People
Trump’s DHS pick says CISA is ‘far off-mission’ and should be smaller
Current South Dakota Gov. Kristi Noem wants CISA to be “refocused” on critical infrastructure and to no longer address mis- or disinformation efforts online.
Cybersecurity
Salt Typhoon breach was first detected on federal networks, CISA head says
Cybersecurity and Infrastructure Security Agency Director Jen Easterly said the group was first detected “before we understood it was Salt Typhoon.”
Cybersecurity
CISA orders federal agencies to secure their cloud environments
Federal civilian agencies are compelled by the Binding Operational Directive to adopt specific cloud standards under SCuBA, a government blueprint that helps agencies assess cloud security security guidelines.
Cybersecurity
CISA issues updated draft of national cyber incident response plan
The NCIRP was first released in 2016. The updates include pathways for non-federal groups to get involved in responding to devastating cyberattacks.
Cybersecurity
Chinese telecom espionage began with ‘much broader’ aims, officials say
The U.S. has been investigating the Salt Typhoon hackers since late spring and early summer this year, a senior FBI official said.
People
CISA Director Jen Easterly to depart on Inauguration Day
Easterly and Deputy Director Nitin Natarajan are set to leave as an administration change casts doubt on the agency’s future.
Cybersecurity
CISA has no data supporting claims of election cheating, official says
Baseless voting fraud claims were pushed by Donald Trump in 2020 and the final weeks of his presidency.
Cybersecurity
Russian email domains sent uncredible bomb threats to polling places, FBI says
Kremlin-backed actors have a long record of sowing fear and disinformation into the U.S. election process.
Cybersecurity
CISA has not clocked any 'national-level significant incidents' impacting the election, official says
The agency is notably not in active contact with social media platforms but “if a threat were to arise that would necessitate us to do so, we would absolutely reach out,” Cait Conley said.
Cybersecurity
Chinese telecom breaches won’t sway election outcomes, CISA chief says
The top U.S. cyber defense agency has seen “no evidence of activity that has the potential to materially impact the outcome of the presidential election,” Jen Easterly said Monday.
Cybersecurity
‘Every single American’ a target of election interference, former DHS official says
Adversaries have heavily accelerated efforts to sway the outcome of next week’s presidential election.
Cybersecurity
CISA guidance focuses on post-quantum cryptography tools
The guidance nudges federal network operators to adopt automated cryptography discovery and inventory tools as a step in managing post-quantum cryptography updates.
Cybersecurity
CISA issues guide to help federal agencies set cybersecurity priorities
The guidance comes as federal civilian agencies are closing in on zero trust deadlines looming at the end of the current fiscal year.
Cybersecurity
GSA awards contract for $524M CISA headquarters
The agency will leverage its largest Inflation Reduction Act-funded project to date to help construct a 630,000-square-foot building for the cybersecurity agency at the St. Elizabeths West Campus.
Cybersecurity
CISA, FBI assert election infrastructure’s fortitude despite ransomware threat
Both organizations aim to instill confidence in U.S. voting infrastructure ahead of the 2024 elections.
Cybersecurity
Top US cyber agency hasn’t seen infamous Chinese hackers breach election infrastructure
A pervasive hacking collective being tracked by U.S. intelligence agencies hasn’t been seen breaking into any election infrastructure, but visibility into the group’s activities still isn’t clear, according to CISA Director Jen Easterly.
People
CISA names Lisa Einstein as first chief AI officer
The new position is part of the agency’s larger strategy to incorporate responsible artificial intelligence solutions both internally and externally to critical infrastructure partners.
Cybersecurity
New tech, personnel will help CISA with coming rush of cyber incident reports
CISA said “an automated mechanism” could help it better process and review a coming deluge of new cyber incident reports but could not be accounted for in its current budget.
Digital Government
Malicious foreign actors exploit US entities to push disinformation, IC warns
Communications and marketing firms can be pulled in as unwitting collaborators, the intelligence officials noted in a Monday call.
People