GOP lawmakers urge ban of networking vendor TP-Link, citing ties to China

The Trump administration is facing mounting pressure to formulate a strategy for addressing supply-chain threats that endanger national security.

By Eric Geller • May 15, 2025

Congress faces pressure to renew cyber information-sharing law

The law’s expiration in September could jeopardize a wide range of information-sharing partnerships that have helped catch and thwart cyberattacks in the U.S.

By Eric Geller • May 14, 2025

Defense contractors get a head start on CMMC audits

Software investments, infrastructure upgrades and compliance documentation topped the list of Cybersecurity Maturity Model Certification implementation costs, a new survey shows.

By Eric Geller • May 12, 2025

NIST loses key cyber experts in standards and research

The head of the agency’s Computer Security Division and roughly a dozen of his subordinates took the Trump administration’s retirement offers, placing key programs at risk.

By Eric Geller • May 6, 2025

DOD plans to fast-track software security reviews

The Pentagon will lay out new security requirements and approval processes for the software it purchases.

By Eric Geller • May 5, 2025

UK authorities warn of retail-sector risks following cyberattack spree

Three major retail brands, including Harrods and M&S, have been targeted in recent weeks.

By David Jones • May 5, 2025

Access reviews can be fixed - here’s how

Drowning in spreadsheets for access reviews? There’s a smarter solution.

May 5, 2025

Trump proposes major cut to CISA’s budget, citing false ‘censorship’ claims

The president’s budget proposal repeated a debunked claim about the nation’s cyber agency engaging in censorship.

By Eric Geller • Updated May 5, 2025

Recent DOJ settlements suggest Biden cyber-fraud initiative still active

The Justice Department under Trump has now settled three cases that bear the hallmarks of a Biden-era cyber enforcement initiative.

By Eric Geller • Updated May 2, 2025

Salt Typhoon telecom hacks one of the most consequential campaigns against US ever, expert says

A prominent former member of a recently shuttered cyber-incident review panel said the board should be reconstituted with independent authority.

By David Jones • May 1, 2025

DHS secretary vows to refocus CISA, saying it strayed from mission

Kristi Noem said the agency should be focused on securing critical infrastructure.

By David Jones • April 30, 2025

Cyber experts urge Trump to abandon Chris Krebs investigation

Dozens of cyber industry luminaries, many from the election security community, said the investigation could discourage important cyber work.

By Eric Geller • April 28, 2025

FBI seeks public tips about Salt Typhoon

The bureau’s public alert follows months of conversations with the telecom industry about the far-reaching cyber espionage campaign by a Chinese nation-state threat actor.

By Eric Geller • April 28, 2025

CISA gets a deputy director as it braces for major layoffs

Madhu Gottumukkala, a state CIO, lacks the homeland security experience of his two predecessors.

By Eric Geller • April 25, 2025

CISOs band together to urge world governments to harmonize cyber rules

Policymakers have moved slowly to reduce regulatory overlap, but the new industry plea could help change that.

By Eric Geller • April 24, 2025

State Department reorganization could imperil cyber diplomacy

Congress told the U.S. State Department how to approach global cyber challenges, but the administration’s plan would upend that strategy.

By Eric Geller • April 23, 2025

CISA’s Secure by Design initiative in limbo after key leaders resign

Companies have been urging CISA to scale back its software security pressure campaign. Two new resignations from the agency could accelerate that shift.

By Eric Geller • April 22, 2025

Bill extends cyber threat info-sharing between public, private sector

The Cybersecurity Information Sharing Act of 2015, set to expire in September, “moved the needle.”

By Elizabeth Montalbano, Contributing Reporter • April 16, 2025

Mitre CVE program regains funding as renewal deal reached

The information security industry feared a lapse would lead to industrywide exposures of software vulnerabilities.

By David Jones • April 16, 2025

CISA launches new wave of job cuts

Critics warn that drastic downsizing of the DHS unit will threaten the nation’s ability to counter cyber adversaries.

By David Jones • April 16, 2025

Aviation sector faces heightened cyber risks due to vulnerable software, aging tech

A report calls on federal authorities to conduct comprehensive risk assessments and take steps to modernize the air traffic control system.

By David Jones • April 14, 2025

Plankey nomination at CISA placed on hold after Wyden pushes for telecom report

The Oregon senator is demanding CISA release a report on security practices in the industry, citing concerns about the Salt Typhoon hacking campaign. 

By David Jones • April 10, 2025

Trump administration under scrutiny as it puts major round of CISA cuts on the table

Congressional members plan to raise questions Tuesday as hundreds of critical jobs could be slashed in the coming weeks.

By David Jones • April 7, 2025

Head of NSA and US Cyber Command reportedly fired

Gen. Timothy D. Haugh served as the head of two government organizations that play integral roles for U.S. cybersecurity.

By Rob Wright • April 4, 2025

CISA, FBI warn of fast flux technique used to hide malicious servers

Criminal and state-linked hackers use fast-changing DNS records to make it harder for defenders to detect or disrupt malicious activity.

By David Jones • April 4, 2025