NSA

Agencies Warn of State-Sponsored Volt Typhoon’s Hacking Tactics

In collaboration with international and private sector partners, CISA released a new advisory warning network defenders of PRC-linked Volt Typhoon’s infiltration tactics. 

  • By Alexandra Kelley

Cyber Agencies Unveil Updated Ransomware Guide

The 2023 version offers more detailed, step-by-step guidance and associated recommendations to fortify public and private networks against sophisticated ransomware.

  • By Alexandra Kelley

Federal Operation Takes Down Sophisticated Russian Malware

Snake malware has plagued international digital networks for nearly two decades; a joint federal effort finally dismantled the web of espionage spyware.

  • By Alexandra Kelley

Federal, International Agencies Release Principles to Enhance Security of Tech Products

The new guidance pushes software and technology manufacturers to take more responsibility for the security of their devices by adhering to secure-by-design and -default principles.

  • By Edward Graham

Senator Calls for Cybersecurity Audit of Law Enforcement Wireless Network

FirstNet is a cellular network built for first responders around the country, but at least one federal official told the senator’s office they had “no confidence” in the network’s security.

  • By Frank Konkel

Enhanced Information Sharing With Industry Key to Deterring Digital Threats, NSA Cyber Chief Says

NSA Cybersecurity Director Rob Joyce said intelligence sharing initiatives between government and industry empower companies to implement actionable cyber defense measures.

  • By Edward Graham

NSA Bills Itself as a 'Soft Landing Place' for Laid off Tech Workers

The intelligence agency has been quietly moving over the past few months to recruit talented workers affected by the wave of layoffs at tech companies and startups.

  • By Edward Graham

CISA, NSA and Industry Outline Security Responsibilities of Software Suppliers

New guidance from the federal agencies—and major companies serving the government—tries to distinguish between the security duties of software developers, suppliers and consumers.

  • By Mariam Baksh

NSA Advocates Active Defense, as Industry Lawyer Advises Against Incident Reports

Speakers at a new conference hosted by cybersecurity firm Mandiant highlighted the challenge the government faces in motivating companies to report attacks on critical infrastructure.

  • By Mariam Baksh

CISA, NSA Guidance Tries to Reduce Alternatives for Securing Industrial Control Systems

Policymakers in Congress and the administration are grappling with how to set a performance bar for companies' mitigation of cyber threats against critical infrastructure they own, while allowing flexibility the companies say is needed to run their operations.

  • By Mariam Baksh

NSA Releases Post-Quantum Algorithms, Aims for Full Implementation by 2035

The National Security Agency worked in conjunction with NIST to prepare stakeholders for upcoming quantum cryptographic requirements. 

  • By Alexandra Kelley

Justice Seeks to Stop Booz Allen's Everwatch Acquisition

The department's antitrust lawsuit says the transaction unfairly eliminates competition for providing signals intelligence modeling and simulation services to the National Security Agency.

  • By Nick Wakeman and Ross Wilkers

US, Allied Cybersecurity Agencies, Advise Reviewing Contracts with Tech Vendors

A joint advisory from CISA, domestic partners and counterpart agencies in the Five Eyes intelligence alliance warns of a heightened threat to managed service providers and their customers.

  • By Mariam Baksh

NSA Re-awards Secret $10 Billion Contract to Amazon

Amazon Web Services beat out Microsoft for the contract after a bid protest battle.

  • By Frank Konkel
Featured eBooks
The IT Modernization Mission
Read Now

Ransomware Threat

Read Now

What's Next For Government Cloud

Read Now

Federal Agencies Exploring Computing at the Edge

Read Now

NSA Stresses Vendor Diversification in Guidance on Network Segmentation

Robust firewalls within and around a network are especially important in environments incorporating industrial control systems, which have been targeted in Russian state-sponsored operations.

  • By Mariam Baksh

NSA to get binding operational directive authority under new cyber policy

A new memo signed by President Biden outlines how the May 2021 executive order on cybersecurity applies to national security systems.

  • By Adam Mazmanian

Agencies Under New Deadlines to Address ‘log4j’ Flaws with Emergency Directive

The Cybersecurity and Infrastructure Security Agency order comes as a prominent firm says nation states are exploiting the vulnerabilities.

  • By Mariam Baksh

NSA, CISA, Add Original Equipment Manufacturers to Audience for 5G Security Guidance

The agencies got specific about who is responsible for what in a four-part series on securing the inherently cloud-based environments.

  • By Mariam Baksh

GAO: NSA Erred in Technical Evaluations of $10 Billion Cloud Contract

The Government Accountability Office recommended the NSA reevaluate bids from Microsoft and Amazon Web Services.

  • By Frank Konkel

NSA, CISA List Expectations for Industry on Data Governance in 5G Environments

The document is the third in a four-part series of guidance that categorizes security responsibilities according to their relevance for the cloud service providers, mobile operators and users of emergent fifth-generation networks.

  • By Mariam Baksh

NSA, CISA Say Industry Should Use Attestation Technology to Secure 5G Environments

The tech can provide evidence of compliance with configuration standards and detect anomalies in complex multi-tenant, multi-cloud computing architectures.

  • By Mariam Baksh