Resource Center

The DoD Cybersecurity Reciprocity Playbook is designed to provide clear, credible information on key Department priorities for employing cybersecurity reciprocity in DoD systems, consistent with DoD Instruction (DoDI) 8510.01, “Risk Management Framework for DoD Systems”

This guidance, developed by ABI, BIBA, IUA, and NCSC, is for organisations facing ransomware attacks and their partners. It aims to reduce business disruption and costs, the number of ransoms paid by UK victims, and the size of ransoms when payment is chosen.

This document is intended to provide implementation guidance for federal agencies to meet federal requirements related to encryption DNS traffic and enhance the cybersecurity posture of their IT networks, as set forth in OMB Memorandum M-22-09.1 The Memorandum sets forth a “zero trust” cybersecurity strategy for FCEB agencies.

Choosing secure and verifiable technologies. Customers have the responsibility for evaluating the suitability, security and risks associated with acquiring and operating a digital product or service. However, it is important that customers increasingly demand manufacturers embrace and provide products and services that are secure-by-design and secure-by-default.

This is the second iteration of the NCSIP, building upon the first version released in July 2023.  The NCSIP Version 2 describes 100 high-impact initiatives requiring executive visibility and interagency coordination that the Federal Government is pursuing to achieve the Strategy’s objectives. These initiatives carry over from, add to, and build upon the initiatives described in the first NCSIP, and advance the nation closer toward the Strategic Objectives sought in the National Cybersecurity Strategy.

The guidelines specifically address risks to safety and security, which are uniquely consequential to critical infrastructure. NIST defines “safety” as a property of a system such that it does not, under defined conditions, lead to a state in which human life, health, property, or the environment is endangered; safety involves reducing both the probability of expected harms and the possibility of unexpected harms. Because AI risks to critical infrastructure are highly contextual, critical infrastructure owners and operators who use AI-systems should account for their specific circumstances as they use these guidelines.

This report was prepared pursuant to the Executive Order (E.O.) on the Safe, Secure, and Trustworthy Development and Use of AI (14110), issued October 30, 2023. Priority use cases have been identified in four broad areas where AI can be immediately deployed to improve the grid while achieving the Administration’s goals for reducing emissions and providing affordable and reliable electricity to all Americans: grid planning, permitting and siting, operations and reliability, and resilience.

This report summarizes U.S. Coast Guard Cyber Command’s (CGCYBER) findings from calendar year 2023 and the associated mitigation recommendations. CGCYBER continues to expand its presence and navigate an increasingly interconnected marine environment. As we witness a surge in technological advancements, the organizations that facilitate the exchange of goods face evolving cyber threats, demanding our unwavering attention and concerted action.

This cybersecurity information sheet (CSI) provides recommendations for maturing data security and enforcing access to data at rest and in transit, ensuring that only those with authorization can access the data. It further discusses how these capabilities integrate into a comprehensive Zero Trust (ZT) framework.