Cybersecurity

The Cybersecurity and Infrastructure Security Agency and the Federal Bureau of Investigation have jointly released a Secure by Design Alert titled "Eliminating Directory Traversal Vulnerabilities in Software." CISA said Thursday...

The Department of Defense has released a Defense Federal Acquisition Regulation Supplement class deviation concerning cybersecurity standards for covered contractor information platforms. DOD said Thursday the class deviation seeks to...

The Government Accountability Office has recommended that NASA develop a plan to incorporate cybersecurity principles and best practices into its spacecraft acquisition policies and standards to ensure that its space...

U.S. agencies and those from allied countries have released a fact sheet titled "Defending OT Operations Against Ongoing Pro-Russia Hacktivist Activity" to warn critical infrastructure organizations regarding recent cyber operations...

The Defense Information Systems Agency has revealed a new strategic plan identifying the agency’s priorities for fiscal years 2025-2029. The strategy, titled DISA Next, includes a wide range of objectives for...

Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency and a 2024 Wash100 awardee, said the president’s proposed fiscal year 2025 budget of $3.01 billion for CISA includes $470...

National Cyber Director Harry Coker Jr. announced at a recent White House event the intent of the federal government to transition by summer the Information Technology Management job series —...

The Department of the Treasury’s Federal Insurance Office and the National Science Foundation have partnered to form a new research center that will provide research, thought leadership and analysis support...

The Department of Defense is requesting proposals from industry sources capable of providing a joint cyber hunt kit prototype designed to conduct hunt operations on defense networks. The Defense Innovation...

The Cybersecurity and Infrastructure Security Agency completed 1,754 notifications to critical infrastructure organizations in calendar year 2023 through its Ransomware Vulnerability Warning Pilot program. Launched in March 2023, the RVWP...