CISA gets a deputy director as it braces for major layoffs

Madhu Gottumukkala, a state CIO, lacks the homeland security experience of his two predecessors.

By Eric Geller • April 25, 2025

CISOs band together to urge world governments to harmonize cyber rules

Policymakers have moved slowly to reduce regulatory overlap, but the new industry plea could help change that.

By Eric Geller • April 24, 2025

State Department reorganization could imperil cyber diplomacy

Congress told the U.S. State Department how to approach global cyber challenges, but the administration’s plan would upend that strategy.

By Eric Geller • April 23, 2025

CISA’s Secure by Design initiative in limbo after key leaders resign

Companies have been urging CISA to scale back its software security pressure campaign. Two new resignations from the agency could accelerate that shift.

By Eric Geller • April 22, 2025

Bill extends cyber threat info-sharing between public, private sector

The Cybersecurity Information Sharing Act of 2015, set to expire in September, “moved the needle.”

By Elizabeth Montalbano, Contributing Reporter • April 16, 2025

Mitre CVE program regains funding as renewal deal reached

The information security industry feared a lapse would lead to industrywide exposures of software vulnerabilities.

By David Jones • April 16, 2025

CISA launches new wave of job cuts

Critics warn that drastic downsizing of the DHS unit will threaten the nation’s ability to counter cyber adversaries.

By David Jones • April 16, 2025

Aviation sector faces heightened cyber risks due to vulnerable software, aging tech

A report calls on federal authorities to conduct comprehensive risk assessments and take steps to modernize the air traffic control system.

By David Jones • April 14, 2025

Plankey nomination at CISA placed on hold after Wyden pushes for telecom report

The Oregon senator is demanding CISA release a report on security practices in the industry, citing concerns about the Salt Typhoon hacking campaign. 

By David Jones • April 10, 2025

Trump administration under scrutiny as it puts major round of CISA cuts on the table

Congressional members plan to raise questions Tuesday as hundreds of critical jobs could be slashed in the coming weeks.

By David Jones • April 7, 2025

Head of NSA and US Cyber Command reportedly fired

Gen. Timothy D. Haugh served as the head of two government organizations that play integral roles for U.S. cybersecurity.

By Rob Wright • April 4, 2025

CISA, FBI warn of fast flux technique used to hide malicious servers

Criminal and state-linked hackers use fast-changing DNS records to make it harder for defenders to detect or disrupt malicious activity.

By David Jones • April 4, 2025

House members press Commerce Secretary Lutnick on DOGE-related job cuts at NIST

The agency has already slashed dozens of probationary workers, and further cuts could have major consequences for cybersecurity standards and AI development. 

By David Jones • April 3, 2025

SEC should avoid ‘overly prescriptive’ AI rules, acting chair says

The comments follow actions taken by President Trump that have effectively upended the U.S. approach to AI policy under Biden, according to analysts.

By Alexei Alexis • March 28, 2025

FCC investigating China-linked companies over evasion of US national security measures

The agency is cracking down on the use of prohibited technologies following a series of hacks into US telecommunications firms.

By David Jones • March 24, 2025

CISA urges fired probationary workers to respond after federal judge grants order

The agency plans to keep workers on paid administrative leave despite ongoing concerns about its ability to address cyber threats.

By David Jones • March 18, 2025

FCC launches national security unit to counter state-linked threats to US telecoms

The new council is part of an effort to thwart Salt Typhoon and other cyber espionage groups.

By David Jones • March 13, 2025

Trump nominates Plankey to lead CISA

Sean Plankey previously held key roles at the Department of Energy and National Security Council during the first Trump administration.

By David Jones • March 11, 2025

Former NSA cyber director warns drastic job cuts threaten national security

Rob Joyce told lawmakers mass layoffs of federal workers will hurt the ability of the U.S. to combat malicious cyber activity from China and other adversaries.

By David Jones • March 10, 2025

Critical infrastructure at state, local levels at heightened risk of cyberattacks

State and local governments need additional resources, shared intelligence and coordination, an MS-ISAC report showed.

By David Jones • Feb. 28, 2025

CISA taps Karen Evans as executive assistant director for cybersecurity

The veteran official’s appointment could reassure the cyber community that a steady hand will help lead the agency.

By David Jones • Feb. 27, 2025

SEC revamps cyber and crypto enforcement unit under Trump administration

The reconfigured unit signals a more hands-off approach on digital currencies, but legal experts do not expect major changes in cyber risk disclosure.

By David Jones • Feb. 21, 2025

US authorities warn Ghost ransomware leverages older CVEs

The China-linked threat group has targeted critical infrastructure providers in more than 70 countries.

By David Jones • Feb. 20, 2025

DeepSeek surge hits companies, posing security risks

The Trump administration is scrutinizing the AI app, Italy and Taiwan have banned it, and companies have blocked it.

By Alexei Alexis • Feb. 5, 2025

Deloitte pays $5M in connection with breach of Rhode Island benefits site

The company agreed to cover expenses related to recovery from the December cyberattack.

By David Jones • Feb. 5, 2025