NSA News & Highlights

Results:
Tag: Enduring Security Framework

ESF: Recommendations for Increasing U.S. Participation & Leadership in Standards Development Graphic

July 30, 2024

NSA Publishes Enduring Security Framework Document Providing Recommendations for U.S. Government, Industry, and Academia to Engage Standards Development Organizations

FORT MEADE, Md. – As technology continues to develop at an increasingly rapid pace, the U.S. needs to participate in and position itself as the leader in the creation of global standards, according to an Enduring Security Framework (ESF) report released today by the National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA). 

ESF: Securing the Software Supply Chain: Recommended Practices for Managing Open Source Software and Software Bill of Materials Graphic

Dec. 11, 2023

NSA and ESF Partners Release Recommended Practices for Managing Open Source Software and Software Bill of Materials

FORT MEADE, Md. – The National Security Agency (NSA), Office of the Director of National Intelligence (ODNI), the Cybersecurity and Infrastructure Security Agency (CISA), and industry partners have released a cybersecurity technical report (CTR), “Securing the Software Supply Chain: Recommended Practices for Managing Open Source Software and Software Bill of Materials,” which builds on the “Enhancing the Security of the Software Supply Chain through Secure Software Development Practices” paper [link] released by the Office of Management and Budget (OMB).  

CTR: Securing the Software Supply Chain: Recommended Practices for Software Bill of Materials Consumption graphic.

Nov. 9, 2023

NSA and ESF Partners Release Recommended Practices for Software Bill of Materials Consumption

The National Security Agency (NSA), Office of the Director of National Intelligence (ODNI), the Cybersecurity and Infrastructure Security Agency (CISA), and industry partners have released a cybersecurity technical report (CTR), “Securing the Software Supply Chain: Recommended Practices for Software Bill of Materials Consumption.”

Developer and Vendor Challenges. Identity and Access Management.

Oct. 4, 2023

NSA and ESF Partners Release Report on MFA and SSO Challenges

The National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and industry partners have released a cybersecurity technical report (CTR), “Developer and Vendor Challenges to Identity and Access Management,” to provide developers and vendors of multi-factor authentication (MFA) and single sign-on (SSO) technologies with actionable recommendations to address key challenges in their products.

5G Security Guidance by ESF

July 17, 2023

ESF Members NSA and CISA Publish Second Industry Paper on 5G Network Slicing

Today, Enduring Security Framework (ESF) partners the National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) published an assessment of 5G network slicing. ESF, a public-private cross-sector working group led by NSA and CISA, identifies three keys for keeping this emerging technology secure: Security Consideration for Design, Deployment, and Maintenance.

Identity and Access Management Recommended Best Practices for Administrators

March 21, 2023

ESF Partners, NSA, and CISA Release Identity and Access Management Recommended Best Practices for Administrators

As part of the Enduring Security Framework (ESF), the National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) published the Recommended Best Practices Guide for Administrators to provide system administrators with actionable recommendations to better secure their systems from threats to Identity and Access Management (IAM).

ESF Potential Threats to 5G Network Slicing

Dec. 13, 2022

ESF Members NSA and CISA Provide Threat Assessment, Best Practices for 5G Network Slicing

FORT MEADE, Md. — Today, Enduring Security Framework (ESF) partners, along with experts from the National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA), published their assessment of potential threats associated with 5G network slicing and strategies to help keep this emerging tech secure.

NSA Cybersecurity Collaboration Center Speaker Series

Nov. 21, 2022

Cybersecurity Speaker Series: 5G Security Impacts National Security

FORT MEADE, Md. — The National Security Agency (NSA) Cybersecurity Collaboration Center released the latest video in its Cybersecurity Speaker Series today, focusing on how 5G security factors into national security. The Speaker Series provides a forum for NSA to share insights, lessons, and contributions of its work in cybersecurity.

ESF: Securing the Software Supply Chain for Customers

Nov. 17, 2022

ESF Partners, NSA, and CISA Release Software Supply Chain Guidance for Customers

FORT MEADE, Md. — The National Security Agency (NSA) and the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) released Securing the Software Supply Chain for Customers today.

Securing the Software Supply Chain: Recommended Practices Guide for Suppliers.

Oct. 31, 2022

ESF Partners, NSA, and CISA Release Software Supply Chain Guidance for Suppliers

The National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and Office of the Director of National Intelligence (ODNI) released Securing the Software Supply Chain: Recommended Practices Guide for Suppliers today. The product is through the Enduring Security Framework (ESF)  — a public-private cross-sector working group led by NSA and CISA that provides cybersecurity guidance to address high priority threats to the nation’s critical infrastructure.