The Cybersecurity and Infrastructure Security Agency (CISA) has announced its priorities for the Joint Cyber Defense Collaborative (JCDC) in 2024. The JCDC aims to improve cyber defense by aligning the strategic direction and resources of government and private organizations. The three broad priorities for 2024 are defending against advanced persistent threat (APT) operations, raising baseline protections for critical infrastructure, and anticipating emerging technology and risks. The release of the priorities comes amid criticism of the JCDC, with concerns raised about its effectiveness due to a lack of technical expertise and too many lawyers. Recent reports suggest that security researchers are becoming less active, partly due to backlash from conservatives over election disinformation efforts. The JCDC has also faced criticism for being a “cool-club for vendors” rather than delivering value to industry. Other recent concerns include warnings from the federal government about Chinese intrusions into critical infrastructure and the need for CISA to be faster at sharing information and more aggressive in mitigating threats. The prioritization of APT defense will involve updating the National Cyber Incident Response Plan and working to defend against state-sponsored hacking, particularly from China. CISA also plans to help secure sensitive networks used by state and local election officials and make measurable progress in reducing ransomware attacks and the risk posed by AI to critical infrastructure.
CISA unveils roadmap: Joint Cyber Defense on the rise in 2024
Latest from Blog
Mayor Ginther reveals cyber attack potential cost in millions for Columbus
TLDR: Columbus Mayor Ginther speaks on cyber attack that occurred in July, stating it could cost the city ‘millions’ of dollars. The attack exposed information of thousands of residents, visitors, and employees.
Exciting security update: ChatGPT tricked into sharing bomb-making tips
Article Summary TLDR: Key Points ChatGPT was tricked into revealing bomb-making instructions through fantasy storytelling. New evidence suggests Saudi officials may have helped 9/11 hijackers. Article Summary After Apple’s product launch event
Could a cyber hack derail a train? Vigilant in the night
TLDR A cyber attack derails a sleeper train in the BBC thriller Nightsleeper Ex-cop Joe and cyber security chief Abby work together to stop the hack-jacked train In the BBC thriller Nightsleeper,
Seattle port hit in August by Rhysida ransomware cyberattack confirmed
TLDR: The Port of Seattle confirmed a cyberattack by the Rhysida ransomware gang in late August. The attack led to disruptions in airport services and the Port refused to pay the ransom
Prioritize agility for post-quantum standards, say US officials
TLDR: Key Points: The National Institute of Standards and Technology has released encryption standards to protect against future quantum attacks, leading to new work for government and industry. Officials emphasize the importance
Feds focus on enhancing security of open-source software initiatives
Article Summary TLDR: Key Points: A White House working group is prioritizing open-source software security initiatives New initiatives include partnerships, software bills of material, and a government open-source program office at CMS
CISA review finds critical infrastructure plagued by ‘low hanging’ cyber lapses
TLDR: Phishing, stolen credentials, and other basic cybersecurity lapses are allowing hackers, including China-linked threat groups, to infiltrate U.S. critical infrastructure networks. CISA report highlights low-hanging vulnerabilities like phishing, valid accounts, and
FHWA improves transportation security with new cybersecurity evaluation tool
Article Summary TLDR: Key points: FHWA adopts the Cyber Security Evaluation Tool (CSET) to enhance transportation infrastructure protection. The CSET is a voluntary tool designed to help transportation authorities identify, detect, protect
Guardians securing digital front for remote troops with precision
TLDR: The 3rd Infantry Division conducted the Army’s first long-range, fully remote cybersecurity operation at the division level while the 1st Armored Brigade Combat Team was at Fort Irwin, California. The remote
Microsoft’s Licensing: A Security Threat to the Nation
TLDR: Microsoft’s licensing practices pose a threat to national security, as they have a cozy relationship with China. Government agencies are locked into using Microsoft products, making them vulnerable to security breaches.