Tag Archives: CISA

National Guard Officer Lt. Col. Jody Ogle Joins CISA as Cybersecurity Adviser

Lt. Col. Jody Ogle

Lt. Col. Jody Ogle, director of communications and cyber activities for the Air National Guard, has been appointed to advise the Cybersecurity and Infrastructure Security Agency (CISA) on cyber matters. Ogle was the chief information officer and J6 director for the West Virginia National Guard over a span of six years. 

Read More »

CISA Warns of Water, Wastewater Infrastructure Security Threats

Lt. Col. Jody Ogle

The Cybersecurity and Infrastructure Security Agency (CISA), the Environmental Protection Agency (EPA), the National Security Agency (NSA) and the FBI issued a joint advisory warning that threat actors are targeting hardware and software that support drinking water and wastewater infrastructure operations. In the advisory, CISA listed five cyber incidents that occurred within the water industry between March 2019 August 2021. 

Read More »

OMB Issues Endpoint Detection and Response Implementation Guidance to Federal Agencies

Supply Chain Security

The Office of Management and Budget (OMB) has issued a memorandum to guide agencies how to advance the adoption of endpoint detection and response (EDR) platforms to help facilitate the detection of cyber vulnerabilities and related threats on federal networks in accordance with the cybersecurity executive order signed in May.

Read More »

Bipartisan Senate Bill Seeks to Update FISMA

FISMA Reform Legislation

Two lawmakers serving on the Senate Homeland Security Committee have introduced a bipartisan bill that would reform a law governing information technology system protection at federal agencies. Committee Chairman Gary Peters, D-Mich., and Ranking Member Rob Portman, R-Ohio, drafted the Federal Information Security Modernization Act (FISMA) of 2021.

Read More »

Rob Joyce: Attributing Hacks Becomes More Difficult as Threat Actors Use Commercial Tools

Rob Joyce

Rob Joyce, cybersecurity director at the National Security Agency (NSA) and a previous Wash100 Award winner, said advanced persistent threat actors are using virtual private networks and other widely available commercial tools to evade detection, making it more challenging for the government to attribute cyberattacks.

Read More »

CISA, NSA Detail Considerations for Remote Access VPN Selection Via Information Sheet

Virtual Private Network

The Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) have issued an information sheet meant to help organizations understand the risks and considerations for selecting a virtual private network (VPN). NSA said adversaries can target VPN servers since they can be used as entry points into protected networks and can access VPN devices by weaponizing common vulnerabilities and exposures.

Read More »

DHS, NIST List Goals for Cyber Best Practices

Cybersecurity

The Department of Homeland Security (DHS) and the National Institutes of Standards and Technology (NIST) have jointly classified cybersecurity practices into nine categories as bases for cyber performance goals. The nine categories each have specific objectives with regard to how secure control systems are operated and deployed, NIST said Thursday.

Read More »

CISA, NSA, FBI Warn of Surge in Conti Ransomware Attacks; Eric Goldstein Quoted

Eric Goldstein

The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA) and the FBI have released an advisory saying they have observed more than 400 cyberattacks against U.S. and international organizations using Conti ransomware. NSA, CISA and FBI are recommending several measures to mitigate the risk of Conti ransomware attacks. 

Read More »

FBI, CISA, Coast Guard Report Cyber Vulnerability in Password Management Platform

Cybersecurity

The FBI, Coast Guard Cyber Command and the Cybersecurity and Infrastructure Security Agency (CISA) have jointly reported a cyber vulnerability in a self-service password management platform made by Zoho. Cyber actors capitalizing on advanced persistent threats (APT) are likely to exploit a vulnerability found in Zoho's ManageEngine ADSelfService Plus, CISA said Thursday.

Read More »

House Committee Votes to Pass $865M Funding Boost for CISA; Rep. Jim Langevin Quoted

Jim Langevin

The House of Representatives' committee on homeland security has voted to approve an amendment that adds $865 million to the Cybersecurity and Infrastructure Security Agency's funds. Rep. Bennie Thompson, D-Miss., presented the amendment to a $3.5 trillion reconciliation bill, which would boost CISA's cybersecurity funds if passed.

Read More »