Tag: federal cybersecurity
9 articles

NSA, CISA Warn Federal Agencies of Identity Security Risks
The NSA and CISA are sounding the alarm: identity security risks are now the frontline in federal cybersecurity, with Active Directory and Entra ID being prime targets for cyber attackers. Recent incidents show that nearly 75% of major federal cyber breaches in the last five years involved compromised identities.

CISA Overhauls Vulnerability Patching with Smarter Prioritization Directive
The Cybersecurity and Infrastructure Security Agency (CISA) has rolled out a game-changing directive that revolutionizes vulnerability patching with a smarter approach to prioritization, empowering federal agencies to tackle fixes more efficiently. By introducing clear guidelines and timelines, CISA is helping agencies focus on the most critical patches first, based on criteria like exposure, exploitability, and real-world threat activity.

White House Overhauls Federal Cybersecurity Logging Rules
The White House is shaking up federal cybersecurity logging rules with a new set of guidelines aimed at cutting red tape and boosting efficiency. The updated rules, outlined in OMB memo M-26-14, replace previous requirements with a more streamlined approach to managing cybersecurity risks.

US Cyber Official Warns of AI-Driven Identity Security Risks
As AI-driven threats evolve, securing identities is more crucial than ever - in fact, a top US cyber official warns that controlling who and what gets onto a network is now our first line of defense. By prioritizing identity security, we can prevent attackers from exploiting vulnerabilities and gaining a foothold in our systems.

AI Reshapes Cybersecurity With Renewed Focus on Fundamentals
Artificial intelligence is revolutionizing cybersecurity by refocusing efforts on timeless fundamentals, empowering agencies to make informed decisions with the help of established frameworks like the NIST Cybersecurity Framework. By layering new AI-related risks over existing ones, Cheri Pascoe, Director of the National Cybersecurity Center of Excellence at NIST, highlights the need for a strategic approach to tackle these emerging threats.

CISA Warns of Active Exploitation of SD-WAN Flaw
The Cybersecurity and Infrastructure Security Agency (CISA) has sounded the alarm on a newly discovered SD-WAN flaw that's already being exploited by attackers, giving US government agencies just four days to secure vulnerable systems. Time is of the essence in this urgent directive, which CISA has framed as an operational emergency.

Federal Leaders Prioritize Security Amid Evolving Cyber Threats
As cyber threats continue to evolve and grow in sophistication, with many now powered by artificial intelligence, federal leaders are recognizing that cybersecurity is no longer just an operational concern, but a strategic imperative crucial to mission survival. It's a dilemma that's putting cybersecurity at the top of the agenda in executive suites across all sectors.

Microsoft Cloud Security Falls Short in Government Review
A scathing government review has revealed that Microsoft's cloud security documentation is woefully inadequate, leaving evaluators with a disturbing lack of confidence in the system's overall security posture. This shocking finding raises serious concerns about the reliability of one of Microsoft's largest cloud offerings.

Microsoft Cloud Security Review Exposes Gaps in Protection
A scathing internal government review of Microsoft's cloud security offering revealed alarming gaps in protection, with evaluators unable to determine whether sensitive information was safe as it moved across servers. The review team was left frustrated by a lack of proper detailed security documentation.