Networking for Cybersecurity Experts

🚨CISA Releases Guidance on Modern Approaches to Network Security🚨 The Cybersecurity and Infrastructure Security Agency (CISA), America's Cyber Defense Agency, and several partners have just released a comprehensive guide on modern approaches to network access security. This report emphasizes the limitations and vulnerabilities of traditional VPN solutions and advocates for adopting more robust and fine-grained security models like Secure Access Service Edge (SASE) and Secure Service Edge (SSE). Key Takeaways: 🔹 VPN Challenges: VPNs are prone to limitations while providing encrypted tunnels for remote access. These issues can expose organizations to significant risks and breaches. 🔹 Value of SASE & SSE: SASE and SSE focus on secure access to web services and applications, combining capabilities like Zero Trust Network Access, secure web gateways, and cloud access security brokers, ensuring all access is continuously verified. Together, they streamline security policies and offer seamless, secure access to data across hybrid environments. 🌐🔒 🔹 Implement Network Segmentation: Network segmentation is crucial for limiting the spread of attacks within an organization. Organizations can contain potential breaches and minimize the impact on critical systems by dividing the network into smaller, isolated segments. 🔀 🔹 Validate Vulnerability Scans on All Public-Facing Enterprise Assets: Regular vulnerability scans on public-facing assets are essential to identify and remediate potential security gaps. Ensuring that these scans are thorough and validated helps maintain a robust security posture and protects against external threats. 🛡️ Organizations transitioning from traditional VPNs to modern network access solutions can significantly benefit from the strategies and best practices outlined in this guide. Implementing these modern approaches strengthens security and aligns with Zero Trust principles, ensuring a more secure and resilient infrastructure. (Full disclosure: I participated in initial discussions about this guidance before leaving CISA earlier this year. Having been in the networking space for almost 30 years, this type of guidance is critical to help shape discussions on how network security is evolving and supports a Zero Trust mindset in new ways). #ZeroTrust #Technology #CloudComputing #SoftwareEngineering

IMPORTANT READ: This past week, the President’s Council of Advisors on Science and Technology or PCAST (https://lnkd.in/eRJs9t4s) released a report on strengthening the resilience of our nation’s cyber-physical systems. The report is particularly relevant to our Team at the Cybersecurity and Infrastructure Security Agency where our mission is to lead the national effort to understand, manage, and reduce risk to the cyber and physical infrastructure Americans rely on every hour of every day. Indeed, as the report notes, these systems are the integrated digital and infrastructural resources crucial to our lives, including the electrical grid, water systems, telecommunications, banking, air traffic control, and much more. Kudos to Phil Venables, Eric Horvitz, and team for the great work on this effort. The report's call for more urgent action on cyber-physical resilience is timely and aligns well with the work we're doing at CISA along with our federal, state and local, and industry partners, especially as we consider the very real threats we are facing to our critical infrastructure from PRC cyber actors. Key recommendations are highlighted below, but the report is definitely worth reading in full. In particular, I recommend pages 27-29 which highlights a really useful set of leading indicator metrics, which we plan to incorporate into our Shields Ready campaign. (https://lnkd.in/en_yUpak) 1. Establish performance goals. We recommend that you task CISA, building off its efforts to develop both Cybersecurity Performance Goals and Physical Security Performance Goals, to work with Sector Risk Management Agencies and their Sector Coordinating Councils to create an integrated set of Critical Infrastructure Performance Goals that define minimum viable delivery objectives for services integral to our daily lives. 2. Bolster and Coordinate Research and Development. We recommend that you ask CISA, in partnership with SRMAs and SCCs, to task the National Risk Management Center to develop a National Critical Infrastructure Observatory to enable us to better understand the weaknesses and strengths of our infrastructure. 3. Break Down Silos and Strengthen Government Cyber-Physical Resilience Capacity. We recommend you direct cabinet secretaries of the agencies responsible for our national critical infrastructure to fully resource their SRMAs with greater capabilities to support the cyber-physical resilience goals of our critical infrastructure sectors. 4. Develop Greater Industry, Board, CEO, and Executive Accountability and Flexibility. We recommend you direct CISA to work with SRMAs and SCCs to increase the expectations that boards, CEOs, and other executives, as the owners and operators of our critical infrastructure, contribute more time and resources to ensure infrastructure is reliable and resilient. https://lnkd.in/e_gvxJbu

I have just been reading the Government’s new Cyber Action Plan... It openly states that cyber risk across the public sector is critically high and that outages and attacks, like the British Library ransomware incident and the Synnovis disruption, are no longer rare events. They’re regular, costly and affecting essential services people rely on every day. What I appreciate most in the report is the honesty: too many systems are old, fragile and inconsistent. Too many teams are left to cope alone. And when something goes wrong, the impact is immediate and real. The plan puts a stronger central model in place, clearer accountability for leaders, proper support for teams, better visibility of risk and a new Government Cyber Unit to drive action. It’s a big cultural shift, moving from siloed effort to “Defend as One.” For those of us working with schools, nurseries, care organisations, councils and other public sector bodies every day, this direction matters. It reinforces what we already see on the ground: cyber resilience isn’t optional infrastructure. It’s the foundation that keeps vital services running. If the public sector succeeds with this, it raises the bar for everyone. Lin in the comments to the full report. #CyberSecurityUK #PublicSectorSecurity #GovCyber #CyberResilience

🔥 Australia just turned up the heat on digital resilience. With the Cyber Security Bill 2024 now passed, compliance is no longer optional—it’s the law.  The newly law that passed both Houses yesterday, pushes all levels of government and public sector entities toward stronger digital resilience. While some may argue we’re behind global standards like GDPR, this legislation lays the groundwork for a unified, proactive approach to cyber risk management. Read details here: https://lnkd.in/gXnBwzqP Key Changes You Need to Know: 1️⃣ Baseline Standards: Mandatory cyber security requirements for all levels of government, setting a uniform defense against growing threats. 2️⃣ Ransomware Transparency: Report ransomware payments within 72 hours to boost national response capabilities. 3️⃣ Supply Chain Security: No more passing the buck - organisations must secure their third-party ecosystems. 4️⃣ Centralised Incident Leadership: A Cyber Incident Review Board and National Cyber Security Coordinator to streamline responses to significant breaches. 5️⃣ Accountability at the Top: Leaders are on the hook, with penalties for non-compliance. What This Means for Decision-Makers: 🔹 Build Resilience: Proactive risk management and regular incident simulations. 🔹 Vendor Partnerships: Choosing secure, compliant vendors isn’t optional anymore. 🔹 Team Readiness: Equip your workforce to meet rigorous reporting and operational requirements. 🔖 The Big Question: Cyber security is now a boardroom conversation. Are your governance frameworks ready for this new era of cyber accountability?

As cyberattacks and ransomware incidents continue to pose a significant threat to important installations and government offices, the recent guidelines issued by the IT Ministry's CERT-In are a crucial step towards safeguarding our digital ecosystem. Covering a wide range of security domains, the guidelines emphasize the need for proactive measures across network security, identity and access management, application security, data security, third-party outsourcing, hardening procedures, security monitoring, incident management, and security auditing. By adhering to these practices, organizations can effectively assess their security posture and address any vulnerabilities or weaknesses within their systems. Furthermore, the guidelines highlight the importance of identifying and classifying sensitive/personal data, along with the implementation of encryption measures for data protection both in transit and at rest. Deploying robust data loss prevention (DLP) solutions and processes is also recommended to prevent unauthorized access and potential data breaches. As cybersecurity experts, it is our responsibility to assist organizations in understanding and implementing these guidelines effectively. By collaborating with audit teams and promoting cyber hygiene, we can help organizations bolster their defenses, build resilient systems, and create a safer digital environment for all. The government's commitment to an open, safe, trusted, and accountable digital space is evident through these initiatives. Let us leverage our expertise to support this endeavor, focusing on enhancing capabilities, fortifying systems, fostering human resources, and raising awareness. Together, we can strengthen the cybersecurity landscape and ensure a secure digital future. #Cybersecurity #InformationSecurity #Guidelines #DataLossPrevention #DigitalSafety #DataProtection #DataSecurity #SecureDigitalFuture

U.S. Agencies Warn Iranian Hackers Are Escalating Attacks on Critical Infrastructure The Federal Bureau of Investigation, National Security Agency, Cybersecurity and Infrastructure Security Agency, and the Department of Energy have jointly warned that Iran-backed hackers are intensifying cyber operations targeting American critical infrastructure amid escalating geopolitical tensions tied to the U.S.-Israel conflict with Iran. According to the advisory, Iranian-linked threat actors are targeting internet-facing industrial systems used in sectors including water utilities, wastewater management, local government operations, and energy infrastructure. Officials stated the attacks have already caused operational disruption and financial losses inside the United States. The hackers reportedly focused on industrial control technologies such as programmable logic controllers and SCADA systems, which manage and automate physical infrastructure operations. These systems are widely used in utilities, manufacturing, energy distribution, transportation, and municipal infrastructure. Compromising them can allow attackers to manipulate operational displays, disrupt services, damage equipment, or interfere with industrial processes. The warning highlights how modern geopolitical conflicts increasingly extend into cyberspace, where state-aligned actors can target civilian infrastructure far from conventional battlefields. Cyber operations provide adversaries with relatively low-cost asymmetric capabilities capable of generating economic disruption, public anxiety, and strategic pressure without direct military confrontation. The advisory also reinforces long-standing concerns about the vulnerability of critical infrastructure systems that were originally designed for operational reliability rather than internet-connected cybersecurity resilience. Many industrial control environments still operate with outdated software, weak segmentation, and limited defensive monitoring capabilities. Government agencies urged organizations to strengthen cybersecurity practices, reduce exposure of internet-facing systems, implement multifactor authentication, monitor anomalous activity, and isolate operational technology networks from broader corporate IT environments whenever possible. Key Takeaways for the material are that Iranian cyber operations are increasingly targeting American infrastructure systems, industrial control technologies remain highly vulnerable attack surfaces, and geopolitical conflict is rapidly expanding into civilian cyber domains. The broader implication is that future warfare may increasingly involve persistent cyber pressure against critical infrastructure rather than traditional battlefield engagements alone. National resilience may depend not only on military strength, but also on the cybersecurity maturity of utilities, municipalities, transportation systems, and industrial networks that underpin modern society. Keith King https://lnkd.in/gHPvUttw

The first five months of 2026 have made one thing incredibly clear: the intersection of government and cybersecurity is moving at machine speed. The rapid evolution of artificial intelligence, intense geopolitical friction, and a string of high-profile breaches since January have fundamentally reshaped the threat landscape. The most pressing issues facing governments and cyber defenders right now come down to five major trends. 1. The Weaponization of Autonomous "Agentic AI" The Threat: These AI agents can autonomously perform network reconnaissance, adapt malware on the fly to bypass specific security patches, and move laterally through government systems without human intervention. The Impact: Defensive Security Operations Centers (SOCs) are being forced to pivot to their own AI-driven defense models just to keep up with the automated speed of these attacks. 2. Mass Credential Exposures & The Death of Identity Verification Governments are dealing with a massive surge in compromised administrative credentials, rendering traditional password-based security virtually useless. Federal & State Exposure: In April 2026, a massive security report revealed that over 3,500 U.S. state legislators' emails and passwords had been dumped on the dark web, opening the door for massive lateral access into state networks. Deepfakes in the Government: Real-time video and audio deepfakes have advanced to the point where they are actively used to bypass identity verification. 3. Targeted Attacks on Municipalities & Critical Infrastructure Rather than always swinging for major federal networks, attackers in 2026 are aggressively targeting localized "soft targets"—local governments and utilities—where cybersecurity budgets are thin. Los Angeles Data Breach (March 2026): A massive breach at the LA City Attorney's Office exposed 7.7 terabytes of data, including sensitive law enforcement records, after attackers compromised a third-party file transfer system. Water & Local Services (March/April 2026): A ransomware attack hit the water treatment facility in Minot, North Dakota, forcing operators to run the plant using manual gauges. Weeks later, Winona County, Minnesota, had to declare a local emergency and call in the National Guard after a cyberattack crippled the DMV and vital records systems. 4. Software Supply Chain Fragility Attackers have realized they don't need to break through a government agency’s heavily fortified front door if they can slip through a third-party vendor's back door. Governments rely on sprawling networks of remote managed service providers (MSPs), cloud platforms, and open-source code libraries. A single vulnerability in a widely used third-party tool is now resulting in cascading breaches across dozens of interconnected public agencies simultaneously. The 2026 Bottom Line:** The old framework of "preventing" a hack is officially dead.

Example of our teams using AI reasoning from public text-based modality sources to support oversight and human decision making. https://lnkd.in/eq2yeq4a Leveraging AI-powered OSINT tactics with deep search reasoning to deliver cybersecurity solutions tailored to public sector needs. By analyzing public records, legislation, and more, firms can align offerings with agency priorities, ensuring compliance, efficiency, and trust. Key sources to explore: ✅ Procurement & Budgets: Platforms like SAM.gov or CA’s eProcure reveal needs (e.g., cloud security). Propose solutions like modernized threat detection to match fiscal goals. ✅ Proposed public statute: Track CA’s Legislative Information site for cybersecurity mandates, positioning solutions as compliance enablers. ✅ Open Meetings: Bagley-Keene meeting minutes highlight business priorities tied IT modernization needs to ultimately support our communities.  ✅ Additional Sources: Public budgets (ebudget.ca.gov), audit reports, and social media reveal IT trends and pain points, enabling precise pitches for things like MDR or identity management. Business Value: ✅ Cost Reduction: Map to risk reduction quantitatively. Prevent breaches (avg. $4.88M per IBM’s 2024 report) with efficient security controls (In quantitative terms the business can relate to). ✅ Efficiency: Automate compliance for overstretched IT teams. ✅ Trust: Align with public sector values like transparency. Ready to align your solutions with public sector? Use solutions to provide actionable insights. Share your ideas for delivering measurable value to agencies in the comments!

The White House just released Cyber Strategy for America. If you work in cybersecurity, AI, infrastructure, or emerging tech… this document is worth understanding. It lays out six major policy pillars shaping how the federal government plans to approach cybersecurity going forward: ➤ Shaping adversary behavior ➤ Streamlining cybersecurity regulation ➤ Modernizing and securing federal networks ➤ Securing critical infrastructure ➤ Sustaining superiority in emerging technologies like AI and quantum ➤ Building America’s cyber workforce Whether you agree with every policy direction or not, strategies like this often translate directly into federal priorities, budgets, and contract opportunities. For government contractors, that means paying attention to signals like: 👉 Increased focus on AI-enabled cybersecurity 👉 Zero-trust and post-quantum security adoption 👉 Protecting critical infrastructure and supply chains 👉 Greater public-private collaboration in cyber defense These themes will likely influence agency priorities, funding decisions, and procurement over the next several years. Understand this strategic document, then consider sharing the key points with your customers or target customers as a way to demonstrate your SME and thought leadership value. ___________________________________ 🔥 Join 28,804 others and subscribe to our GovCon newsletter | https://lnkd.in/es6qfwgk 👀 Follow me (Neil McDonnell) on LinkedIn™ and hit the 🔔 on my profile to see more government contracting content like 44,964 other people do.

Over the last 5 years working in the GovTech and cybersecurity space, I’ve picked up a lot of gems — but here’s one that a lot of people sleep on: 🎯 If you work in government tech and have a .gov or .mil email address, you can attend many government-focused cybersecurity conferences for FREE. Yes, free. I’ve been to multiple cyber and GRC-related conferences without paying a dime — simply because I used my official government email. These conferences are packed with value: ✅ Networking with decision-makers ✅ Real-time updates on federal cyber policy ✅ Deep dives into RMF, NIST 800-53, Zero Trust, and more ✅ Career-changing connections I see a lot of people stressing over conference prices, but if you’re in the public sector, this is one of the biggest hacks to save money and still level up. So if you're in the GovTech or defense space and looking to grow — use what you already have to gain access. Don’t sleep on this. #Cybersecurity #GovTech #GRC