Cybersecurity
Federal cyber operations face challenges as government shutdown looms
The Cybersecurity and Infrastructure Security Agency will retain about one-sixth of its workforce in the event of a partial government shutdown, according to its current plan.
Cybersecurity
CISA’s new roadmap aims to fortify open source software security
The nation’s cyber defense agency wants to play a key role in hardening the broader open source software security ecosystem.
Cybersecurity
Amid shutdown anxiety, federal agencies are running up against an IT security deadline
While budget negotiations play out on Capitol Hill, federal agency CIOs are also on the clock to ensure the bulk of their information technology is reported through the CDM program.
Cybersecurity
CISA plans new 'secure-by-design' guidance
The nation’s cyber defense agency is continuing to drive a major effort to shift security responsibilities from users to software providers.
Cybersecurity
CISA seeks vendor commitments to boost cybersecurity in K-12 schools
The nation’s cyber defense agency is building onto White House efforts to secure schools' systems nationwide with the help of major education software companies.
Cybersecurity
Russian cyber group unleashes new malware campaign on Ukrainian military targets
A new report says a cyber threat actor within Russia’s military intelligence service leveraged a novel malware campaign targeting Android devices used by the Ukrainian military.
Cybersecurity
More than 1,000 federal system flaws fixed via CISA's bug reporting platform
The nation’s cyber defense agency is scaling up a key program that gives federal agencies a chance to remediate vulnerabilities before they can be exploited.
Cybersecurity
New bill would require all federal contractors to develop vulnerability disclosure policies
The Federal Cybersecurity Vulnerability Reduction Act aims to establish standardized vulnerability disclosure policies across all federal contractors.
People
CISA director touts hiring progress
The agency’s culture has been key to its hiring successes, Jen Easterly says.
Emerging Tech
New post-quantum cryptography guidance offers first steps toward migration
Several agencies partnered to release the first federal recommendations for organizations to begin upgrading their networks and systems to quantum cryptography-resilient security schemes.
Cybersecurity
CISA prioritizing on-site K-12 cybersecurity reviews this school year
The nation’s cyber defense agency is aiming to work with schools “where they’re at instead of where they should be.”
Ideas
4 ways the defense spending bill could have addressed AI, other issues to boost cybersecurity
COMMENTARY | The Senate's version of the fiscal 2024 National Defense Authorization Act does address some important cybersecurity issues, but it may have missed opportunities to expand collaboration and tackle emerging technology challenges.
Cybersecurity
CISA conducts largest annual election security drills amid threats targeting voting systems
The nation’s cyber defense agency hosted a three-day election security exercise with state, local and federal officials ahead of the 2024 race.
Cybersecurity
New CISA guidance looks to guard against supply chain hacks
The Cybersecurity and Infrastructure Security Agency advocates constant communication and education as cyber threat mitigative measures.
Cybersecurity
New bill aims to address private sector cyber risks to FEMA operations
A proposed amendment to the Homeland Security Act would task FEMA and the Cybersecurity and Infrastructure Security Agency to work with private entities to ensure digital risks to agency operations are mitigated.
Cybersecurity
DHS cyber review board to examine China-linked cyberattacks of Microsoft
The Cyber Safety Review Board will assess how a hacking group reportedly linked to China leveraged a vulnerability in Microsoft Exchange Online to access government emails.
Cybersecurity
White House looks to shore up open source software security
The Office of the National Cyber Director wants software providers to "contribute back to the security of the open source software they depend upon."
Ideas
The future of CDM is in data governance, proactive threat detection
COMMENTARY: The Continuous Diagnostics and Mitigation program has helped to greatly fill in cyber gaps for agencies, but there is always more work to be done.
Cybersecurity
CISA unveils plan to measure cybersecurity success
The Cybersecurity and Infrastructure Security Agency's 2024-2026 cybersecurity roadmap focuses on public-private partnerships and using metrics to gauge the effectiveness of cybersecurity measures.
Cybersecurity