FISMA Annual Report to Congress

The Office of Management and Budget (OMB) has published its Fiscal Year (FY) 2018 Annual Report to Congress on the implementation of the Federal Information Security Modernization Act of 2014 (FISMA). The document includes data reported by agencies to OMB and the Cybersecurity and Infrastructure Security Agency (CISA). The report highlights government-wide cybersecurity programs and initiatives, and agencies’ progress to enhance federal cybersecurity over the past year and into the future.

CISA Strategic Intent: Defend Today, Secure Tomorrow

The Cybersecurity and Infrastructure Security Agency (CISA) has released the CISA Strategic Intent document, framing the new agency’s mission to protect the Nation’s critical infrastructure from physical and cyber threats. The document details CISA Director Christopher Krebs’ strategic vision and operational priorities and will serve as the interim strategy as the agency develops a longer-term strategic plan.

Cisco Releases Security Updates

Cisco has released security updates to address vulnerabilities in Cisco Integrated Management Controller (IMC) Supervisor, Unified Computing System (UCS) Director, and UCS Director Express for Big Data. A remote attacker could exploit these vulnerabilities to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the following Cisco Security Advisories and apply the necessary updates:

CISA Insights: Ransomware Outbreak

The Cybersecurity and Infrastructure Security Agency (CISA) has released its first CISA Insights product, which discusses the rapid emergence of ransomware across our Nation’s networks. CISA Insights – Ransomware Outbreak includes steps in the following key areas to help organizations protect themselves from ransomware attacks—a top priority for CISA: 

Cyber Safety for Students

As summer break ends, many students will return to school with mobile devices, such as smart phones, tablets, and laptops. Although these devices can help students complete schoolwork and stay in touch with family and friends, there are risks associated with using them. However, there are simple steps that can help students stay safe while using their internet-connected devices.

The Cybersecurity and Infrastructure Security Agency (CISA) recommends reviewing the following resources for more information on cyber safety for students:

Microsoft Releases Security Update for Windows Elevation of Privilege Vulnerability

Microsoft has released a security update to address an elevation of privilege vulnerability (CVE-2019-1162) in Windows. An attacker could exploit this vulnerability to take control of an affected system.

The Cybersecurity and Infrastructure Security Agency (CISA) encourages users and administrators to review the Microsoft Security Advisory and apply the necessary update.

Technical Documents

Featured Articles

Related Resources