Cybersecurity and Infrastructure Security Agency (CISA)
15 Articles

Biden’s Cybersecurity Executive Order and What Comes Next Under Trump
Regardless of what steps Trump takes next, Biden's cybersecurity EO reflects an important consensus on the evolving cyber threat landscape.

Software Backdoor is a Wakeup Call for Cybersecurity
As shown by the xz backdoor, relying on luck is not a sustainable cybersecurity strategy when much of the world depends on secure software.

Remote Sensing from Space: What Norms Govern?
"If recent excitement about spy balloons is any indication, it may be high time to prioritize a coherent international framework for remote sensing."

Congress Debates Cyber Incident Reporting Deadlines in the NDAA
The next NDAA could require cyber incident reporting for critical cyber infrastructure owners and operators within 24 or 72 hours of the incident.

US Cybersecurity Has a Metrics Problem. Here’s How to Fix It.
Lawmakers have taken critical steps this year, but the lack of data makes it hard to know whether U.S. cybersecurity is actually improving.

Four Key Takeaways from the Senate’s Cybersecurity Confirmation Hearing
There were approximately 65,000 ransomware attacks last year in the United States, and that number doesn’t seem to be slowing down. Over the past few weeks, cybersecurity has…

The New Cyber Executive Order is a Good Start, But Needs a Supercharge from Congress
Implementation can strengthen the data contractors have to provide. And Congress should pass legislation to apply these measures across the economy.

The Latest North Korea Cyber Indictment Should Serve as a Model
Last week, the Biden administration’s Department of Justice (DOJ) announced its first major cyber-related indictment. An investigation long in the works, the indictment charges…

“Strategic Silence” and State-Sponsored Hacking: The US Gov’t and SolarWinds
The absence to date of executive branch attribution and condemnation of the SolarWinds intrusions may be strategic silence—a tactic employed in the immediate aftermath of past…

A Post-Election Trump Firing Makes the Case for an Independent, Regulatory CISA
Incoming President Biden and Congress should seize the moment of the agency’s high profile to strengthen its role in protecting critical US infrastructure.

What the Pandemic Tells Us About the State of U.S. Cybersecurity
The Cyberspace Solarium Commission sees lessons on risk assessment, resilience, public-private collaboration, and more.

OmniCISA Pits DHS Against the FCC and FTC on User Privacy
On Friday, Congress will vote on a mutated version of security threat sharing legislation that had previously passed through the House and Senate. These earlier versions would…