Tag Archives: Cybersecurity and Infrastructure Security Agency

Senate Bill Would Require CISA to Help Companies With Industrial Control System Security

Industrial Control System

A bipartisan group of four senators has introduced legislation that would mandate the Cybersecurity and Infrastructure Security Agency (CISA) to provide companies technical assistance to identify and fix vulnerabilities in systems used to manage industrial operations. Sens. Mark Rubio, R-Fla.; Gary Peters, D-Mich.; Rob Portman, R-Ohio; and Mark Warner, D-Va. and three-time Wash100 Award winner, are the bill's sponsors.

Read More »

Government Website to Serve as One-Stop Hub for Ransomware Resources; DHS Secretary Alejandro Mayorkas Quoted

Alejandro Mayorkas

The departments of Justice (DOJ) and Homeland Security (DHS) have unveiled a new website to serve as a central hub of federal cybersecurity resources to help U.S. companies and public sector organizations protect their networks from ransomware attacks. Attorney General Merrick Garland said DOJ is working to bring all tools to counter ransomware attacks through the Ransomware and Digital Extortion Task Force.

Read More »

Senate Unanimously Approves Jen Easterly as CISA Director; DHS Secretary Alejandro Mayorkas Quoted

Jen Easterly

Jen Easterly, President Joe Biden's nominee for the director position at the Cybersecurity and Infrastructure Security Agency (CISA), was confirmed in a unanimous Senate vote Monday. Homeland Security Secretary Alejandro Mayorkas, a 2021 Wash100 Award winner, described Easterly as a cybersecurity professional with military, civil service and industry experience and noted that they will work together in efforts to address urgent cyber and physical threats to critical U.S. infrastructure.

Read More »

CISA Rolls Out Three Mobile Security Tools; Vincent Sritapan Quoted

Vincent Sritapan

The Cybersecurity and Infrastructure Security Agency's (CISA) shared services program is launching three tools designed to bolster the security of government-issued smartphones and other mobile devices. Vincent Sritapan, who leads CISA's Cybersecurity Quality Services Management Office (QSMO), said their latest tools include shared services for mobile application vetting (MAV).

Read More »

NIST Seeks to Improve Software Supply Chain Security With Two Guidelines

Supply Chain Security

The National Institute of Standard and Technology (NIST) has issued two documents meant to improve the integrity and security of the software supply chain in accordance with an executive order seeking to strengthen U.S. cybersecurity. NIST developed the two documents by hosting virtual workshops and seeking position papers to seek feedback and insights from the public.

Read More »

FBI Works With CISA to Respond to Kesaya Ransomware Attack

Industrial Control System

The FBI has called on organizations to follow Kaseya’s guidance and perform all recommended mitigation measures as it continues to coordinate with the Cybersecurity and Infrastructure Security Agency (CISA) in response to a ransomware attack against managed service providers and their clients involving a vulnerability in Kaseya VSA software.

Read More »

Joint Advisory Sheds Light on Russian Intell Agency’s Brute Force Cyber Campaign

NSA-CISA-FBI-UK NCSC

The FBI, National Security Agency, Cybersecurity and Infrastructure Security Agency and the U.K. government’s national cybersecurity center have issued a joint advisory on a brute force campaign by Russian military intelligence against U.S. and foreign organizations. The brute force capability enables threat actors to gain access to email and other protected data and identify valid account credentials through password guessing and other extensive login attempts.

Read More »

CISA’s Matt Hartman: Government Agencies Commence Zero Trust Planning

Matt Hartman

Matt Hartman, deputy executive assistant director at the Cybersecurity and Infrastructure Security Agency (CISA), said many federal agencies are now developing zero trust implementation plans to align with President Biden's executive order on cybersecurity. "It's important to consider that many of these tasks [in the executive order] are sprints to develop strategies," he said.

Read More »

New Bipartisan Bill Aims to Bolster Federal Cyber Workforce; Sen. Maggie Hassan Quoted

Sen. Maggie Hassan

Sen. Maggie Hassan, D-N.H., and John Cornyn, R-Texas, have presented a bill that aims to fortify the federal government's workforce of cyber professionals. The Federal Cybersecurity Workforce Expansion Act would establish two cyber training programs: one with the Cybersecurity and Infrastructure Security Agency (CISA) and the other with the Department of Veterans Affairs (VA). 

Read More »

CISA Lists First Entries in Catalog of ‘Bad’ Cyber Practices

Cybersecurity and

The Cybersecurity and Infrastructure Security Agency (CISA) is working on a catalog of bad cyber practices that pose risks to organizations supporting critical infrastructure and national critical functions. The agency described the first two listed practices as “egregious in internet-accessible technologies.” The agency’s move comes in response to recent cyberattacks on critical infrastructure.

Read More »