[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"branding":3,"analytics":7,"article-cisa-had-no-incident-playbook-when-it-got-hacked":10,"sections":34},{"siteName":4,"siteTagline":5,"publisherName":4,"contactEmail":6},"The Revision","Tech news, decoded.","editor@therevision.news",{"gaMeasurementId":8,"adsenseClientId":9},"G-ZW2MV82GYR","ca-pub-8533917693782264",{"article":11},{"id":12,"slug":13,"title":14,"dek":15,"body_md":16,"tags_json":17,"published_at":18,"created_at":19,"updated_at":20,"status":21,"review_note":22,"review_notes":23,"image_url":22,"persona_id":22,"persona_name":22,"section":24,"tags":25,"sources":29,"feedback":33,"feedback_at":22,"cost_usd":33,"total_tokens":33},4624,"cisa-had-no-incident-playbook-when-it-got-hacked","CISA Had No Incident Playbook When It Got Hacked","The agency that tells organizations how to respond to breaches was writing its own response plan in real time during a May security incident.","CISA got hacked in May and improvised its response as the attack unfolded.\n\nThe US Cybersecurity and Infrastructure Security Agency disclosed in a postmortem report that it had no prepared incident response plan when a security incident struck in May. Staff had to build a playbook during the early stages of the breach itself, the agency acknowledged. CISA released the findings on a Friday — a classic timing choice for news an organization would prefer fewer people read. The incident involved a GitHub credential leak, according to the report.\n\nThe irony here is hard to overstate. CISA's core mission is advising federal agencies and private organizations on exactly this kind of preparedness. The agency publishes guidance, issues alerts, and runs exercises designed to help others avoid the precise failure it just admitted to itself. When the defender-in-chief is winging it during an active incident, it raises fair questions about whether its advice has always been practice-what-you-preach material.\n\nThis is not the first time CISA has faced scrutiny over its own security posture — in 2024, attackers breached two of its systems via a vulnerability in Ivanti software. Two incidents in two years at the agency charged with keeping federal networks clean is a pattern, not a fluke.","[\"security\",\"government\",\"cisa\",\"incident-response\"]","2026-07-11T08:30:00.000Z","2026-07-11T09:37:40.378Z","2026-07-11T09:37:43.244Z","published",null,[],"security",[24,26,27,28],"government","cisa","incident-response",[30],{"name":31,"url":32},"The Next Web","https:\u002F\u002Fthenextweb.com\u002Fnews\u002Fcisa-no-incident-playbook-github-credential-leak",0,{"sections":35},[36,41,45,50,55,60,65,70,75,80,85,89,94,99],{"name":37,"slug":38,"count":39,"latest_published_at":40},"AI","ai",2590,"2026-07-16T04:00:00.000Z",{"name":42,"slug":24,"count":43,"latest_published_at":44},"Security",294,"2026-07-15T19:59:48.000Z",{"name":46,"slug":47,"count":48,"latest_published_at":49},"Deals","deals",179,"2026-06-29T20:02:07.000Z",{"name":51,"slug":52,"count":53,"latest_published_at":54},"Policy","policy",158,"2026-07-16T00:02:48.000Z",{"name":56,"slug":57,"count":58,"latest_published_at":59},"Hardware","hardware",122,"2026-07-14T19:46:26.000Z",{"name":61,"slug":62,"count":63,"latest_published_at":64},"Consumer Tech","consumer-tech",93,"2026-07-13T13:20:48.000Z",{"name":66,"slug":67,"count":68,"latest_published_at":69},"Software","software",70,"2026-07-13T19:52:25.000Z",{"name":71,"slug":72,"count":73,"latest_published_at":74},"Science","science",66,"2026-07-10T10:29:37.000Z",{"name":76,"slug":77,"count":78,"latest_published_at":79},"Dev Tools","dev-tools",59,"2026-07-07T04:00:00.000Z",{"name":81,"slug":82,"count":83,"latest_published_at":84},"Gaming","gaming",41,"2026-07-09T04:00:00.000Z",{"name":86,"slug":87,"count":83,"latest_published_at":88},"Startups","startups","2026-06-29T20:55:50.000Z",{"name":90,"slug":91,"count":92,"latest_published_at":93},"General","general",29,"2026-07-10T22:28:58.000Z",{"name":95,"slug":96,"count":97,"latest_published_at":98},"Reviews","reviews",20,"2026-06-24T12:00:01.000Z",{"name":100,"slug":101,"count":102,"latest_published_at":103},"How-To","how-to",6,"2026-06-16T09:00:00.000Z"]