The U.S. Department of the Treasury has unveiled a new digital asset cybersecurity initiative, aimed at strengthening defenses across the rapidly growing digital asset ecosystem. The initiative, announced by the Treasury’s Office of Cybersecurity and Critical Infrastructure Protection (OCCIP), seeks to provide timely and actionable cyber threat intelligence to eligible U.S.-based digital asset firms. The move comes amid escalating cyberattacks targeting cryptocurrency platforms and follows recommendations outlined in the federal report “Strengthening American Leadership in Digital Financial Technology.”

Understanding About Digital Asset Cybersecurity Initiative 

At its core, the digital asset cybersecurity initiative will extend high-quality threat intelligence, previously reserved for traditional financial institutions—to digital asset companies and industry organizations. This includes insights that help firms detect, prevent, and respond to cyber threats affecting their platforms, customers, and infrastructure. “Digital asset firms are an increasingly important part of the U.S. financial sector, and their resilience is critical to the health of the broader system,” said Luke Pettit, Assistant Secretary for Financial Institutions. “By extending access to the same high-quality cybersecurity information used by traditional financial institutions, Treasury is helping promote a more secure and responsible digital asset ecosystem,” he added further. Eligible firms that meet Treasury criteria will receive this information at no cost, signaling a broader push to align cybersecurity standards across financial sectors.

Rising Threats Drive Urgency for Digital Asset Cybersecurity

The digital asset cybersecurity initiative comes at a time when cyber threats against cryptocurrency platforms are intensifying in both scale and complexity. Treasury officials emphasized that the initiative directly responds to this evolving threat landscape. “Cyber threats targeting digital asset platforms are growing in frequency and sophistication,” said Cory Wilson, Deputy Assistant Secretary for Cybersecurity. “This initiative expands access to actionable threat information that helps firms strengthen defenses, reduce risk, and respond more effectively to incidents.” Recent incidents emphasize the urgency. Alleged North Korean hackers reportedly stole $280 million from crypto platform Drift using a complex attack. Industry-wide losses exceeded $3.4 billion last year, with billions more lost annually over the past five years. In another case, Bitcoin ATM operator Bitcoin Depot disclosed a cyberattack on March 23 that resulted in losses exceeding $3.6 million. Additional breaches this year have reported losses of $26 million and $40 million, highlighting persistent vulnerabilities across the sector.

Government Push Amid Ongoing Crypto Crime

Despite increased enforcement efforts, cybercriminals and nation-state actors continue to exploit weaknesses in the digital asset ecosystem. U.S. authorities, including the Justice Department, have ramped up prosecutions and issued repeated warnings about infiltration attempts, particularly by North Korean threat groups. However, these measures have had limited success in curbing attacks. Threat actors continue to exploit coding flaws, social engineering tactics, and employee vulnerabilities to gain access to crypto platforms. The digital asset cybersecurity initiative is designed to complement these efforts by shifting focus toward proactive defense and real-time intelligence sharing rather than reactive enforcement alone.

Strengthening the Future of Digital Finance

Treasury officials also framed the digital asset cybersecurity initiative as a foundational step for the future of digital finance. As digital assets become more integrated into mainstream financial systems, cybersecurity is emerging as a critical pillar for sustainable growth. “This initiative reflects the principles of the GENIUS Act by promoting responsible innovation grounded in strong cybersecurity and operational resilience,” said Tyler Williams, Counselor to the Secretary for Digital Assets. “As digital assets become more integrated into the financial system, access to timely and actionable cyber threat information is essential to protecting consumers and safeguarding the stability of U.S. financial markets,” Williams added. The broader federal strategy emphasizes balancing innovation with security. The Treasury’s report highlights the need for regulatory clarity, risk mitigation, and public-private collaboration to support the long-term growth of digital assets while addressing illicit finance and cyber risks.

A Step Toward Industry-Wide Cyber Resilience

With cyberattacks continuing to disrupt the crypto ecosystem, the digital asset cybersecurity initiative represents a significant step toward improving industry-wide resilience. By bridging the gap between traditional financial cybersecurity frameworks and emerging digital asset platforms, the initiative aims to create a more secure and stable environment for innovation. As digital assets evolve from niche technology to a core component of global finance, initiatives like this may play a key role in shaping how the industry manages risk, and whether it can keep pace with increasing cyber threats.

With 90% of organizations unprepared for quantum threats, the shift to post-quantum cryptography (PQC) is a structural necessity. Explore the "harvest now, decrypt later" risk and the NIST PQC standards.

The post The Quantum Clock is Ticking and Your Encryption is Running Out of Time  appeared first on Security Boulevard.

CTG, now operating under the Cegeka Group, is rolling out a cyber resilience scoring dashboard at RSAC 2026 that boils an organization’s security posture down to one number. The dashboard consolidates results from multiple security assessments into a single view. It produces an overall resilience score, domain-level maturity indicators, and progress tracking mapped to NIST,..

The post CTG Launches Cyber Resilience Scoring Dashboard to Give CISOs a Single Risk Number appeared first on Security Boulevard.

Collaboration is more important than ever—and doable—according to the WEF’s Global Security Outlook 2026 report. 

The post Collaboration Critical As Geopolitical Pressures, AI Reshape Cybersecurity  appeared first on Security Boulevard.

The UK government is tightening its government cyber security posture with a dual strategy, faster vulnerability remediation and a long-term workforce pipeline. With cyberattacks increasingly targeting public services, the launch of a new vulnerability monitoring service (VMS) alongside the creation of a dedicated cyber profession signals a structural shift in how the state plans to defend its digital infrastructure. Public-facing systems used by millions—from the National Health Service to the Legal Aid Agency—have become prime targets for cybercriminals. The government’s latest move acknowledges a simple reality: improving government cyber security is no longer just about tools; it is about speed, coordination, and skilled people.

Vulnerability Monitoring Service Accelerates Government Cyber Security Response

At the center of the announcement is the new vulnerability monitoring service designed to detect and fix cyber weaknesses significantly faster across public sector systems. According to government data, critical vulnerabilities are now being resolved six times faster than before reducing the average remediation window from nearly 50 days to just eight. The service focuses heavily on Domain Name System (DNS) risks, often overlooked but highly dangerous. DNS weaknesses can allow attackers to redirect users to malicious websites or disrupt essential services entirely. In the context of government cyber security, even small misconfigurations can have widespread consequences. The VMS continuously scans approximately 6,000 public sector organizations and detects around 1,000 different types of vulnerabilities. By automating detection and providing actionable remediation guidance, the government has also cut the backlog of critical unresolved vulnerabilities by 75%. This shift highlights a growing trend in public sector cyber security, automation is becoming essential as threat volumes continue to rise.

Cyber Risks Now Directly Impact Public Services

Speaking at the Government Cyber Security and Digital Resilience conference, Ian Murray emphasized the real-world consequences of cyber incidents: “Cyber-attacks aren’t abstract threats — they delay NHS appointments, disrupt essential services, and put people’s most sensitive data at risk. When public services struggle it’s families, patients and frontline workers that feel it. The vulnerability monitoring service has transformed how quickly we can spot and fix weaknesses before they’re exploited so we can protect against that." Adding further, he said, "We’ve cut cyber-attack fix times by 84% and reduced the backlog of critical issues by three quarters. And as the service expands to cover more types of cyber threats, fix times are falling there too. But technology alone isn’t enough. Today I’m launching a new government Cyber Profession to attract and develop the talented people we need to stay ahead of increasingly sophisticated threats - making government a destination of choice for cyber professionals who want to protect the services that matter most to people’s lives.” His remarks underline a key insight shaping modern government cyber security strategy—technical fixes must be matched with workforce capability.

Building Long-Term Cyber Resilience Through Talent

Alongside technical improvements, the government has launched its first dedicated cyber profession program in collaboration with the Department for Science Innovation and Technology and the National Cyber Security Centre. The initiative includes a cyber academy, apprenticeship pathways, and a structured career framework aligned with national professional standards. Manchester is expected to become a central hub, reinforcing the region’s growing digital ecosystem. Richard Horne, CEO of the NCSC, highlighted the broader impact of strengthening UK cyber resilience: “Cyber security is more consequential than ever today with attacks in the headlines showing the profound impacts they can have on people’s everyday lives and livelihoods. As our public services continue to innovate, it is vital that they remain resilient to evolving threats and vulnerabilities are being effectively managed to reduce the chances of disruption. The government Cyber Action Plan is a crucial step in building stronger cyber defences across our public services and the launch of the government Cyber Profession today will help attract and retain the most talented professionals with the top-tier skills needed to keep the UK safe online.”

Why Government Cyber Security Is Becoming a Workforce Challenge

While the new vulnerability monitoring service improves detection and response speed, the creation of a cyber profession reflects a deeper structural issue—skills shortages remain one of the biggest risks to government cyber security. Recent assessments have consistently warned that public sector organizations struggle to compete with private industry for cyber talent. By formalizing cyber career pathways, the government is attempting to make public service roles more competitive and sustainable. Ultimately, the announcement shows that cyber resilience is no longer treated as an IT function but as a national capability. Faster patching reduces immediate risk, but long-term government cyber security will depend on whether the public sector can successfully attract and retain the people needed to defend increasingly complex digital systems.

India’s rapidly expanding space sector has received a major policy push with the release of new space cyber security guidelines aimed at strengthening protection across satellite and ground infrastructure. The framework, jointly developed by the Indian Computer Emergency Response Team (CERT-In) and SatCom Industry Association India (SIA-India), signals a growing recognition that cyber resilience is now as critical to space missions as launch capability itself. The guidelines were unveiled during the DefSat Conference & Expo 2026 held in New Delhi, India, at a time when satellite communication systems are increasingly becoming the backbone of connectivity, navigation, defense operations, and disaster management across the country.

Space Cyber Security Moves from Technical Layer to Strategic Priority

India’s space ecosystem is no longer limited to government-led missions. The rapid rise of private satellite operators, ground station providers, and space-tech startups has significantly expanded the attack surface. As satellite communication networks support everything from banking connectivity in remote regions to military operations, the importance of space cyber security has moved beyond technical discussions into national strategic planning. The new framework acknowledges this shift by outlining security controls across the entire satellite lifecycle, from space assets and ground stations to supply chains and user terminals. It also highlights emerging risks such as signal spoofing, unauthorized command uplinks, firmware manipulation, and ground infrastructure compromise. [caption id="attachment_109838" align="aligncenter" width="602"] Image Source: PIB[/caption] These space cyber security guidelines are advisory in nature but provide a structured baseline for organizations to assess and improve their cyber posture. Importantly, the document pushes stakeholders to adopt risk-based governance rather than reactive compliance.

A Collaborative Model for Space Sector Cyber Resilience

According to Sanjay Bahl, Director General of CERT-In, “CERT-In remains steadfast in strengthening the cyber resilience of all sectors across Bharat. Recognizing the strategic importance of space systems, including satellite communication networks, to India’s technological sovereignty and future growth, these comprehensive guidelines establish a unified and forward-looking framework by considering defense in depth, breadth and height to safeguard satellite networks, ground infrastructure, space related supply chains and space assets against the rapidly evolving and increasingly sophisticated cyber threat landscape.” The emphasis on layered defense reflects a broader industry realization—traditional IT security models are insufficient for space systems, where physical assets in orbit cannot be easily patched or replaced. Subba Rao Pavuluri, President of SIA-India, highlighted the importance of public-private collaboration: “Public Private Partnership and the considered views of industry are fundamental to strengthening cyber resilience across any sector. This joint guideline document issued by CERT-In and SIA India reflect a holistic and collaborative approach, integrating industry perspectives with the deep cyber security expertise of CERT-In. Together, they mark a significant step forward in advancing the cyber security posture of India’s space sector and reinforcing its preparedness against emerging digital threats.” The collaborative approach is particularly relevant as private players now design, launch, and operate critical satellite services.

Rising Threat Landscape Forces a Shift in Security Thinking

The urgency behind strengthening space cyber security becomes clearer when viewed against recent threat activity. Anil Prakash, Director General, SIA-India, highlighted the scale of the challenge, emphasizing that India’s expanding space ecosystem can no longer treat cybersecurity as a technical afterthought. “India’s expanding space ecosystem now requires cybersecurity to evolve from a technical afterthought into a core pillar of mission assurance. The joint framework developed with CERT-In institutionalizes resilience across satellites, ground infrastructure, and supply chains—particularly significant at a time when over 1.5 million cyberattack attempts were recorded during Operation Sindoor and attacks on government networks surged nearly sevenfold,” he said. He further explained, “In this evolving threat landscape, critical infrastructure and industry are equally vulnerable. Importantly, these cyber guidelines are based on an adaptive model and will be periodically refined through structured industry consultation to remain responsive to emerging threats and technological advancements.” Concluding with a call to action for the industry, Prakash noted, “For industry, this is a clear call to adopt secure-by-design architectures and align innovation with national security imperatives.”

Why the Space Cyber Security Framework Matters Now

The release of these space cyber security guidelines marks an important shift in how India approaches digital risk in space. Instead of reacting to incidents, the framework promotes proactive controls such as threat intelligence sharing, supply chain security validation, and governance mechanisms including the appointment of CISOs for satellite operations. More importantly, the framework positions space cyber security as a continuous process rather than a one-time compliance exercise. As satellite constellations grow and commercial launches accelerate, cyber resilience will increasingly determine operational reliability. India’s space ambitions are expanding rapidly—but without secure communication layers, innovation alone cannot sustain trust. The CERT-In and SIA-India framework is a timely reminder that the future of space is not just about reaching orbit—it is about securing it.

Organizations today continuously face a number of fast-moving cyber threats that regularly challenge the effectiveness of their cybersecurity defenses. However, to keep pace, businesses need a proactive and adaptive approach to their security planning and execution.

Cyber threat exposure management (CTEM) is an effective way to achieve this goal. It provides organizations with a reliable framework for identifying, assessing and mitigating new cyber risks as they materialize.

The importance of developing cybersecurity resilience

Regardless of the industry, all organizations are subject to certain security risks. While various tools and solutions can help to reduce this risk, the only real way of maintaining a strong security posture is by developing a certain amount of cybersecurity resilience.

Cybersecurity resilience is the ability of a business to maintain its core operational state regardless of an attempted or even successful cyberattack. The key components of cybersecurity resilience include:

• Proactive risk management: It’s important to be able to identify and mitigate any potential threats before they have the opportunity to exploit known vulnerabilities. This requires regular risk assessments and strict security policies.

• Continuous monitoring and improvement: Monitoring systems and networks is critical to help identify suspicious network activity while informing the necessary stakeholders for mediation. Regularly reviewing logs and threat reports also allows organizations to improve their security efforts going forward.

• Incident response and recovery: In the event of a successful breach, organizations must be prepared to handle all necessary protocols for threat containment while executing critical recovery efforts to minimize operational disruption.

• Maintaining a progressive cybersecurity culture: While security tools and solutions are important, organizations looking to establish more cybersecurity resilience need to also build awareness with their employees on relevant threats and how they can help protect themselves and the business.

What is CTEM?

While establishing cybersecurity resilience on its own is important, the prevalence and severity of modern-day security threats mean organizations need to look for a more comprehensive approach to threat management.

CTEM relies on the use of automated routines spread across an organization’s entire infrastructure, designed to identify and assess any security gaps present. Unlike traditional vulnerability assessments, which are typically scheduled throughout the year, CTEM solutions enable real-time threat intelligence at all times.

When integrated across all of an organization’s IT assets, including on-premise and cloud networks, systems, applications and databases, CTEM solutions provide a much more proactive approach to strengthening an organization’s security posture.

Explore cyber threat management services

Key components of CTEM

CTEM frameworks operate by incorporating several key components across an organization’s entire infrastructure. These components include:

Threat intelligence

Leveraging real-time threat intelligence, CTEM references an organization’s location, industry type and digital structure to benchmark against similar organizations while recognizing and prioritizing likely threats. This helps businesses place their mitigation efforts in the right places while always being one step ahead of malicious attackers.

Vulnerability management

CTEM makes use of active vulnerability scanning and assessment tools to look for common vulnerabilities and exposures (CVEs) as well as misconfigurations in systems and networks that could lead to exploitation. Using automated routines, CTEM solutions will run continuous scans for these vulnerabilities and then prioritize them based on the most critical risks.

Security testing

Applying CTEM frameworks across an organization can often include making use of penetration testing services and establishing red teams to help simulate real-world attack scenarios. This helps organizations validate the effectiveness of their current cybersecurity solutions and helps to “stress-test” response capabilities.

Risk assessment

CTEM solutions apply various risk assessment methodologies to help evaluate the potential impact of discovered vulnerabilities. This includes considering various factors that can impact remediation efforts, including the types of assets at risk, how financially sensitive each asset is and the potential impact a successful breach could have on the long-term viability of an organization.

Breaking down the five stages of CTEM

CTEM deployments are an iterative process that involves continuous improvement and refinement. The five stages of CTEM include:

1. Scoping: The initial stage of CTEM involves establishing certain boundaries within which the solution will operate. This requires organizations to identify the relevant systems, applications or key data the solution will actively monitor. Another element of this stage is to outline any specific goals or objectives that need to be achieved to ensure the solution is properly calibrated.

2. Discovery: The discovery stage is when all digital assets are cataloged within the defined scope. While many assets may already be defined during initial scoping stages, the CTEM discovery process may also identify unknown assets, including SaaS solutions or other shadow IT elements that may have been missed. This stage is completed using a series of automated tools that scan and catalog new assets as they’re discovered.

3. Prioritization: After all assets are properly cataloged, the next step is to assess and prioritize all risks associated with each of them. To achieve this, CTEM solutions will apply risk assessment protocols and active threat intelligence to determine the most critical risks.

4. Validation: The validation stage makes sure that any identified vulnerabilities are legitimate and require an actual remediation process. This is designed to minimize or eliminate any false positives.

5. Mobilization: The final stage of CTEM is mobilization, which is any action necessary to remediate vulnerabilities and mitigate risks. This can include coordinated efforts between security teams, IT operations and business stakeholders to ensure that vulnerabilities are addressed effectively.

Start implementing CTEM in your organization

Implementing CTEM is a crucial step towards improving an organization’s cybersecurity resilience. Here are some steps your organization can follow to start benefiting from CTEM integrations:

1. Begin with a cybersecurity risk assessment: Take the time to conduct a comprehensive cybersecurity risk assessment with the help of a security services partner to identify any potential vulnerabilities in your organization.

2. Embrace automation: Leveraging automation tools to streamline various aspects of your CTEM program is critical to enable real-time threat mitigation. This can help to reduce manual security efforts, improve the accuracy of risk remediation efforts and accelerate incident response times.

3. Prioritize and validate: Prioritize any discovered vulnerabilities based on their potential impact on your organization and validate any potential attack vectors using techniques like penetration testing and red team simulations.

4. Establish clear communication channels: It’s important to ensure that security information is shared effectively between different teams and stakeholders. Regardless of the type of CTEM solution your organization chooses to implement, establishing clear communication channels and protocols is essential to ensure that security information is disseminated effectively and acted on in a timely manner.

Keep your business ready

Implementing a CTEM program for your organization is a critical step for organizations considering today’s increasing cyber threats. By taking a proactive and continuous approach to your risk management strategy, you can significantly minimize your digital attack surface while achieving a more resilient cybersecurity posture.

The post How CTEM is providing better cybersecurity resilience for organizations appeared first on Security Intelligence.

A recent CISA red team assessment of a United States critical infrastructure organization revealed systemic vulnerabilities in modern cybersecurity. Among the most pressing issues was a heavy reliance on endpoint detection and response (EDR) solutions, paired with a lack of network-level protections.

These findings underscore a familiar challenge: Why do organizations place so much trust in EDR alone, and what must change to address its shortcomings?

EDR’s double-edged sword

A cornerstone of cyber resilience strategy, EDR solutions are prized for their ability to monitor endpoints for malicious activity. But as the CISA report demonstrated, this reliance can become a liability when paired with inadequate network defenses. Here’s why:

1. Tunnel vision on endpoints: EDR excels at identifying threats on individual devices but struggles with network-wide attacks. This leaves gaps when hackers exploit lateral movement or unusual data transfers — activities that often require network-level visibility to detect.
2. Playing catch-up with threats: Traditional EDR tools depend on recognizing known indicators of compromise (IOCs). Advanced attackers can easily sidestep these tools by using novel techniques or blending in with legitimate activity.
3. Blind spots in legacy systems: Legacy environments often go unnoticed by EDR, giving attackers free rein. In the CISA case, these systems allowed the red team to persist for months undetected.
4. Overwhelmed defenders: Even when EDR generates alerts, security teams can become desensitized by a flood of notifications. As seen in the CISA assessment, critical warnings can slip through the cracks simply because defenders are too stretched to respond.

Common EDR pain points

The challenges highlighted in the CISA report mirror broader issues organizations face with EDR:

• Detection without context: EDR tools often spot anomalies on endpoints but fail to connect the dots across the broader network. This lack of context can leave organizations blind to coordinated attacks.
• Weak network integration: Without network-layer defenses, EDR struggles to identify malicious activities like unusual traffic patterns or data exfiltration, key tactics in advanced breaches.
• Fragmented systems: Many organizations operate a patchwork of security tools, leaving critical gaps in coverage and making it harder to correlate data across endpoints, networks and cloud environments.

Explore threat detection and response services

The next evolution of EDR

Recognizing these shortcomings, cybersecurity is rapidly evolving beyond traditional EDR. Here’s how:

1. Extended detection and response (XDR): XDR takes EDR to the next level by integrating endpoint, network and cloud data into a single platform. This broader scope allows organizations to see the full attack picture and respond more effectively.
2. AI-driven insights: Cutting-edge EDR solutions now harness machine learning to detect subtle behavioral anomalies. By identifying deviations from normal activity, these tools catch threats even when no IOCs exist.
3. Zero trust security: Zero trust architectures take endpoint defense a step further by ensuring no device or user is trusted by default. This integration of endpoint, identity and network security reduces dependence on EDR alone.
4. Network visibility: Modern EDR tools are incorporating network traffic analysis to close the gaps identified in the CISA report. Monitoring traffic for anomalies, such as unusual data flows or external connections, bolsters defenses.
5. Cloud-native solutions: As businesses embrace hybrid and cloud environments, EDR is evolving to provide seamless coverage across on-premises and cloud systems, addressing vulnerabilities in these critical areas.

Why do gaps persist?

Even with these advancements, many organizations struggle to fully address EDR’s limitations:

• Resource strains: Small security teams often lack the bandwidth or expertise to implement and manage advanced solutions like XDR.
• Budget constraints: Upgrading to integrated platforms or modernizing legacy systems can be costly.
• Legacy challenges: Outdated environments remain vulnerable, acting as weak points that attackers can exploit.
• Leadership missteps: As the CISA report pointed out, organizations sometimes deprioritize known vulnerabilities, leaving critical gaps unaddressed.

Building a more resilient future

The CISA red team findings are a wake-up call: Endpoint protection alone is no longer enough. To outsmart today’s sophisticated adversaries, organizations must adopt a layered defense strategy that integrates endpoint, network and cloud security. Solutions like XDR, zero trust principles and advanced behavioral analysis offer a path forward — but they require strategic investments and cultural shifts.

The post Insights from CISA’s red team findings and the evolution of EDR appeared first on Security Intelligence.