National Security Agency

Today, we pause to remember and honor the lives lost on September 11, 2001. At NSA, we remain steadfast in our mission to protect our nation and prevent such tragedies. We stand united with all Americans, and we will never forget.

NSA is joining Cybersecurity and Infrastructure Security Agency and others to release the Cybersecurity Information Sheet (CSI), “A Shared Vision of Software Bill of Materials (SBOM) for Cybersecurity,” to inform producers, choosers, and operators of software of the advantages of integrating SBOM generation, analysis, and sharing into security processes and practices. Software developers and procurement organizations, especially those within and for National Security Systems, the Department of Defense, and the Defense Industrial Base, should review our guidance to better understand the advantages of integrating SBOM generation, analysis, and sharing into existing security processes and practices. https://lnkd.in/e6VDWhrt

While workers across the U.S. enjoy their #LaborDay off, the American people can rest knowing NSA’s mission never sleeps. Thank you to the hardworking members of the NSA/CSS workforce for their incredible work and dedication to support our military and safeguard our Nation – 24/7.

Creating an asset inventory allows organizations to use the information it provides to build and deploy appropriate security controls, enhance system reliability, and invest in more defensible architecture elements. Net defenders aiming to create an operational technology (OT) asset inventory and taxonomy to increase their security posture should review the recently released guidance, “Foundations for OT Cybersecurity: Asset Inventory Guidance for Owners and Operators,” which provides clear and digestible steps and best practices for defenders and decision makers. https://lnkd.in/d43tqR6q

We’ve joined Cybersecurity and Infrastructure Security Agency, Federal Bureau of Investigation (FBI), and others to release the new Cybersecurity Advisory (CSA), “Countering Chinese State-Sponsored Actors Compromise of Networks Worldwide to Feed Global Espionage System,” to provide an overview of hunting and mitigation guidance and associated best practices related to recent Chinese cyber threat activity. Network defenders are encouraged to review the recent advisory to reduce the threat of Chinese state-sponsored actors and protect their networks. https://lnkd.in/dmwF8Ncx

Yesterday, Mr. Joseph Francescon was appointed to serve as NSA’s 21st Deputy Director and senior civilian leader. Under his leadership, NSA will continue to carry out our vital foreign signals intelligence and cybersecurity mission in support of national priorities of The White House, the United States Department of Defense, and the Office of the Director of National Intelligence. https://lnkd.in/eZr92feq

Operational Technology (OT) systems are increasingly connected to business operations, but without secure integration, these connections can open paths for cyber threats. Creating an OT asset inventory is vital for an organization’s cyber defenders to clearly identify, prevent, and respond to those threats by outlining critical OT assets, functions, and dependencies. NSA has joined the Cybersecurity and Infrastructure Security Agency and others to release the Cybersecurity Technical Report (CTR), “Foundations for OT Cybersecurity: Asset Inventory Guidance for Owners and Operators,” to provide net defenders with clear, digestible foundational steps and best practices for creating an asset inventory and developing an OT taxonomy. Review the new report to bolster your security posture and ensure the reliability of your OT environments! https://lnkd.in/d43tqR6q

This #IndependenceDay, we celebrate the freedoms and democratic values penned in the opening paragraphs of the Declaration of Independence 249 years ago. Here at NSA, we’re dedicated to affirming those values with unwavering integrity in defense of our great nation.

We published a joint fact sheet with FBI Cyber Division, DoD Cyber Crime Center (DC3), and National Security Agency urging organizations to monitor for potential targeted cyber threats against U.S. #CriticalInfrastructure. We urge critical infrastructure owners and operators to take steps to defend against potential threats and report unusual cyber activity. Find out more about this potential threat and how to bolster your defense: go.dhs.gov/wjJ

The National Security Agency and the Cybersecurity and Infrastructure Security Agency (CISA) have released the joint Cybersecurity Information Sheet (CSI), “Memory Safe Languages: Reducing Vulnerabilities in Modern Software Development,” to highlight the importance of adopting memory safe languages (MSLs) in improving software security and reducing the risk of security incidents. Memory safety effects all software development and is a critical aspect to a holistic approach to security. The importance of memory safety is critical, and the consequences of vulnerabilities can be severe, to include data breaches, system crashes, and operational disruptions. Adopting MSLs will directly improve software security for all. To strengthen national cybersecurity and reduce memory vulnerabilities, software producers, especially those for National Security Systems (NSS) and critical infrastructure, should utilize this guidance to plan for and begin using MSLs for their software systems. 🔗 Read the full report: https://lnkd.in/eeJ2SMm7