The US Cybersecurity and Infrastructure Security Agency (CISA) on Monday said it is officially changing the way it disseminates online security updates and guidance.
CISA says the enhanced information dissemination system will from now on use social media and email only to disperse cybersecurity alerts and advisories, saving its landing page for more critical warnings.
Critical warnings are being classified by the agency as “urgent information tied to emerging threats or major cyber activity.”
America’s cyber watchdog agency, kicking off the permanent changes on Monday, posted an announcement to both its website and its X account, “@cyberCISA.”
“Starting May 12, we are enhancing how we announce #cybersecurity guidance releases and updates, including #ICSAdvisories & #KEVCatalog additions,” CISA posted.
“Subscribe now to stay informed & receive timely notifications,” the agency urged its followers.
The cyber agency said the changes were designed to make sure the most pressing threats show up front and center on its website, adding that its decision was largely based on stakeholder feedback.
“CISA wants this critical information to get the attention it deserves and ensure it is easier to find,” it said.
As part of the changes, ICS or Industrial Control Systems advisories will no longer be listed on the CISA Cybersecurity Alerts & Advisories webpage.
Additionally, information released about new additions to the ‘Known Exploited Vulnerabilities Catalog, or ‘KEV Catalog,’ will no longer be available through a subscriber’s RSS feed.
Security professionals and other like-minded individuals can also stay up-to-date on all the latest breaking news, alerts, guidance, releases, and advisories by subscribing to receive email notifications at CISA.gov.
Industrial Control Systems automate processes for the nation’s critical infrastructure sectors such as manufacturing, power grids, oil and gas, transportation, water treatment plants, and more.
Made up of sensors, hardware, software, and more, these complex, critical systems – at one point isolated from the internet – are now much more vulnerable due to their advanced technologies and increased necessity for real-time interconnectivity with the internet.
The KEV Catalog allows organizations to stay on top of trending threats so network defenders can protect against the latest vulnerabilities and trending threats.
(Image courtesy: Bleeping computers)
