NRC Issues Recommendations for Better Network, Software Security
The Network Resilience Coalition pushes adoption of standards like SSDF, OpenEoX and CISA's Secure By Design and Default framework.
Stay informed on the latest CISA updates, guidelines, and alerts critical for robust information security and cyber threat prevention.
Search across headline titles and summaries.
Background for this topic.
Cybersecurity and Infrastructure Security Agency (CISA) is the U.S. Department of Homeland Security agency for reducing cyber and physical risks to critical infrastructure and federal civilian networks. Created by the 2018 CISA Act, it works with government and industry, publishes alerts and guidance, and coordinates assistance during significant incidents. Its direct federal-network role chiefly covers the Federal Civilian Executive Branch, including .gov; private-sector engagement is often voluntary or sector-specific.
Practitioners use CISA advisories and the Known Exploited Vulnerabilities catalog to prioritize patching where exploitation has been observed, and consult applicable directives and incident-response guidance. CISA supports vulnerability reporting and promotes controls such as multifactor authentication, logging, and tested recovery. A CISA alert is an actionable risk signal, not proof every organization is affected; teams should verify product, version, exposure, and obligations.
The Network Resilience Coalition pushes adoption of standards like SSDF, OpenEoX and CISA's Secure By Design and Default framework.
US Cyber Agency Issues Step-by-Step Guide to Build Software Bills of MaterialsThe U.S. Cybersecurity and Infrastructure Security Agency is aiming to improve the implementation of software bills of materials across the public and private sectors as experts warn that a failure to build and use the critical inventory lists could result in "catastrophic security breaches."
And software makers seem to be OK with this, apparently There's a line in the latest plea from CISA – the US government's cybersecurity agency – to software developers to do a better job of writing secure code that may make you spit out your coffee.…
As cyberattackers increasingly target water suppliers and wastewater utilities, the US federal government wants to help limit the impact of destructive attacks.
US Cyber Agency Director Is Latest High-Profile Target of Dangerous Swatting AttackThe director of the U.S. Cybersecurity and Infrastructure Security Agency confirmed she was the apparent target of a swatting attack in which police responded to false calls of a shooting at her Virginia residence on Dec. 30, 2023. In a statement, Easterly described the experience as "harrowing."
Election officials, judges, politicians, and gamers are in swatters' crosshairs CISA Director Jen Easterly has confirmed she was the subject of a swatting attempt on December 30 after a bogus report of a shooting at her home.…
A phone call to authorities claimed that a shooting had taken place on Easterly's block.
US security agency CISA orders all civilian federal agencies to take immediate steps to mitigate two Ivanti zero-day flaws