NSA

Federal Operation Takes Down Sophisticated Russian Malware

Snake malware has plagued international digital networks for nearly two decades; a joint federal effort finally dismantled the web of espionage spyware.

Federal, International Agencies Release Principles to Enhance Security of Tech Products

The new guidance pushes software and technology manufacturers to take more responsibility for the security of their devices by adhering to secure-by-design and -default principles.

Senator Calls for Cybersecurity Audit of Law Enforcement Wireless Network

FirstNet is a cellular network built for first responders around the country, but at least one federal official told the senator’s office they had “no confidence” in the network’s security.

Enhanced Information Sharing With Industry Key to Deterring Digital Threats, NSA Cyber Chief Says

NSA Cybersecurity Director Rob Joyce said intelligence sharing initiatives between government and industry empower companies to implement actionable cyber defense measures.

NSA Bills Itself as a 'Soft Landing Place' for Laid off Tech Workers

The intelligence agency has been quietly moving over the past few months to recruit talented workers affected by the wave of layoffs at tech companies and startups.

CISA, NSA and Industry Outline Security Responsibilities of Software Suppliers

New guidance from the federal agencies—and major companies serving the government—tries to distinguish between the security duties of software developers, suppliers and consumers.

NSA Advocates Active Defense, as Industry Lawyer Advises Against Incident Reports

Speakers at a new conference hosted by cybersecurity firm Mandiant highlighted the challenge the government faces in motivating companies to report attacks on critical infrastructure.

CISA, NSA Guidance Tries to Reduce Alternatives for Securing Industrial Control Systems

Policymakers in Congress and the administration are grappling with how to set a performance bar for companies' mitigation of cyber threats against critical infrastructure they own, while allowing flexibility the companies say is needed to run their operations.

NSA Releases Post-Quantum Algorithms, Aims for Full Implementation by 2035

The National Security Agency worked in conjunction with NIST to prepare stakeholders for upcoming quantum cryptographic requirements. 

Justice Seeks to Stop Booz Allen's Everwatch Acquisition

The department's antitrust lawsuit says the transaction unfairly eliminates competition for providing signals intelligence modeling and simulation services to the National Security Agency.

US, Allied Cybersecurity Agencies, Advise Reviewing Contracts with Tech Vendors

A joint advisory from CISA, domestic partners and counterpart agencies in the Five Eyes intelligence alliance warns of a heightened threat to managed service providers and their customers.

NSA Re-awards Secret $10 Billion Contract to Amazon

Amazon Web Services beat out Microsoft for the contract after a bid protest battle.

NSA Stresses Vendor Diversification in Guidance on Network Segmentation

Robust firewalls within and around a network are especially important in environments incorporating industrial control systems, which have been targeted in Russian state-sponsored operations.

NSA to get binding operational directive authority under new cyber policy

A new memo signed by President Biden outlines how the May 2021 executive order on cybersecurity applies to national security systems.

Agencies Under New Deadlines to Address ‘log4j’ Flaws with Emergency Directive

The Cybersecurity and Infrastructure Security Agency order comes as a prominent firm says nation states are exploiting the vulnerabilities.

NSA, CISA, Add Original Equipment Manufacturers to Audience for 5G Security Guidance

The agencies got specific about who is responsible for what in a four-part series on securing the inherently cloud-based environments.

GAO: NSA Erred in Technical Evaluations of $10 Billion Cloud Contract

The Government Accountability Office recommended the NSA reevaluate bids from Microsoft and Amazon Web Services.