The 2025 Cybersecurity Report outlines the growing complexity of cyber threats facing the U.S. financial system, highlighting vulnerabilities linked to third-party service providers and outdated legacy systems. It emphasizes the…
Learn MoreAs cyber threats increasingly target critical infrastructure, state governments are stepping up their cybersecurity readiness. This strategic plan outlines how a multi-state compact can help build capacity, share threat intelligence,…
Learn MoreTo safeguard the integrity of its technology ecosystem, DHS has implemented a comprehensive program to assess supply chain risks related to cybersecurity. This includes open-source research, vendor evaluations, and the…
Learn MoreFederal agencies are warning U.S. organizations—especially in critical infrastructure sectors—about increased cyber threat activity from Iranian-affiliated actors. These actors have been observed exploiting known software vulnerabilities, using default passwords, and…
Learn MoreAmid mounting cybersecurity threats, federal agencies are ramping up efforts to implement Zero Trust security frameworks. This GAO report evaluates how 23 civilian agencies are progressing toward this goal, identifying…
Learn MoreThe Insider Risk Working Group met to discuss the evolving landscape of insider risk management within Federal agencies, the supporting defense industrial base (DIB), and commercial organizations. The discussion explored…
Learn MoreBlockchain is transforming how government agencies approach transparency, efficiency, and security. By enabling real-time tracking of transactions and automating processes like tax collection and benefits distribution, blockchain can help build…
Learn MoreGAO’s latest assessment finds the Department of Defense continues to fall short on delivering advanced weapon systems quickly and cost-effectively. Many programs using acquisition pathways designed for speed instead suffered…
Learn MoreCyber threats now move faster than human response, prompting a shift toward AI-powered “digital immune systems” that mirror the human body’s ability to detect and neutralize threats autonomously. This approach…
Learn MoreThis report explores how criminal prosecution can be a powerful tool for protecting U.S. critical infrastructure against cyber and physical threats. Using the example of the Flax Typhoon botnet takedown,…
Learn MoreAs artificial intelligence continues to transform public safety, the fire service stands to gain powerful new tools—but only if AI is implemented responsibly. This NIST publication explores how AI can…
Learn MoreDespite hardware’s reputation for being secure, this NIST paper reveals how flaws introduced during design or manufacturing can lead to serious vulnerabilities. It introduces a scalable methodology for mapping hardware…
Learn MoreFederal agencies are making strides in reducing cybersecurity risks thanks to the Continuous Diagnostics and Mitigation (CDM) program, but significant gaps remain. While CDM has improved agencies’ ability to respond…
Learn MoreAs artificial intelligence becomes more embedded in cybersecurity, its influence on the offense-defense balance is growing—but in unpredictable ways. AI could strengthen defenders by automating patching, hardening networks, and identifying…
Learn MoreThe GAO reviewed how the Department of Veterans Affairs manages its healthcare providers’ professional credentials and found notable weaknesses. Thousands of providers had expired or potentially invalid licenses, which could…
Learn More