Find notable cyber news and cases, enriched with sources, timelines, and signals.

CISA releases Cross-Sector CPG 2.0

Public Sector Action
First reported
Last updated
Happening score
H score 25
1 unique sources, 1 articles

Summary

Hide ▲

The Cybersecurity and Infrastructure Security Agency (CISA) released version 2.0 of the Cross-Sector Cybersecurity Performance Goals (CPGs), updating voluntary guidance for critical infrastructure organizations across sectors. The revision aligns with NIST CSF 2.0 and expands practical advice on governance, vulnerability management, supply chain risk, and incident response and recovery. The update matters because it gives organizations a clearer baseline for improving resilience and prioritizing cybersecurity investments.

Related Happenings

CISA launches ANCHOR-CI critical infrastructure advisory framework

Public Sector Action
H score28 First: 01.07.2026 15:00 Last: 01.07.2026 15:00 Sources 1

About this happening: **CISA** announced **ANCHOR-CI**, a new advisory-body framework that expands **information sharing** and public-private coordination for **critical infrastructure** security and r...

Executive order NSA CISA NIST and Treasury Department created a voluntary pre-release review framework a classified benchmark federal hardening directives and an AI cybersecurity

Public Sector Action
H score26 First: 03.06.2026 14:00 Last: 03.06.2026 14:00 Sources 1

About this happening: President Donald Trump signed a **June 2 executive order** creating a **voluntary pre-release cybersecurity review** for **covered frontier AI models**, giving the US government a...

CERT-In issues 12-hour patch guidance for Indian organizations

Public Sector Action
H score38 First: 26.05.2026 13:30 Last: 26.05.2026 13:30 Sources 1

About this happening: **CERT-In** published new guidance on **May 25** urging Indian organizations to patch **actively exploited internet-facing vulnerabilities** within **12 hours**, tightening respon...

CISA releases CI Fortify guidance for critical infrastructure resilience

Public Sector Action
H score29 First: 05.05.2026 15:00 Last: 05.05.2026 15:00 Sources 1

About this happening: CISA released CI Fortify, guidance for critical infrastructure operators across sectors to help keep essential services running during cyberattack or crisis conditions. The framew...

Latest development: 06.05.2026 16:15

CISA launched CI Fortify on Tuesday as a planning framework for critical infrastructure operators in water, energy, transportation and communications to prepare for cyber disruption by disconnecting OT systems from third-party and business networks, maintaining essential services in degraded communications conditions, and recovering compromised systems through backups, component replacement, or a transition to manual operations.

NIST CVE/NVD prioritization shift

Public Sector Action
H score35 First: 17.04.2026 00:47 Last: 17.04.2026 00:47 Sources 1

About this happening: **NIST** is **changing** its **CVE/NVD prioritization** so that, starting **April 15, 2026**, it will provide full details only for a **subset of CVEs**. The shift matters because...

Timeline

  1. 11.12.2025 14:00 2 articles · 7mo ago

    CISA releases Cross-Sector CPG 2.0

    Industry Or Public Sector Update

    The Cybersecurity and Infrastructure Security Agency (CISA) released version 2.0 of the Cross-Sector Cybersecurity Performance Goals (CPGs), aligning the guidance with NIST Cybersecurity Framework (CSF) 2.0 and expanding coverage of account and device security, data protection, governance, vulnerability management, supply chain risk, and incident response and recovery for critical infrastructure organizations and small and medium-sized organizations.

    Show sources