This report summarizes U.S. Coast Guard Cyber Command’s (CGCYBER) findings from calendar year 2023 and the associated mitigation recommendations. CGCYBER continues to expand its presence and navigate an increasingly interconnected marine environment. As we witness a surge in technological advancements, the organizations that facilitate the exchange of goods face evolving cyber threats, demanding our unwavering attention and concerted action.

This cybersecurity information sheet (CSI) provides recommendations for maturing data security and enforcing access to data at rest and in transit, ensuring that only those with authorization can access the data. It further discusses how these capabilities integrate into a comprehensive Zero Trust (ZT) framework.

This report summarizes the recommendations and observations identified through each exercise. The recommendations are intended to help electric utilities, government partners, the E-ISAC, and other stakeholders prepare for and respond to security incidents that affect the North American electricity system.

The DIB Cybersecurity Strategy ensures that we remain on the cutting edge of what it takes to secure our infrastructure. It requires us foremost to coordinate and collaborate across the Department to identify and close gaps in protecting our DIB networks, supply chains, and other critical resources. In it, we have identified opportunities where we can bolster the cybersecurity of the DIB, align the Department's focus on systemic challenges, and provide solutions that deliver the highest return on investment.

The "ENISA Foresight Cybersecurity Threats for 2030" study provides an in-depth analysis of potential cybersecurity threats expected in 2030. Using a multidimensional approach, this second iteration, first released in 2022, updates the top ten threats and trends, highlighting significant developments and evolving challenges in cybersecurity.

This guide provides an overview of the denial-of-service (DoS) and DDoS landscapes, including attack types, motivations, and potential impacts on government operations, as well as practical steps on implementing preventative measures, and incident response for each of the defined DDoS and DoS technique types.

This document provides a comprehensive overview of the urgent risk posed by Peoples Republic of China (PRC) state-sponsored cyber actors known as Volt Typhoon. PRC-backed cyber actors targeting critical infrastructure, aiming to disrupt services amid geopolitical tensions. Issued by CISA, NSA, FBI, and partners, it calls for enhanced cybersecurity defenses against these sophisticated threats.

Part 2C Division 2 Security of Critical Infrastructure Act 2018 Guidance. The document outlines essential strategies for crafting incident response plans, emphasizing preparedness for cyber incidents and alignment with overall cyber security strategies. It details the importance of managing incidents effectively, from detection through to post-incident analysis, to strengthen cyber resilience and recovery capabilities.

Part 2C Division 3 Security of Critical Infrastructure Act 2018 Guidance. The document outlines guidelines for cyber security exercises under the Enhanced Cyber Security Obligations, highlighting the importance of timeframes for issue resolution, distinct and reasoned recommendations, and alignment between exercise outcomes and the broader security testing and assurance program.