violated the Antideficiency Act when it conducted a reduction in force during the government shutdown.
Cybersecurity
CISA orders government to patch F5 products after ‘nation-state’ cyber intrusion
“This cyber threat actor presents an imminent threat to federal networks using F5 devices and software,” CISA’s directive says. China-linked hackers previously exploited F5 vulnerabilities.
Cybersecurity