Latest news with #CybersecurityandInfrastructureSecurityAgency
Yahoo
17 hours ago
- Politics
- Yahoo
Trump says he has no evidence to justify his unprecedented Biden investigation
Late Wednesday, Donald Trump broke new ground, directing the Justice Department to launch a wide-ranging investigation into Joe Biden and officials in the Democrat's administration, based on Republican conspiracy theories about the former president's mental health. It was an unprecedented move: An incumbent American president had never before publicly ordered a federal probe of his predecessor. There was a degree of irony to the circumstances. After his defeat in the 2020 election, Trump spent years insisting that Biden had ordered an investigation into him — an odd conspiracy theory for which there is literally no evidence. As of this week, it's Trump who's doing exactly what he falsely accused his predecessor of doing. The day after the incumbent president delivered his directive to Attorney General Pam Bondi, as NBC News reported, a reporter asked Trump a good question. Trump said he does not have evidence to support his claims of illegal autopen use during the Biden administration. Asked by NBC News whether he has uncovered any evidence that anything specific was signed without Biden's knowledge or that someone in the former president's administration acting illegally, Trump said, 'No.' The Republican specifically said, 'No, but I've uncovered, you know, the human mind. I was in a debate with the human mind.' He went on to say, 'So, you know, it's just one of those things.' In other words, as far as Trump is concerned, he debated Biden last year; the Democrat struggled; so the Justice Department should investigate the former president and his team to see if White House aides secretly signed laws, orders, directives and pardons without Biden's knowledge. In this country, federal law enforcement is supposed to launch investigations when presented with evidence of wrongdoing. As of now, however, the Trump administration is less concerned with the existence of evidence and more concerned with a president who believes he's 'uncovered, you know, the human mind.' I can appreciate why this might seem like the latest in a series of head-shaking 'Trump being Trump' stories, but it has a broader significance. A sitting American president, effectively by his own admission, just ordered the attorney general to launch an unprecedented fishing expedition against a former American president because on the basis of a flubbed debate performance. What's more, this week's White House offensive marked the third time in three months that Trump has ordered baseless investigations into Americans he perceives as political foes. The story was soon eclipsed by dozens of other administration controversies, but in April, Trump signed two first-of-their-kind executive orders targeting a pair of officials from his first term who defied him. There was barely a pretense in the orders that the targeted former officials — Christopher Krebs, who led the Cybersecurity and Infrastructure Security Agency, and Miles Taylor, a former high-ranking Department of Homeland Security official — had done anything wrong. Indeed, the closer one looked at the stated rationales in support of the directives, the more ridiculous they appeared. Nevertheless, the president directed Pam Bondi and the Department of Homeland Security to launch a 'review' into Krebs, while simultaneously ordering DHS to investigate Taylor. A week later, The New York Times' Jonathan Swan reminded White House press secretary Karoline Leavitt, 'The president has long said that it would be an abuse of power for a president to direct prosecutors to investigate him. Last week, President Trump explicitly directed the Justice Department to scrutinize Chris Krebs to see if it can find any evidence of criminal wrongdoing. How is that not an abuse of power, to direct the Justice Department to look into an individual, a named individual?' Leavitt struggled badly to defend Trump's move, and for good reason: The directives were indefensible. That did not, however, stop the Republican president from pushing the problem to a new level by going after his immediate predecessor. I can appreciate why the media landscape is crowded, but I continue to believe this should be more than a one-day story. Trump — who ran on an authoritarian platform, who's trying to concentrate power while expressing indifference to the rule of law — has now ordered three investigations into Americans he doesn't like. He has an enemies list, and he's using the power of the presidency to target people on that list, despite the inconvenient fact that there's no evidence whatsoever of actual wrongdoing. If the pushback is muted, Trump will do what he's always done: assume that he can get away with such an abuse, while preparing to go even further down the same radical and dangerous path. Not to put too fine a point on this, but if the president can sic the Justice Department on his critics and perceived enemies and this isn't seen as a dramatic scandal, who'll be next? How far down his enemies list will he go? I'm reminded anew of J. Michael Luttig, a prominent conservative legal scholar put on the federal bench by President George H.W. Bush who published a Bluesky thread on the orders against Krebs and Taylor, calling them 'shameful' and 'constitutionally corrupt' and accused Trump of 'palpably unconstitutional conduct.' The more routine this becomes, the greater the severity of the offense. This post updates our related earlier coverage. This article was originally published on
Yahoo
3 days ago
- Business
- Yahoo
New Absolute Security Research Shows Top Endpoint Security Controls Fail 22% of the Time
Critical Patching for PCs Running Windows 10 and 11 is Delayed Nearly Two Months 35% of PCs Lack Encryption, 26% are Unaccounted for, and 18% Store Sensitive Data AI Use is Exploding, with Enterprise PCs Logging Thousands of Visits to DeepSeek SEATTLE, June 04, 2025--(BUSINESS WIRE)--New research from Absolute Security shows that organizations allow their critical endpoint security controls to drop out of compliance with internal security and performance policies 22% of the time. This dangerous failure rate undermines their ability to defend their businesses against ransomware strikes, compromises, and complexity-driven disruptions. Based on anonymized telemetry from more than 15 million enterprise PCs, the Absolute Security Resilience Risk Index 2025 details how this finding and other silent risks are eroding enterprise security and threatening business continuity. Security Tools Aren't Holding the Line Leading Endpoint Protection Platforms (EPP), Security Service Edge (SSE) solutions, and Vulnerability and Patch Management platforms fail to maintain compliance with internal security and performance policies 22% of the time. This increases the risk of ransomware infections, data breaches, and disruptive incidents across PCs where these tools are deployed. High Performing Solutions are Increasing Concentrated Risk This year, the data revealed a new issue the industry must face — Concentrated Risk. It emerges when organizations fail to recognize that even solutions with high compliance and performance rates can present significant risk when they are deployed across a substantial percentage of PCs. High performers may fail less often — but when these widely-used technologies mafunction, the impact can be catastrophic. This is why every control, regardless of performance rate, must be supported by resilience capabilities that can help organizations to withstand and recover from failure on a large scale. Patching Delays Ignore Industry Best Practices Organizations across all industries take nearly two months to patch vulnerabilities in PCs running Windows. Most organizations determine their own vulnerability scanning and patching schedules. However, this average defies guidance from leading authorities such as the Cybersecurity and Infrastructure Security Agency (CISA), which recommends that patches should not be delayed more than 30 days to avoid vulnerability-driven risks. AI Use is Exploding, Frequently in Defiance of Usage Policies Available data showed that enterprise PCs are logging millions of visits to popular generative AI platforms. Thousands of these visits are landing on DeepSeek, despite organizational and multi-government sanctions against this China-based site. The inability to control usage along with explosive growth is leaving organizations open to not only compliance violations but also the potential to download malicious content and to expose sensitive information to hostile adversaries. Devices Are Missing Encryption, Unaccounted for, and Filled with Sensitive Data 35% of enterprise PCs are not encrypted, 26% are unaccounted for, and 18% store sensitive data. This dangerous combination creates blind spots that leave data and PCs without protection against cybercriminals. These lapses can also give unauthorized users access to corporate networks for prolonged periods, opening an opportunity for threats to expand laterally across systems and assets. "This research shows that organizations are failing to maintain effective operational performance for leading endpoint security controls, unaware of risky behaviors taking place, and may not be able to keep as up to date on patching as they should. These are all factors that will eventually lead to a major security breach or extended and costly period of downtime," said Christy Wyatt, CEO, Absolute Security. "To remain truly protected in today's digital business environment, leaders need to think beyond legacy prevention and detection practices. They must enforce resilience as a core capability to ensure the visibility, control, and agility needed to keep their organizations secure, responsive, and always operational." For greater details on the resilience risks identified and to learn how to mitigate them with technologies that enforce resilience across your organization, download your complimentary copy of the Absolute Security Resilience Risk Index 2025. About Absolute Security Absolute Security is partnered with more than 28 of the world's leading endpoint device manufacturers, embedded in the firmware of 600 million devices, trusted by thousands of global enterprise customers, and licensed across 16 million PC users. With the Absolute Security Cyber Resilience Platform integrated into their digital enterprise, customers ensure their mobile and hybrid workforces connect securely and seamlessly from anywhere in the world and that business operations recover quickly following cyber disruptions and attacks. To learn more, visit and follow us on LinkedIn, X, Facebook, and YouTube. ABSOLUTE SECURITY, ABSOLUTE, the ABSOLUTE LOGO, AND NETMOTION are registered trademarks of Absolute Software Corporation ©2025, or its subsidiaries. All Rights Reserved. Other names or logos mentioned herein may be the trademarks of Absolute or their respective owners. The absence of the symbols ™ and ® in proximity to each trademark, or at all, herein is not a disclaimer of ownership of the related trademark. View source version on Contacts News Contact:Joe Franscellapress@ Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
Business Wire
3 days ago
- Business
- Business Wire
New Absolute Security Research Shows Top Endpoint Security Controls Fail 22% of the Time
SEATTLE--(BUSINESS WIRE)--New research from Absolute Security shows that organizations allow their critical endpoint security controls to drop out of compliance with internal security and performance policies 22% of the time. This dangerous failure rate undermines their ability to defend their businesses against ransomware strikes, compromises, and complexity-driven disruptions. Based on anonymized telemetry from more than 15 million enterprise PCs, the Absolute Security Resilience Risk Index 2025 details how this finding and other silent risks are eroding enterprise security and threatening business continuity. Security Tools Aren't Holding the Line Leading Endpoint Protection Platforms (EPP), Security Service Edge (SSE) solutions, and Vulnerability and Patch Management platforms fail to maintain compliance with internal security and performance policies 22% of the time. This increases the risk of ransomware infections, data breaches, and disruptive incidents across PCs where these tools are deployed. High Performing Solutions are Increasing Concentrated Risk This year, the data revealed a new issue the industry must face — Concentrated Risk. It emerges when organizations fail to recognize that even solutions with high compliance and performance rates can present significant risk when they are deployed across a substantial percentage of PCs. High performers may fail less often — but when these widely-used technologies mafunction, the impact can be catastrophic. This is why every control, regardless of performance rate, must be supported by resilience capabilities that can help organizations to withstand and recover from failure on a large scale. Patching Delays Ignore Industry Best Practices Organizations across all industries take nearly two months to patch vulnerabilities in PCs running Windows. Most organizations determine their own vulnerability scanning and patching schedules. However, this average defies guidance from leading authorities such as the Cybersecurity and Infrastructure Security Agency (CISA), which recommends that patches should not be delayed more than 30 days to avoid vulnerability-driven risks. AI Use is Exploding, Frequently in Defiance of Usage Policies Available data showed that enterprise PCs are logging millions of visits to popular generative AI platforms. Thousands of these visits are landing on DeepSeek, despite organizational and multi-government sanctions against this China-based site. The inability to control usage along with explosive growth is leaving organizations open to not only compliance violations but also the potential to download malicious content and to expose sensitive information to hostile adversaries. Devices Are Missing Encryption, Unaccounted for, and Filled with Sensitive Data 35% of enterprise PCs are not encrypted, 26% are unaccounted for, and 18% store sensitive data. This dangerous combination creates blind spots that leave data and PCs without protection against cybercriminals. These lapses can also give unauthorized users access to corporate networks for prolonged periods, opening an opportunity for threats to expand laterally across systems and assets. 'This research shows that organizations are failing to maintain effective operational performance for leading endpoint security controls, unaware of risky behaviors taking place, and may not be able to keep as up to date on patching as they should. These are all factors that will eventually lead to a major security breach or extended and costly period of downtime,' said Christy Wyatt, CEO, Absolute Security. 'To remain truly protected in today's digital business environment, leaders need to think beyond legacy prevention and detection practices. They must enforce resilience as a core capability to ensure the visibility, control, and agility needed to keep their organizations secure, responsive, and always operational.' For greater details on the resilience risks identified and to learn how to mitigate them with technologies that enforce resilience across your organization, download your complimentary copy of the Absolute Security Resilience Risk Index 2025. About Absolute Security Absolute Security is partnered with more than 28 of the world's leading endpoint device manufacturers, embedded in the firmware of 600 million devices, trusted by thousands of global enterprise customers, and licensed across 16 million PC users. With the Absolute Security Cyber Resilience Platform integrated into their digital enterprise, customers ensure their mobile and hybrid workforces connect securely and seamlessly from anywhere in the world and that business operations recover quickly following cyber disruptions and attacks. To learn more, visit and follow us on LinkedIn, X, Facebook, and YouTube. ABSOLUTE SECURITY, ABSOLUTE, the ABSOLUTE LOGO, AND NETMOTION are registered trademarks of Absolute Software Corporation ©2025, or its subsidiaries. All Rights Reserved. Other names or logos mentioned herein may be the trademarks of Absolute or their respective owners. The absence of the symbols ™ and ® in proximity to each trademark, or at all, herein is not a disclaimer of ownership of the related trademark.
Axios
4 days ago
- Business
- Axios
Exclusive: One-third of top U.S. cyber force has left since Trump took office
Roughly 1,000 people have already left the nation's top cybersecurity agency during the second Trump administration, a former government official tells Axios — cutting the agency's total workforce by nearly a third. Why it matters: The Cybersecurity and Infrastructure Security Agency is also facing a potential 17% budget cut under the president's proposed budget — raising fears that power grids, water utilities, and election systems could be left without a well-equipped federal partner as cyber threats mount. The big picture: Trump officials are actively pursuing plans to increase offensive cyber operations against adversarial nations like China — and experts warn those nations are bound to respond in-kind to those strikes. But security experts fear that with a smaller cyber defense agency, the country won't have the resources needed to protect the homeland. Driving the news: The White House suggested cutting CISA's workforce by 1,083 positions — from 3,732 employees to 2,649 roles — during the 2026 fiscal year in its proposed budget, released Friday. However, the agency has already reached those numbers, sources tell Axios. Zoom in: About 600 people at CISA took the Department of Homeland Security's second buyout offer in the last two months, according to a source familiar with the matter. Their last day was Friday. Roughly 174 people had taken the first round of deferred-resignation offers as of March 28, according to a second source familiar with the matter. The rest of the roughly 1,000 departures likely involved people working on government contracts or teams — like the election integrity unit or diversity-and-inclusion offices — that have reportedly been cut, the former official told Axios. Between the lines: Sources did not have precise details on which departments have been slashed, but public social media posts and other reporting suggest the losses are widespread — including in several of CISA's most visible and impactful initiatives. An internal memo sent to employees last week says that virtually all of CISA's senior officials have now left. Lauren Zabierek and Bob Lord, two officials who oversaw the agency's touchstone "Secure by Design" initiative, left last month. Matt Hartman, the No. 2 official in CISA's cybersecurity division, departed last week. Members of CISA's international partnerships and engagement division also left, according to LinkedIn. Lisa Einstein, who was CISA's chief AI officer, resigned in February. Boyden Rohner, assistant director of CISA's integrated operations division, took an early retirement offer in April. What they're saying: "I've personally seen how CISA has lost its very best," Jack Cable, CEO and co-founder of Corridor and a former CISA employee who departed in January, told lawmakers during a field hearing in Silicon Valley last week. "In the face of increasing threats, we can't undermine the capacity of America's cyber defense agency and its ability to attract and retain the best technical talent," he added. "This only makes us less secure as a nation." In a statement to Axios, CISA executive director Bridget Bean said the agency has "the right team in place to fulfill that mission and ensure that we are prepared for a range of cyber threats from our adversaries." "CISA is doubling down and fulfilling its statutory mission to secure the nation's critical infrastructure and strengthen our collective cyber defense," Bean said. The intrigue: The agency has considered scrapping plans for mass layoffs due to the overwhelming response to the buyouts, the former official noted. Politico Pro previously reported on this possibility. What to watch: Sean Plankey, Trump's pick to run CISA, will testify before the Senate Homeland Security Committee on Thursday and is expected to field questions about the workforce cuts.
Boston Globe
4 days ago
- General
- Boston Globe
Ex-Homeland Security official Taylor fights back against Trump's ‘unprecedented' investigation order
Advertisement Coming on the same April day that Trump also ordered an investigation into Chris Krebs, a former top cybersecurity official, the dual memoranda illustrated how Trump has sought to use the powers of the presidency against his adversaries. Speaking to the AP, Taylor said the order targeting him sets a 'scary precedent' and that's why he decided to call on the inspectors general to investigate. Get Starting Point A guide through the most important stories of the morning, delivered Monday through Friday. Enter Email Sign Up 'I didn't commit any crime, and that's what's extraordinary about this. I can't think of any case where someone knows they're being investigated but has absolutely no idea what crime they allegedly committed. And it's because I didn't,' Taylor said. He called it a 'really, really, really scary precedent to have set is that the president of the United States can now sign an order investigating any private citizen he wants, any critic, any foe, anyone.' Advertisement Trump has targeted adversaries since he took office Since taking office again in January, Trump has stripped security clearances from a number of his opponents. But Trump's order for an investigation into Taylor, as well as Krebs, marked an escalation of his campaign of retribution in his second term. Trump fired Krebs, who directed the Cybersecurity and Infrastructure Security Agency, in November 2020 after Krebs disputed the Republican president's unsubstantiated claims of voting fraud and vouched for the integrity of the 2020 election, which Trump lost to Democrat Joe Biden. Taylor left the first Trump administration in 2019. In the anonymous New York Times op-ed published in 2018, he described himself as part of a secret 'resistance' to counter Trump's 'misguided impulses.' The op-ed's publication touched off a leak investigation in Trump's first White House. Taylor later published a book by the same name as the op-ed and then another book under his own name called 'Blowback,' which warned about Trump's return to office. After signing the memorandum April 9, Trump said Taylor was likely 'guilty of treason.' The letter by Taylor's lawyer to the inspectors general calls Trump's actions 'unprecedented in American history.' 'The Memorandum does not identify any specific wrongdoing. Rather, it flagrantly targets Mr. Taylor for one reason alone: He dared to speak out to criticize the President,' the letter reads. Taylor's lawyer, Abbe Lowell, said the request to the inspectors general was an attempt to 'get the administration to do the right thing.' Lowell said that depending on the outcome of their complaint, they'll explore other options including a possible lawsuit. Lowell, a veteran Washington lawyer, announced earlier this year that he was opening his own legal practice and would represent targets of Trump's retribution. Advertisement Violation of First Amendment rights alleged In the letter, Lowell calls on the inspectors general to do their jobs of 'addressing and preventing abuses of power.' The letter says Trump's April 9 memo appears to violate Taylor's First Amendment rights by going after Taylor for his criticism of the president, calling it a 'textbook definition of political retribution and vindictive prosecution.' And, according to the letter, Trump's memo also appears to violate Taylor's Fifth Amendment due process rights. The letter highlights Taylor's 'honorable and exemplary' work service including receiving the Distinguished Service Medal upon leaving the department, and it details the toll that the April 9 memorandum has taken on Taylor's personal life. His family has been threatened and harassed, and former colleagues lost their government jobs because of their connection with him, according to the letter. Taylor told the AP that since the order, there's been an 'implosion in our lives.' He said he started a fund to pay for legal fees, has had to step away from work and his wife has gone back to work to help pay the family's bills. Their home's location was published on the internet in a doxxing. Taylor said that by filing these complaints with the inspectors general, he's anticipating that the pressure on him and his family will increase. He said they spent the last few weeks debating what to do after the April 9 memorandum and decided to fight back. 'The alternative is staying silent, cowering and capitulating and sending the message that, yes, there's no consequences for this president and this administration in abusing their powers in ways that my legal team believes and a lot of legal scholars tell me is unconstitutional and illegal,' Taylor said. Advertisement
