Nov. 27, 2023

Guidance for Securing AI Issued by NSA, NCSC-UK, CISA, and Partners

FORT MEADE, Md.- The National Security Agency (NSA), UK National Cyber Security Centre (NCSC-UK), U.S Cybersecurity and Infrastructure Security Agency (CISA), and other partners have released “Guidelines for Secure AI System Development,” a Cybersecurity Information Sheet (CSI). The agencies are releasing the report to help developers, providers, and systems owners develop, deploy, and operate secure Artificial Intelligence (AI) systems, including those used in National Security Systems (NSS), by the Department of Defense (DoD), and by the Defense Industrial Base (DIB).

Oct. 10, 2023

NSA and U.S. Agencies Issue Best Practices for Open Source Software in Operational Technology Environments

The National Security Agency (NSA) is joining U.S. federal partners to release cybersecurity guidance to promote understanding of open source software (OSS) implementation and provide best practices to secure operational technology (OT) and industrial control systems (ICS) environments.

Sept. 28, 2023

NSA Releases Guidance on Acceptance Testing for Supply Chain Risk Management

The National Security Agency (NSA) has released the Cybersecurity Information Sheet (CSI) “Procurement and Acceptance Testing Guide for Servers, Laptops, and Desktop Computers” encouraging U.S. Government departments and agencies operating National Security Systems (NSS) to implement a robust supply chain risk management strategy.

Sept. 12, 2023

NSA, U.S. Federal Agencies Advise on Deepfake Threats

The National Security Agency (NSA) and U.S. federal agency partners have issued new advice on a synthetic media threat known as deepfakes. This emerging threat could present a cybersecurity challenge for National Security Systems (NSS), the Department of Defense (DoD), and DIB organizations.

June 1, 2023

U.S., ROK Agencies Alert: DPRK Cyber Actors Impersonating Targets to Collect Intelligence

The National Security Agency (NSA) is partnering with several organizations to highlight the Democratic People’s Republic of Korea’s (DPRK) use of social engineering and malware to target think tanks, academia, and news media sectors.

May 24, 2023

NSA and Partners Identify China State-Sponsored Cyber Actor Using Built-in Network Tools When Targeting U.S. Critical Infrastructure Sectors

The National Security Agency (NSA) and partners have identified indicators of compromise (IOCs) associated with a People’s Republic of China (PRC) state-sponsored cyber actor using living off the land techniques to target networks across U.S. critical infrastructure.

March 14, 2023

NSA Releases Recommendations for Maturing Identity, Credential, and Access Management in Zero Trust

The National Security Agency (NSA) released the “Advancing Zero Trust Maturity throughout the User Pillar” Cybersecurity Information Sheet (CSI) today to help system operators’ mature identity, credential, and access management (ICAM) capabilities to effectively mitigate certain cyber threat techniques.

Feb. 22, 2023

NSA Releases Best Practices For Securing Your Home Network

FORT MEADE, Md. — The National Security Agency (NSA) released the “Best Practices for Securing Your Home Network” Cybersecurity Information Sheet (CSI) today to help teleworkers protect their home networks from malicious cyber actors.

Feb. 9, 2023

U.S., South Korean Agencies Partner to #StopRansomware Threat from DPRK

FORT MEADE, Md. — The National Security Agency (NSA) partnered with U.S. and South Korean government agencies to release a joint Cybersecurity Advisory today about the Democratic People's Republic of Korea (DPRK) ransomware threat.

Jan. 18, 2023

NSA Publishes Internet Protocol Version 6 (IPv6) Security Guidance

FORT MEADE, Md. — The National Security Agency (NSA) published guidance today to help Department of Defense (DoD) and other system administrators identify and mitigate security issues associated with a transition to Internet Protocol version 6 (IPv6).