cisa’s
-
DHS says CISA will continue to monitor and tackle cybersecurity threats from Russia.
-
As the nation’s cyber defense agency and the national coordinator for critical infrastructure security and resilience, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) is focused on enhancing America’s resilience against cyber threats from the People’s Republic of China (PRC). Jen Easterly, the agency’s director, stated that CISA’s strategy to combat these threats is based…
-
Discover how CISA’s new AI Security Incident Collaboration Playbook strengthens AI security and resilience.
-
Deputy Director Reflects on Term and Offers Advice to SuccessorsFrom application security to zero trust, it’s been a busy four years for the current leaders of the U.S. Cybersecurity and Infrastructure Security Agency. Deputy Director Nitin Natarajan discusses the agency’s accomplishments and the threats that await the next administration’s cyber leaders.
-
Deputy Director Reflects on Term and Offers Advice to SuccessorsFrom application security to zero trust, it’s been a busy four years for the current leaders of the U.S. Cybersecurity and Infrastructure Security Agency. Deputy Director Nitin Natarajan discusses the agency’s accomplishments and the threats that await the next administration’s cyber leaders.
-
The Cybersecurity and Infrastructure Security Agency (CISA) recently conducted an in-depth Red Team Assessment (RTA) to enhance cybersecurity in US critical infrastructure sectors. One critical infrastructure organization requested this assessment, which took roughly three months. Its primary purpose was to test its cybersecurity detection and response capabilities by simulating real-world threat scenarios similar to what might be…
-
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) released sector-specific goals (SSGs) for the chemical sector. These voluntary practices offer high-impact security actions beyond existing cross-sector cybersecurity performance goals (CPGs), guiding chemical businesses and critical infrastructure owners in defending against cyber threats. Developed using CISA’s operational data, threat landscape research, and collaboration with government, industry,…
-
Threat researchers think every sizeable organization, including the US government, should have a VDP program. “On the surface, [CISA’s program is] very good,” Dustin Childs, head of threat awareness in the Zero Day Initiative at Trend Micro, tells CSO. “Every enterprise, especially any large enterprise like the US government, should have some vulnerability disclosure platform.”
-
Back in May, dozens of software companies promised the Biden administration and their customers that they would adopt seven key digital security practices within a year. Today, as that secure-by-design pledge hits the halfway mark, the Cybersecurity and Infrastructure Security Agency (CISA) believes its first-of-its-kind project is achieving results.
-
These major software firms took CISA’s secure-by-design pledge. Here’s how they’re implementing it
·
The Cybersecurity and Infrastructure Security Agency’s (CISA) secure-by-design pledge has hit its six-month mark, and companies that took the pledge say they’ve made significant security improvements since they signed onto the initiative.
-
Over the past several years, CISA, the Cybersecurity and Infrastructure Security Agency, has released a steady stream of guidance encouraging software manufacturers to adopt Secure by Design principles, reducing customer risk by prioritizing security throughout the product development process. This is particularly critical for the operational technology (OT) sector, where vulnerabilities in industrial control systems…
-
MixMode Threat Research MixMode Threat Research is a dedicated contributor to MixMode.ai’s blog, offering insights into the latest advancements and trends in cybersecurity. Their posts analyze emerging threats and deliver actionable intelligence for proactive digital defense.
-
We all know CISA as the governing agency for federal cybersecurity and the national operating hub for critical infrastructure security. But what are the free critical cyber hygiene services provided by the Cybersecurity and Infrastructure Security Agency (CISA), and how can you take advantage of them in your organization?
-
With new and increasing cyber threats abound, navigating global software regulations and staying informed and compliant can seem like an unending task. To help mitigate risks within the software applications organizations use every day, many are increasingly looking to the strategic adoption of software bills of materials (SBOMs) as an effective way to maintain compliance…
-
Good security from the get-go beats adding it later Just as a baseline, companies you buy software from should support secure authentication, applying modern techniques ranging from single-sign-on to multifactor authentication and ensuring they support phishing-resistant authentication. Most importantly, has the software vendor removed default passwords or are they in the process of eliminating their…