The National Security Agency and the Cybersecurity and Infrastructure Security Agency jointly released an information sheet recommending security best practices for organizations with Continuous Integration/Continuous Delivery coding platforms. The guidance was published
MoreThe Cybersecurity and Infrastructure Security Agency has published the Extensible Visibility Reference Framework Guidebook to help public and private organizations strengthen the defenses of their cloud-based services. CISA on Tuesday also released
More by Jamie Bennet
The Cybersecurity and Infrastructure Security Agency has appointed two associate directors to spearhead its cybersecurity division’s China and mission engineering operations. Eric Goldstein, executive assistant director for cybersecurity at CISA, said in
More by Jamie Bennet
The Federal Risk and Authorization Management Program has recommended that cloud service providers review the Cybersecurity and Infrastructure Security Agency’s latest binding operational directive to mitigate risks from misconfigured management interfaces. BOD
More by Naomi Cooper
The Cybersecurity and Infrastructure Security Agency warned that the Russian CL0P Ransomware Gang has attacked several U.S. federal agencies that use the managed transfer file application MOVEit, CNN reported Thursday. The global
More by Jamie Bennet
The National Security Agency and the Cybersecurity and Infrastructure Security Agency have collaborated to urge organizations to protect baseboard management controllers in their server-class computers. NSA and CISA on Wednesday issued a
More by Jamie Bennet
The Cybersecurity and Infrastructure Security Agency is mandating government entities to remove dedicated device interfaces from public-facing Internet if such platforms are exclusive to authorized users but accessible through remote network protocols.
More by Jamie Bennet
The Office of Management and Budget has issued a memorandum reaffirming the importance of secure software development practices and extending the deadlines for when agencies should gather attestations from software companies. Agencies
More by Jane Edwards
The CSC 2.0 project, the successor to the Cyberspace Solarium Commission, has released a report offering recommendations to improve collaboration between the public and private sectors in protecting U.S. critical infrastructure and
More by Jane Edwards
The Cybersecurity and Infrastructure Security Agency and the FBI have jointly published recommendations to protect organizations against potential attacks by a group called CL0P Ransomware Gang. CISA announced Wednesday that its new
More by Jamie Bennet