Tag Archives: Cybersecurity and Infrastructure Security Agency

OMB Issues Endpoint Detection and Response Implementation Guidance to Federal Agencies

Supply Chain Security

The Office of Management and Budget (OMB) has issued a memorandum to guide agencies how to advance the adoption of endpoint detection and response (EDR) platforms to help facilitate the detection of cyber vulnerabilities and related threats on federal networks in accordance with the cybersecurity executive order signed in May.

Read More »

Rob Joyce: Attributing Hacks Becomes More Difficult as Threat Actors Use Commercial Tools

Rob Joyce

Rob Joyce, cybersecurity director at the National Security Agency (NSA) and a previous Wash100 Award winner, said advanced persistent threat actors are using virtual private networks and other widely available commercial tools to evade detection, making it more challenging for the government to attribute cyberattacks.

Read More »

CISA, NSA Detail Considerations for Remote Access VPN Selection Via Information Sheet

Virtual Private Network

The Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) have issued an information sheet meant to help organizations understand the risks and considerations for selecting a virtual private network (VPN). NSA said adversaries can target VPN servers since they can be used as entry points into protected networks and can access VPN devices by weaponizing common vulnerabilities and exposures.

Read More »

DHS, NIST List Goals for Cyber Best Practices

Cybersecurity

The Department of Homeland Security (DHS) and the National Institutes of Standards and Technology (NIST) have jointly classified cybersecurity practices into nine categories as bases for cyber performance goals. The nine categories each have specific objectives with regard to how secure control systems are operated and deployed, NIST said Thursday.

Read More »

CISA, NSA, FBI Warn of Surge in Conti Ransomware Attacks; Eric Goldstein Quoted

Eric Goldstein

The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA) and the FBI have released an advisory saying they have observed more than 400 cyberattacks against U.S. and international organizations using Conti ransomware. NSA, CISA and FBI are recommending several measures to mitigate the risk of Conti ransomware attacks. 

Read More »

CISA Unveils 2 Resources From ICT Supply Chain Risk Management Task Force

Virtual Private Network

The Cybersecurity and Infrastructure Security Agency (CISA) has announced the publication of two new resources to help mitigate threats facing the information and communications technology supply chain. The ICT SCRM Task Force is a public-private partnership sponsored by CISA’s National Risk Management Center (NRMC) and seeks to improve ICT supply chain resilience and security. 

Read More »

FBI, CISA, Coast Guard Report Cyber Vulnerability in Password Management Platform

Cybersecurity

The FBI, Coast Guard Cyber Command and the Cybersecurity and Infrastructure Security Agency (CISA) have jointly reported a cyber vulnerability in a self-service password management platform made by Zoho. Cyber actors capitalizing on advanced persistent threats (APT) are likely to exploit a vulnerability found in Zoho's ManageEngine ADSelfService Plus, CISA said Thursday.

Read More »

House Committee Votes to Pass $865M Funding Boost for CISA; Rep. Jim Langevin Quoted

Jim Langevin

The House of Representatives' committee on homeland security has voted to approve an amendment that adds $865 million to the Cybersecurity and Infrastructure Security Agency's funds. Rep. Bennie Thompson, D-Miss., presented the amendment to a $3.5 trillion reconciliation bill, which would boost CISA's cybersecurity funds if passed.

Read More »

Acting FCC Chair Jessica Rosenworcel Names Leaders, Members of New Communications Council

Jessica Rosenworcel

Jessica Rosenworcel, acting chairwoman of the Federal Communications Commission (FCC), has appointed members of a reestablished group that will recommend ways to bolster 5G security. Billy Bob Brown, executive assistant director for emergency communications at the Cybersecurity and Infrastructure Security Agency, and Nasrin Rezai, senior vice president and chief information security officer at Verizon Communications, co-chair the Communications Security, Reliability and Interoperability Council. 

Read More »

Cybersecurity Exec Kiersten Todt Named CISA Chief of Staff

Kiersten Todt

Kiersten Todt, formerly executive director of a cybersecurity commission under Barack Obama, has been appointed to serve as chief of staff at the Cybersecurity and Infrastructure Security Agency (CISA). She will lead efforts to develop plans, manage resources and establish objectives in pursuit of CISA's goals, the agency said Monday.

Read More »