Security news aggregator

Latest coverage for CISA

Stay informed on the latest CISA updates, guidelines, and alerts critical for robust information security and cyber threat prevention.

4 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Cybersecurity and Infrastructure Security Agency (CISA) is the U.S. Department of Homeland Security agency for reducing cyber and physical risks to critical infrastructure and federal civilian networks. Created by the 2018 CISA Act, it works with government and industry, publishes alerts and guidance, and coordinates assistance during significant incidents. Its direct federal-network role chiefly covers the Federal Civilian Executive Branch, including .gov; private-sector engagement is often voluntary or sector-specific.

Practitioners use CISA advisories and the Known Exploited Vulnerabilities catalog to prioritize patching where exploitation has been observed, and consult applicable directives and incident-response guidance. CISA supports vulnerability reporting and promotes controls such as multifactor authentication, logging, and tested recovery. A CISA alert is an actionable risk signal, not proof every organization is affected; teams should verify product, version, exposure, and obligations.

Showing 4 most recent headlines Filtered view
Bank Info Security 2 years, 4 months ago

ISMG Editors: Inside the Politics of US Cybersecurity

Guest Grant Schneider on Security and Privacy Bills, AI Integration, CISA UpdatesIn the latest weekly update, Grant Schneider of Venable LLP joined three ISMG editors to discuss the future of U.S. federal cybersecurity and privacy legislation, AI integration and recent CISA developments - all set against a backdrop of political complexities.

Bank Info Security 2 years, 4 months ago

Experts Say CISA's Software Attestation Form Lacks Key Parts

Form Does Not Include Mandates for Memory-Safe Programming Requirements, SBOMsExperts told ISMG a final version of the Cybersecurity and Infrastructure Security Agency's self-attestation form for federal software providers takes bold steps to ensure new technologies are made with "secure by design" principles but lacks critical components that should come in future versions.

Bank Info Security 14 Mar 2024, 12:00 p.m. CISA
Bank Info Security 2 years, 4 months ago

CISA Lacks Staff with Skills Needed to Safeguard OT

GAO Report Criticizes CISA's Info Sharing Programs for Critical InfrastructureThe U.S. Government Accountability Office found that CISA lacks the skilled staff to effectively share information with critical infrastructure operators about threats. Also, the GAO found that the Pipeline and Hazardous Materials Safety Administration lacked an information-sharing process.

Bank Info Security 2 years, 4 months ago

US Federal Budget Proposes $27.5B for Cybersecurity

Budget Proposes Incremental Increases, Not Leaps, But Small Budget Cut for CISAThe Biden administration doesn't propose huge leaps in cybersecurity funding in an annual spending blueprint unveiled Monday afternoon. U.S. federal civilian cybersecurity spending would amount to $13 billion, while the military would spend $14.5 billion.