You are here

Cyberthreat

Vulnerability Disclosure Program Policy and Rules of Engagement

In accordance with Section 101 and Title I of the SECURE Technology Act (P.L. 115-390), this policy provides security researchers with clear guidelines for (1) conducting vulnerability and attack vector discovery activities directed at Department of Homeland Security (DHS) systems and (2) submitting those discovered vulnerabilities. This policy has been developed in consultation with the Attorney General, the Secretary of Defense, the Administrator of GSA, and non-governmental security researchers.

CISA Statement on Iranian Cybersecurity Threats

In response to reports of an increase in cybersecurity threats, the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) Director Christopher C. Krebs issued the following statement:

“CISA is aware of a recent rise in malicious cyber activity directed at United States industries and government agencies by Iranian regime actors and proxies. We will continue to work with our intelligence community and cybersecurity partners to monitor Iranian cyber activity, share information, and take steps to keep America and our allies safe.

Written testimony of NPPD for a House Homeland Security Subcommittee on Cybersecurity & Infrastructure Protection and House Armed Services Subcommittee on Emerging Threats & Capabilities hearing regarding Interagency Cyber Cooperation

U.S. Department of Homeland Security (DHS) National Protection and Programs Directorate (NPPD) Office of Cybersecurity and Communication Assistant Secretary Jeanette Manfra addresses DHS’ ongoing and collaborative efforts to strengthen the cybersecurity of the Nation’s critical infrastructure.

Cyber Storm V: Testing the Nation’s Ability to Respond to Significant Cyber Incidents

Cyber threats to critical infrastructure remain one of our Nation’s most serious security and economic sustainability challenges. With over 80 percent of critical infrastructure owned by the private sector, and with millions of cyber-dependent equities owned by individuals or federal, state, local, tribal, and territorial (SLTT) entities and agencies, securing cyberspace must be achieved collaboratively. Exercises are critical to testing this coordination, and more importantly, to building and maintaining strong relationships among the cyber incident response community.

Pages

Subscribe to Cyberthreat
Back to Top