- These are my top 15 favorite Memorial Day lawn and outdoor deals right now
- My favorite Memorial Day TV deals 2025: Save up to $5,000 on big-screen TVs
- I'm a laptop expert, and these are the Memorial Day laptop deals I'd grab this weekend
- I'm an audio expert and these are the Memorial Day headphone deals I'd recommend to my friends and family
- I'm a health tech expert and these are the Memorial Day sales fitness enthusiasts should pick up
CISA Shifts Alert Distribution Strategy to Email, Social Media
The US Cybersecurity and Infrastructure Security Agency (CISA) has announced it will no longer post standard cybersecurity update announcements to its Cybersecurity Alerts & Advisories webpage.
Instead, these updates will now be distributed solely through CISA’s email subscription service and social media platforms, including X (formerly Twitter) under the CISACyber handle.
Under the new approach, CISA’s public-facing webpage will focus exclusively on time-sensitive alerts related to major cyber activity or emerging threats. The agency says the goal is to make critical information more accessible and ensure it gets the attention it warrants.
Stakeholders are encouraged to subscribe to relevant email topics via GovDelivery on CISA.gov. Those tracking the Known Exploited Vulnerabilities (KEV) catalog through RSS feeds should also update their preferences to the KEV subscription topic to continue receiving notifications.
The agency credits stakeholder feedback for helping inform this shift, stating that the move is part of efforts to streamline communications and reduce noise.
CISA Changes Spark Concern
However, not everyone is convinced the changes are beneficial. In a LinkedIn post on Monday, VulnCheck’s security researcher Patrick Garrity said, “This notification […] about how CISA shares Cyber-Related Alerts and Notifications is concerning.”
He added, “While the announcement lacks clarity on the full scope of impacted services, it appears that significant changes are underway affecting both CISA Advisories and the Known Exploited Vulnerabilities (KEV) catalog, and unfortunately, these changes do not seem to be improvements.”
Garrity listed potentially impacted services as:
“Further clarification from CISA would be valuable for defenders to better understand how these changes may affect operational workflows and automated ingestion of their threat intelligence,” he said.
Infosecurity Magazine has reached out to CISA for further comments but has not received a response at the time of writing.
