CISA Cuts $10M in ISAC Funding & 100s of Employees
President Trump has long complained about perceived threats to election security. Now his DHS has kneecapped the agencies designed to support it. Experts are worried about what comes next.
Stay informed on the latest CISA updates, guidelines, and alerts critical for robust information security and cyber threat prevention.
Search across headline titles and summaries.
Background for this topic.
Cybersecurity and Infrastructure Security Agency (CISA) is the U.S. Department of Homeland Security agency for reducing cyber and physical risks to critical infrastructure and federal civilian networks. Created by the 2018 CISA Act, it works with government and industry, publishes alerts and guidance, and coordinates assistance during significant incidents. Its direct federal-network role chiefly covers the Federal Civilian Executive Branch, including .gov; private-sector engagement is often voluntary or sector-specific.
Practitioners use CISA advisories and the Known Exploited Vulnerabilities catalog to prioritize patching where exploitation has been observed, and consult applicable directives and incident-response guidance. CISA supports vulnerability reporting and promotes controls such as multifactor authentication, logging, and tested recovery. A CISA alert is an actionable risk signal, not proof every organization is affected; teams should verify product, version, exposure, and obligations.
President Trump has long complained about perceived threats to election security. Now his DHS has kneecapped the agencies designed to support it. Experts are worried about what comes next.
Medusa developers have been targeting a wide variety of critical infrastructure sectors, from healthcare and technology to manufacturing and insurance, racking up its victim count as it seemingly adds to its numbers of affiliates.
CISA and FBI warn of Medusa ransomware impacting over 300 victims across critical infrastructure sectors with double extortion tactics
Agency tries to save face as it also pulls essential funding for election security initiatives The US cybersecurity agency is trying to save face by seeking to clear up what it's calling "inaccurate reporting" after a former senior pentester claimed it laid off the entire Red Team.…
Cyber Defense Agency Axes Funding for Key ISACs as Trump Shifts Federal PrioritiesThe Cybersecurity and Infrastructure Security Agency is eliminating $10 million in annual funding for two key cybersecurity hubs supporting states and local elections as agency officials tell Information Security Media Group the move is aimed at eliminating waste and realigning priorities.
CISA says the Medusa ransomware operation has impacted over 300 organizations in critical infrastructure sectors in the United States until last month. [...]
In a new round of cuts since Donald Trump became president, 100 people working with the US Cybersecurity and Infrastructure Agency saw their contracts terminated
Election infosec advisory agency also shuttered A penetration tester who worked at the US govt's CISA claims his 100-strong team was dismissed after Elon Musk's Trump-blessed DOGE unit cancelled a contract – and that more staff at the cybersecurity agency have also been let go.…
Plankey has served in numerous cybersecurity positions in the past, including during the first Trump presidency from 2018-2020.
Plankey Led Efforts to Engage Energy Sector in Cyber Prep During Trump's First TermPresident Donald Trump has nominated a former Energy Department and National Security Council cybersecurity official to lead the U.S. Cybersecurity and Infrastructure Security Agency. National Guard and Coast Guard Veteran Sean Plankey has been tapped to replace Jen Easterly as the director of CISA.
CISA warned U.S. federal agencies to secure their networks against attacks exploiting three critical vulnerabilities affecting Ivanti Endpoint Manager (EPM) appliances. [...]
The US Cybersecurity and Infrastructure Security Agency (CISA) has added five new flaws in Ivanti and VeraCore products to its Known Exploited Vulnerabilities catalog
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added five security flaws impacting Advantive VeraCore and Ivanti Endpoint Manager (EPM) to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation in the wild