Cybersecurity

A new CISA Binding Operational Directive mandates Zero Trust Architecture maturity across all five pillars for every civilian federal agency before December 31, 2026.

NIST CSF 2.1 introduces a Govern function enhancement and updated Supply Chain Risk Management subcategories that directly affect federal agency security programs.

CISA’s annual threat landscape report documents a 312 percent increase in ransomware incidents targeting federal contractors with total ransom demands exceeding $2.1 billion.

DoD’s public lessons-learned report from its Zero Trust implementation reveals critical success factors and common failure modes that civilian agencies can apply to their own ZTA programs.

OMB’s identity and access management assessment reveals that 41 percent of federal information systems have not yet implemented phishing-resistant multi-factor authentication as required by M-22-09.

A significant cybersecurity incident attributed to a compromised software update in a widely used federal IT management platform underscores the critical importance of software supply chain security.

CISA releases the Critical Infrastructure Cybersecurity Framework 2.0 with new operational technology and industrial control system guidance for civilian federal facilities and federally owned infrastructure.

A cross-agency security audit finds that 67 percent of agencies are using VPN solutions with known unpatched vulnerabilities, creating significant risk for the 1.2 million federal teleworkers.

Cybersecurity school launches Zero Trust learning pathway with detailed context for public-sector learning, courses, evaluations, credentialing, research, B2G deployment, and academy-level governance.

Cybersecurity school launches Zero Trust learning pathway with detailed context for public-sector learning, courses, evaluations, credentialing, research, B2G deployment, and academy-level governance.