Cyber Defense
Trump cyber executive order aims to amend ‘problematic’ parts of Biden, Obama cyber orders
The order strips certain Biden-era cyber directives and looks to orient federal cyber policy around concrete technical measures, including secure software development, quantum-resistant encryption and labeling standards for IoT devices.
Senate Homeland panel likely to approve Cairncross, Plankey for key cyber positions
Sean Plankey, tapped to lead CISA, did not appear at a Thursday hearing due to reported clearance-related delays, but his name was still added to a list of nominees to be voted on next week.
‘I do not have confidence’ that US infrastructure is cyber-secure, former NSC official says
At the AI Expo for National Competitiveness, Anne Neuberger told audiences that artificial intelligence tools are an enhancement opportunity for U.S. cyber defenses and intelligence collection.
CISA projected to lose a third of its workforce under Trump’s 2026 budget
The White House’s latest spending proposal projects nearly 1,000 jobs will be slashed at the nation’s lead civilian cyber agency. Related cyber and intel programs across government also face funding rollbacks.
An 18th-century war power resurfaces in cyber policy talks
An old-world legal concept is seeing renewed interest in the cybersecurity community as a tool to give the private sector more runway to combat hackers, though many agree it’s more metaphor than mandate.
People should be ‘outraged’ by efforts to shrink federal cyber teams, former CISA head says
As adversaries like China continue targeting U.S. critical infrastructure, Chris Krebs says we should "make CISA great again" amid expected cuts mounting inside the cyber agency.
CISA warns threat hunting staff of end to Google, Censys contracts as agency cuts set in
“We understand the importance of these tools in our operations and are actively exploring alternative tools to ensure minimal disruption,” said the email sent to several hundred CISA cyber threat hunters.
Updated
MITRE-backed cyber vulnerability program to lose funding Wednesday
Organizations across industry, government, national security and critical infrastructure rely on the CVE Program, which serves as the de-facto global standard for vulnerability identification and management.
The need for collaborative global cyber diplomacy is growing
COMMENTARY | Strengthening global cyber collaboration is needed now more than ever.
NIST releases finalized guidelines on protecting AI from attacks
The final guidance for defending against adversarial machine learning offers specific solutions for different attacks, but warns current mitigation is still developing.
NIST’s vulnerability database logjam is still growing despite attempts to clear it
Vulnerability submissions increased 32% in 2024, NIST said. The agency is considering machine learning to automate certain vulnerability analysis tasks.
Exclusive
Lawmakers seek DHS records in probe of US response to Chinese cyber campaigns
The House Homeland Security Committee wants DHS to provide internal documents on China’s Volt and Salt Typhoon hacking units, according to a letter being sent Monday.
Featured eBooks
Cyberspace Solarium Commission turns five years old
The commission has largely influenced cybersecurity policymaking in Congress through the first half of the decade.
IBM contract for overseas cyber assistance canned amid USAID shutdown
The foreign aid agency — a prime target of President Donald Trump’s agenda to eliminate perceived government waste — declared cybersecurity an economic development issue in 2021.
Veterans Affairs loses cybersecurity migration project lead after DOGE layoffs
Another project co-lead is among the 21 legacy USDS staffers who chose to leave civil service this week rather than work with DOGE.
DOGE employee Edward Coristine lands at CISA with DHS email
A handle dubbed “Rivage” was reportedly tied to Coristine, and used to discuss and solicit hacking activities with a cybercrime syndicate known as The Com.
Trump to nominate former RNC official to be national cyber director
It’s not clear how Sean Cairncross would address ongoing ONCD efforts, as the Trump administration has sought to refocus certain cyber priorities in the federal government.
Coast Guard workforce lacks maritime cyber expertise, watchdog says
The maritime service says it will develop “competency requirements” for relevant personnel by the end of December. It’s also planning new procedures to document maritime cyber incidents.
Space companies say cyber threat intelligence is often overclassified, unactionable
Space and aerospace industry feedback from a series of government-run workshops noted that such threat intelligence is difficult to translate into actionable cyber efforts.
Biden signs executive order inspired by lessons from recent cyberattacks
The order gives CISA more eyes to hunt cyber threats on government networks and directs agencies and contractors to be more transparent about the security of their software stockpiles.
