U.S. Government Agencies Edge Ahead in Cybersecurity Maturity

Author

Taylor Hawes
July 24, 2025

✍🏻 From the Editor’s Desk

This week, cybersecurity funding—and how it's spent—is under the spotlight. As ransomware groups get bolder and governments face tighter budgets, the gap between policy and protection is starting to show. Are public agencies equipped for a future where threat actors strike without warning?

🔎 Deep Brief

Interlock Ransomware Group Expands Targets Across North America and Europe

CISA and FBI issued a joint alert this week on the Interlock ransomware group, which has intensified attacks on critical infrastructure in both North America and Europe. The group uses phishing emails to gain initial access, followed by PowerShell scripts and remote monitoring tools for persistence and data exfiltration. Victims include manufacturers, government contractors, and healthcare systems.

Interlock distinguishes itself through a double-extortion model—encrypting files while threatening to leak stolen data on a dark web portal. The group has also been linked to attacks targeting outdated VPN appliances and misconfigured RDP ports, signaling that even low-hanging vulnerabilities are still widely exploited. 

🧠 Strategy in Action

U.S. Government Agencies Edge Ahead in Cybersecurity Maturity

A comparative study by an EU-based research group found that U.S. federal agencies outperform their European counterparts in cybersecurity preparedness. The analysis measured maturity across detection, response, recovery, and staff training. U.S. institutions scored higher in four out of five metrics, largely due to centralized oversight, mandatory reporting rules, and broader adoption of zero-trust frameworks

👉 Takeaway: Governance and accountability mechanisms are proving just as important as technical solutions.

⚖️ Regulation Radar

CISA’s CyberSentry Program Faces Budget Freeze

CISA’s CyberSentry program, which monitors real-time threats across U.S. critical infrastructure, is now at risk due to stalled congressional funding. The lapse has disrupted onboarding for new private-sector partners and delayed deployment of analytics tools designed to detect nation-state actors and ransomware behaviors. 

What IT leaders should know.

  • CyberSentry participants may lose access to real-time threat intelligence and federal support.

  • Regulated entities should strengthen internal monitoring, especially for lateral movement and C2 traffic.

  • SOC teams should review endpoint detection coverage and increase east-west traffic visibility.

  • Stay connected with ISACs and industry threat-sharing groups for timely alerts.

  • Track congressional updates—funding could be restored via a continuing resolution.

  • Prepare contingency plans if CyberSentry-supported capabilities are suspended for an extended period.

🛠️ Tool Check - Network Monitoring Tools

Phishing Defense Tools: Which One Fits Your Stack?

Comparitech reviewed top phishing protection tools—looking beyond just email filters. The comparison focused on detection accuracy, ease of integration, user training support, and pricing.

Key standouts include:

  • Cofense stood out for its real-time threat intel and phishing simulations.

  • Proofpoint earned marks for advanced link rewriting and threat response automation.

  • Microsoft Defender for Office 365 offered seamless integration for existing Microsoft environments but lagged in customization.

  • Barracuda delivered solid filtering but showed mixed results in spear-phishing detection.

🗣️ Community Signal

“Talk to your regulators. They’re not just there to police you or hand out fines; they’re there to help you be secure.” Jorge Fernandes, CISO & DPO for the Portuguese Securities & Exchange Commission (CMVM).

📚 Don’t Miss This

🗳️ Your Take - The Results

Poll Question: What’s your team prioritizing for the second half of 2025?

🔗 Stay Connected

Until next week!