Eric Goldstein Archives

Eric Goldstein, executive assistant director for cybersecurity at CISA, speaks during the Elastic Public Sector Summit 2024. (Scoop News Group photo)

Departing top CISA official reflects on nearly four years in the cyber hot seat

Eric Goldstein spoke with CyberScoop about where the Cybersecurity and Infrastructure Security Agency has made progress, lessons learned and what’s next.

May 17, 2024 By Tim Starks

Top CISA official Eric Goldstein to depart agency next month

Goldstein has served as the executive assistant director for cybersecurity and worked on a number of key priorities for the agency.

May 16, 2024 By Tim Starks

Close up of woman’s hand typing on computer keyboard in the dark against colorful bokeh in background, working late on laptop at home. (Getty Images)

CISA’s Goldstein wants to ditch ‘patch faster, fix faster’ model

Executive assistant director for cybersecurity says the current model "does not account for the capability and the acceleration of the adversaries who we're up against."

Dec 1, 2023 By Christian Vasquez

The Moscone Center where RSA Conference is being held. (RSA Conference)

Collaboration between CISA, Cyber Command thwarted dangerous cyberattacks, officials said

During the 2023 RSA Conference, top officials provided rare insight into sharing information to protect U.S. networks from malicious hackers.

Apr 24, 2023 By Christian Vasquez

The Monument to Party Founding is a monument in Pyongyang, the capital of North Korea. (Getty Images)

FBI, CISA, Treasury: North Korean hackers taking aim at health care with Maui ransomware

The ransomware has previously received little public scrutiny.

Jul 6, 2022 By Tim Starks

How CISA’s list of ‘must-patch’ vulnerabilities has expanded both in size, and who’s using it

While CISA says the catalog is catching on, some think it needs improvement.

Jun 9, 2022 By Tim Starks

Two Factor Multi-Factor Authentication Security Concept (Getty Images)

Multifactor authentication could be long haul for some federal agencies, CISA official says

Eric Goldstein said agencies are focusing hard on adopting MFA, but some are dealing with older IT.

Jun 8, 2022 By Tim Starks

Close-up of code on a computer screen for the Apache Struts framework, which was exploited by computer hackers using a Remote Code Execution exploit in order to allegedly steal the personal information of millions of people from credit bureau Equifax, Oct. 2, 2017. (Photo by Smith Collection/Gado/Getty Images)

If hackers are exploiting the Log4j flaw, CISA says we might not know yet

The agency harkened back to the long delay between vulnerability discovery and the Equifax breach.

Jan 10, 2022 By Tim Starks

DHS supply chain security — (U.S. Customs and Border Protection / Flickr)

CISA probes scope, potential fallout of Log4j vulnerability

CISA is urgently trying to catalog all affected products, an official told reporters Tuesday.

Dec 14, 2021 By Tim Starks

Woman hand enters a one-time password for the validation process. (Getty Images)

Feds likely to miss deadline for strengthening encryption, multifactor authentication

The May executive order was drafted as a result of the SolarWinds cyber-espionage campaign.

Nov 5, 2021 By Tim Starks