NSA News & Highlights

Results:
Tag: cybersecurity

NSA joins CISA and others in releasing: A Shared Vision Of Software Bill Of Materials (SBOM) For Cybersecurity

Sept. 3, 2025

NSA, CISA, and Others Release a Shared Vision of Software Bill of Materials (SBOM)

FORT MEADE, Md —

FORT MEADE, Md. - The National Security Agency (NSA) is joining the Cybersecurity and Infrastructure Security Agency (CISA) and others to release the Cybersecurity Information Sheet (CSI), “A Shared Vision of Software Bill of Materials (SBOM) for Cybersecurity,” to inform producers, choosers, and operators of software of the advantages of integrating SBOM generation, analysis, and sharing into existing security processes and practices.

NSA, CISA, FBI and others are releasing the joint Cybersecurity Advisory, "Countering Chinese State-Sponsored Actors Compromise of Networks Worldwide to Feed Global Espionage System"

Aug. 27, 2025

NSA and Others Provide Guidance to Counter China State-Sponsored Actors Targeting Critical Infrastructure Organizations

FORT MEADE, Md. – The National Security Agency (NSA) and other U.S. and foreign organizations are releasing a joint Cybersecurity Advisory to expose advanced persistent threat (APT) actors sponsored by the Chinese government targeting telecommunications, government, transportation, lodging, and military infrastructure networks globally and outline appropriate mitigation guidance.

NSA joins CISA and others in releasing "Foundations for OT Cybersecurity: Asset Inventory Guidance for Owners and Operators", a cybersecurity technical report.

Aug. 13, 2025

NSA Joins CISA and Others to Share OT Asset Inventory Guidance

FORT MEADE, Md. - The National Security Agency (NSA) is joining the Cybersecurity and Infrastructure Security Agency (CISA) and others to release the Cybersecurity Technical Report (CTR), “Foundations for OT Cybersecurity: Asset Inventory Guidance for Owners and Operators.”

NSA joins CISA, FBI, and DC3 in releasing, "Iranian Cyber Actors May Target Vulnerable U.S. Networks and Entities of Interest", a cybersecurity information sheet.

June 30, 2025

NSA, CISA, FBI, and DC3 Warn Iranian Cyber Actors May Target Vulnerable U.S. Networks and Entities of Interest

FORT MEADE, Md. - The National Security Agency, the Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigations (FBI), and the Department of Defense Cyber Crime Center (DC3) have released the joint Cybersecurity Information Sheet (CSI), “Iranian Cyber Actors May Target Vulnerable U.S. Networks and Entities of Interest.”

Memory Safe Languages: Reducing Vulnerabilities in Modern Software Development

June 24, 2025

NSA and CISA Release CSI Highlighting Importance of Memory Safe Languages in Software Security

FORT MEADE, Md. - The National Security Agency and the Cybersecurity and Infrastructure Security Agency (CISA) have released a joint Cybersecurity Information Sheet (CSI) to highlight the importance of adopting memory safe languages (MSLs) in improving software security and reducing the risk of security incidents.

Implementing SIEM and SOAR Platforms

May 27, 2025

NSA, ASD’s ACSC, and other agencies publish three Cybersecurity Information Sheets with guidance on SIEM and SOAR implementation

FORT MEADE, Md. - The National Security Agency (NSA) has joined the Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) and other agencies to release three publications providing guidance for cybersecurity executives and network defenders to consider when implementing Security Information and Event Management (SIEM) and Security Orchestration, Automation, and Response (SOAR) platforms.

Cybersecurity Advisory (CSA): Russian GRU Targeting Western Logistics Entities and Technology Companies

May 21, 2025

NSA and Others Publish Advisory Warning of Russian State-sponsored Cyber Campaign Targeting Western Logistics and Technology Entities

FORT MEADE, Md. - The National Security Agency (NSA) is joining several United States and foreign entities to release the Cybersecurity Advisory (CSA), “Russian GRU Targeting Western Logistics Entities and Technology Companies,” to call attention to a Russia state-sponsored cyber campaign targeting Western government organizations and commercial logistics entities, transportation services, and technology companies, including those involved in providing assistance to Ukraine.

Cybersecurity Technical Report (CTR): Operational Technology Assurance Partnership: Smart Controller Security within National Security Systems

April 23, 2025

NSA Publishes Recommendations for Smart Controller Security Controls and Technical Requirements for OT Environments

FORT MEADE, Md. – The National Security Agency (NSA) is releasing a Cybersecurity Technical Report (CTR) to share recommendations for security policies and technical requirements for operational technology (OT) smart controller devices installed in National Security Systems (NSS).

NSA Codebreaker Challenge Trophy

April 15, 2025

Georgia Tech Wins NSA's Codebreaker Challenge for Fourth Consecutive Year

FORT MEADE, Md. – For the fourth consecutive year, the Georgia Institute of Technology (Georgia Tech) took first place in the National Security Agency’s annual Codebreaker Challenge (CBC).
 

Graphic with the NSA official seal in the corner and text saying, "NSA and others are releasing 'Closing the Software Understanding Gap' Cybersecurity Information Sheet".

Jan. 16, 2025

NSA Jointly Releases Recommendations for Closing the Software Understanding Gap

FORT MEADE, Md. – A report released by the National Security Agency (NSA), the Cybersecurity and Infrastructure Agency (CISA), the Defense Advanced Research Projects Agency (DARPA), and the Office of the Under Secretary of Defense for Research and Engineering (OUSD R&E) urges a national effort to better understand the behavior of software underpinning national security and critical infrastructure systems.