Category: NCTC Speeches, Testimonies and Interviews

Source: US Department of Homeland Security

WASHINGTON – The Cybersecurity and Infrastructure Security Agency (CISA) published today the Joint Cyber Defense Collaborative (JCDC) Artificial Intelligence (AI) Cybersecurity Collaboration Playbook. Developed alongside federal, international, and private-sector partners through JCDC, this playbook provides the AI community—including AI providers, developers, and adopters—with essential guidance on how to voluntarily share actionable incident information and it describes how proactive information sharing can enhance operational collaboration and improve resilience of AI systems.  

As AI adoption accelerates, new vulnerabilities and risks will continue to emerge, reshaping the threat landscape for AI-enabled systems. The playbook will be a living document, fostering collaboration across government, industry, and international partners and adapting to meet the challenges of an evolving AI security environment. 

The AI Cybersecurity Collaboration Playbook will: 

• Guide JCDC Partners on how to voluntarily share information related to incidents and vulnerabilities associated with AI systems. 
• Clearly explain the actions CISA may take after receiving shared information. 
• Facilitate collaboration to raise awareness of AI cybersecurity risks across critical infrastructure, enhancing the security and resilience of AI technologies. 

“The development of this playbook is a major milestone in our efforts to secure AI systems through active collaboration,” said CISA Director Jen Easterly. “Led by JCDC.AI, this playbook was shaped by the insights and expertise of approximately 150 AI specialists from government, industry, and international partners who participated in two dynamic tabletop exercises. This playbook will be regularly updated to address the evolving challenges of an AI-driven future.” 

The two JCDC.AI tabletop exercises, hosted by Microsoft and Scale AI, provided real-world scenarios that helped refine the playbook and ensure it addresses the complex challenges unique to AI security. This playbook aligns with the CISA Roadmap for AI and the 2024 JCDC Priorities, which focus on building robust public-private collaboration to address emerging AI cybersecurity risks. 

“This collaboration between government and industry is essential for building a robust response to the complex and evolving landscape of AI security threats. The AI Security Incident Collaboration Playbook, combined with our continued joint efforts, will serve as a critical framework for developing agile and proactive defense strategies, ensuring the integrity and resilience of AI technologies.” – Omar Santos, Distinguished Engineer, Cisco

“Security for AI isn’t a solo mission; it’s a collective effort. Hidden Layer is proud to partner with JCDC in setting the standard for how AI developers, providers, and adopters can work together in real-time to combat an increasingly dynamic threat landscape. By bridging gaps and fostering direct collaboration across sectors, this playbook empowers each of us to contribute to a more secure AI ecosystem—one that’s built not just to respond to threats but to stay ahead of them.” – Malcolm Harkins, Chief Security & Trust Officer at Hidden Layer

“Fully harnessing the enormous potential of AI requires dedicated investment in the processes, collaboration, and tools to secure the AI infrastructure that will underpin our digital way of life. To that end, Palo Alto Networks appreciates the opportunity to contribute to the AI Cybersecurity Collaboration Playbook. Products like these underscore the critical role that forums like CISA’s JCDC can play in our collective defense.” – Daniel Kroese, VP Public Policy and Government Affairs, Palo Alto Networks

“At Protect AI, we are committed to building a safer AI-powered world and shaping the future of AI security across industries. This playbook is an essential tool for helping organizations navigate the complexities of deploying AI safely and understanding how to respond quickly to AI related incidents. We are honored to contribute to its development. We will continue supporting CISA’s efforts to ensure its evolution, empowering organizations to implement secure-by-design AI without stifling AI-driven innovation.” – Diana Kelley, CISO, Protect AI

“As AI technology evolves, so must our security practices. Stability AI’s partnership with JCDC represents our commitment to developing comprehensive safeguards that protect users while enabling technological progress.” – Ryan Holeman, CISO, Stability AI

For more information, visit CISA’s Artificial Intelligence and JCDC webpages.   

###

About CISA 

As the nation’s cyber defense agency and national coordinator for critical infrastructure security, the Cybersecurity and Infrastructure Security Agency leads the national effort to understand, manage, and reduce risk to the digital and physical infrastructure Americans rely on every hour of every day.

Visit CISA.gov for more information and follow us on X, Facebook, LinkedIn, Instagram. 

Source: US Department of Homeland Security

WASHINGTON – Today, the Department of Homeland Security (DHS), on behalf of the Forced Labor Enforcement Task Force (FLETF), announced the addition of 37 entities to the Uyghur Forced Labor Prevention Act (UFLPA) Entity List, marking the largest single expansion of the list to date. Among entities added are a large supplier of critical minerals and one of the world’s largest textile manufacturers, both linked to forced labor practices in the People’s Republic of China (PRC). This addition brings the total number of entities on the UFLPA Entity List to 144, representing significant progress in three years since the law was passed. These significant efforts reflect the Biden-Harris Administration’s commitment to eliminating forced labor from our global supply chains and protecting U.S. consumers and businesses from tainted goods. 

“In adding 37 companies to the UFLPA Entities List and bringing the total to nearly 150, we again demonstrate our relentless fight against the cruelty of forced labor, our unwavering commitment to basic human rights, and our tireless defense of a free, fair, and competitive market,” said Secretary of Homeland Security Alejandro N. Mayorkas.

“With each addition to the UFLPA Entity List, we are building momentum and showing that our efforts are sustainable and enduring in eradicating forced labor in our nation’s supply chains,” said Acting Under Secretary for Policy, Robert Paschall. “This largest-ever batch of additions reinforces that we are implementing the full force of this law, making impactful updates to the UFLPA Entity List, and enhancing U.S. Customs and Border Protection’s enforcement capabilities.” 

The entities added today include globally recognized companies that mine and process Xinjiang’s critical minerals, that grow Xinjiang cotton and manufacture textiles for global export, and that manufacture inputs for solar modules with polysilicon made in Xinjiang.

The FLETF, chaired by DHS, has made significant strides in identifying and targeting nearly 150 companies benefiting from forced labor in just three years of enforcement of the UFLPA. This latest addition reflects the growing sophistication and maturity of the FLETF’s work and enhances CBP’s enforcement capabilities to protect U.S. markets. These actions are part of the FLETF’s commitment to eliminating forced labor in U.S. supply chains and holding accountable those responsible for human rights abuses against Uyghurs and other religious and ethnic minority groups in the Xinjiang Uyghur Autonomous Region (XUAR). The UFLPA has been a key instrument for the Biden-Harris administration in combating forced labor and safeguarding supply chains. Through these initiatives, the administration prioritizes ethical sourcing, reinforces workers’ rights around the globe, and empowers consumers to make informed, values-based choices, underscoring a commitment to a fairer global trade system. Taken together, the Department’s efforts are protecting American businesses from unfair competition and helping them source ethically, and ensuring that American consumers can better trust the integrity of the products they purchase.

Effective January 15, 2025, U.S. Customs and Border Protection (CBP) will apply a rebuttable presumption that goods produced by the named 37 entities will be prohibited from entering the United States as a result of the companies’ activities, either sourcing materials from the XUAR or working with the government of Xinjiang to recruit, transport, transfer, harbor, or receive Uyghurs, Kazakhs, Kyrgyz, or members of other persecuted groups out of the XUAR.

Donghai JA Solar Technology Co., Ltd.:
Donghai JA Solar Technology Co., Ltd. (“Donghai JA Solar”) is a solar energy technology company located in Jiangsu Province, China, that focuses on the research and development of solar energy products and the production of silicon rods, wafers, ingots, and solar cell modules. Donghai JA Solar also imports and exports various commodities and technologies. The United States Government has reasonable cause to believe, based on specific and articulable information, that Donghai JA Solar sources polysilicon from the XUAR. Information reviewed by the FLETF, including corporate reporting and other publicly available information, indicates that Donghai JA Solar sources polysilicon from a polysilicon producer located in the XUAR. The FLETF therefore determined that the activities of Donghai JA Solar satisfy the criteria for addition to the UFLPA Entity List described in Section 2(d)(2)(B)(v). 

Hongyuan Green Energy Co., Ltd. (also known as HY Solar; and Hoyuan Green Energy Co. Ltd., and formerly known as Wuxi Shangji CNC Co., Ltd.; Wuxi Shangji Automation Co., Ltd.; and Wuxi Shangji Grinding Machine Co., Ltd.) and Hongyuan New Materials (Baotou) Co., Ltd.: Hongyuan Green Energy Co., Ltd (“Hongyuan Green Energy”) is a vertically integrated green energy manufacturing company located in Jiangsu Province, China, with several major business segments that include high-end equipment manufacturing, new energy power stations, and the production of industrial and crystalline silicon, silicon wafers, batteries, and modules. Hongyuan New Materials (Baotou) Co., Ltd. (“Hongyuan New Materials”) is a subsidiary of Hongyuan Green Energy, located in Baotou City, in the Inner Mongolia Autonomous Region of China, which produces photovoltaic monocrystalline silicon. The United States Government has reasonable cause to believe, based on specific and articulable information, that Hongyuan Green Energy and its subsidiary, Hongyuan New Materials, source polysilicon from the XUAR. Information reviewed by the FLETF, including corporate procurement agreement announcements and other publicly available information, indicates that both Hongyuan Green Energy and Hongyuan New Materials source polysilicon from suppliers in the XUAR.  The FLETF therefore determined that the activities of Hongyuan Green Energy and Hongyuan New Materials satisfy the criteria for addition to the UFLPA Entity List described in Section 2(d)(2)(B)(v). 

26 Entities in the Cotton Sector: The FLETF has identified Huafu Fashion Co., Ltd. (“Huafu”) and 25 of its subsidiaries as entities engaged in the production and sale of cotton and cotton products. Huafu maintains a vertically integrated supply chain from cotton planting in the XUAR, processing, and yarn spinning through textiles manufacturing. Twenty-two of these subsidiaries are located in the XUAR, and three are located in Ningbo City, Zhejiang Province. The FLETF has reasonable cause to believe, based on specific and articulable information, that the entities source cotton or cotton-based products from the XUAR. This information has been corroborated by publicly available sources. Given this evidence, the FLETF determined that activities of these entities satisfy the criteria for addition to the UFLPA Entity List under Section 2(d)(2)(B)(v). The 26 entities are:   

• Huafu Fashion Co., Ltd. 
• Ningbo Huafu Donghao Industrial Co., Ltd. 
• Ninghai Huafu Textile Co., Ltd. 
• Zhejiang Weixin Trading Co., Ltd. 
• Aksu Huafu Color Spinning Co., Ltd. (also known as: Aksu Huafu Textiles Co., Ltd. Akesu Huafu, Aksu Huafu Dyed Melange Yarn, and Akesu Huafu Melange Yarn Co., Ltd.) 
• Aksu Biaoxin Fiber Co., Ltd. (formerly known as Aksu Shangheng Fiber Co., Ltd.) 
• Xinjiang Huafu Textile Co., Ltd. 
• Xinjiang Huafu Hengfeng Cotton Industry Co., Ltd. 
• Kuche Zongheng Cotton Industry Co., Ltd. 
• Xinjiang Huafu Hongfeng Agricultural Development Co., Ltd. 
• Shaya Yinhua Cotton Industry Co., Ltd. 
• Awati Huafu Textile Co., Ltd. 
• Xinjiang Huafu Color Spinning Group Co., Ltd.
• Xinjiang Huafu Cotton Industry Group Co., Ltd. 
• Shihezi Standard Fiber Co., Ltd. 
• Shihezi Huafu Hongfeng Cotton Industry Co., Ltd. 
• Shihezi Huafu Hongsheng Cotton Industry Co., Ltd. 
• Xinjiang Tianhong Xinba Cotton Industry Co., Ltd. (also known as Xinjiang Tianhong New Eight Cotton Industry Co., Ltd.)
• Huyanghe Huafu Hongsheng Cotton Industry Co., Ltd. 
• Xinjiang Liufu Textile Industrial Park Co., Ltd. 
• Kuitun Jinfu Textile Co., Ltd. 
• Xinjiang Tianfu Cotton Supply Chain Co., Ltd.
• Xinjiang Cotton Industry Group Yuepu Lake Cotton Industry Co., Ltd. 
• Xinjiang Cotton Industry Group Jiashi Cotton Industry Co., Ltd. 
• Xinjiang Zefu Cotton Co., Ltd. 
• Xinjiang Shengfu Cotton Industry Co., Ltd. 

Jiangsu Meike Solar Technology Co., Ltd. and Baotou Meike Silicon Energy Co., Ltd.: Jiangsu Meike Solar Technology Co., Ltd. (“Jiangsu Meike”), located in Jiangsu Province, China, manufactures silicon rods and wafers. Baotou Meike Silicon Energy Co., Ltd. (“Baotou Meike”) is a subsidiary of Jiangsu Meike located in Baotou City in the Inner Mongolia Autonomous Region of China, that manufactures silicon rods and wafers. The United States Government has reasonable cause to believe, based on specific and articulable information, that Jiangsu Meike and Baotou Meike source polysilicon from the Xinjiang Uyghur Autonomous Region. Information reviewed by the FLETF, including corporate procurement agreement disclosures and other publicly available information, indicates that Jiangsu Meike and Baotou Meike source polysilicon from polysilicon producers located in the XUAR. The FLETF therefore determined that the activities of Jiangsu Meike and Baotou Meike satisfy the criteria for addition to the UFLPA Entity List described in section 2(d)(2)(B)(v). 

Shuangliang Silicon Materials (Batou) Co., Ltd.: Shuangliang Silicon Materials (Batou) Co., Ltd. (“Shuangliang Silicon”) is a company located in Batou City, in the Inner Mongolia Autonomous Region of China, that researches, develops, processes, manufactures and sells single crystal silicon rods and wafers. The United States Government has reasonable cause to believe, based on specific and articulable information, that Shuangliang Silicon sources polysilicon from the Xinjiang Uyghur Autonomous Region. Information reviewed by the FLETF, including corporate procurement agreement announcements and other publicly available information, indicates that Shuangliang Silicon sources polysilicon from polysilicon producers located in the XUAR.  The FLETF therefore determined that the activities of Shuangliang Silicon satisfy the criteria for addition to the UFLPA Entity List described in section 2(d)(2)(B)(v). 

Xinjiang Energy (Group) Co., Ltd. and Xinjiang Energy (Group) Real Estate Co., Ltd.:
Xinjiang Energy (Group) Co., Ltd. and its subsidiary Xinjiang Energy (Group) Real Estate Co., Ltd. are located in Urumqi, XUAR. Xinjiang Energy (Group) Co., Ltd. (“Xinjiang Energy”) is principally engaged in the development and utilization of coal, wind, photovoltaic, oil and gas, and other resources. Xinjiang Energy (Group) Real Estate Co., Ltd. (“Xinjiang Energy Real Estate”) is principally engaged in real estate development and property management.  Xinjiang Energy is a wholly state-owned enterprise, funded by the People’s Government of the Xinjiang Uygur Autonomous Region (XUAR) and directly supervised by the State-owned Assets Supervision and Administration Commission (SASAC) of the XUAR. The United States Government has reasonable cause to believe, based on specific and articulable information, that Xinjiang Energy and Xinjiang Energy Real Estate work with the government of the XUAR to recruit, transport, transfer, harbor, or receive Uyghurs, Kazakhs, Kyrgyz, or members of other persecuted groups out of the Xinjiang Uyghur Autonomous Region.  Information reviewed by the FLETF, including publicly available information, indicates Xinjiang Energy and Xinjiang Energy Real Estate, as a wholly state-owned entity, and subsidiary of a state-owned entity, repeatedly participated in the transfer and receipt of ethnic minorities from the XUAR, likely Uyghurs and Kazakhs, through state-sponsored labor transfer programs in Hotan Prefecture and Barkol County. The FLETF therefore determined that the activities of Xinjiang Energy (Group) Co., Ltd. and its subsidiary Xinjiang Energy (Group) Real Estate Co., Ltd. satisfy the criteria for addition to the UFLPA Entity List described in Section 2(d)(2)(B)(ii).   

Xinjiang Zijin Zinc Industry Co., Ltd. and Xinjiang Jinbao Mining Co., Ltd.:
Xinjiang Zijin Zinc Industry Co., Ltd. and Xinjiang Jinbao Mining Co., Ltd. are Zijin Mining Group Co., Ltd. subsidiaries, located in the XUAR that primarily focus on smelting and producing refined zinc and sulfuric acid and iron mining, respectively. The United States Government has reasonable cause to believe, based on specific and articulable information, that Xinjiang Zijin Zinc Industry Co., Ltd. and Xinjiang Jinbao Mining Co., Ltd. work with the government of the XUAR to recruit, transport, transfer, harbor, or receive ethnic minorities, likely Uyghurs, Kazakhs, and Kyrgyz, and/or members of other persecuted groups out of XUAR. Information reviewed by the FLETF, including publicly available information, indicates that Xinjiang Zijin Zinc Industry Co., Ltd. and Xinjiang Jinbao Mining Co., Ltd. have participated in the transfer and recruitment of ethnic minorities from the XUAR, likely including Kazakhs and Kyrgyz through poverty alleviation and recruitment programs. The FLETF therefore determined that the activities of Xinjiang Zijin Zinc Industry Co., Ltd. and Xinjiang Jinbao Mining Co., Ltd. satisfy the criteria for addition to the UFLPA Entity List described in Section 2(d)(2)(B)(ii). 

Zijin Mining Group Co., Ltd., Xinjiang Zijin Zinc Industry Co., Ltd., Xinjiang Zijin Nonferrous Metals Co., Ltd.  and Xinjiang Habahe Ashele Copper Co., Ltd.:
Zijin Mining Group Co., Ltd. is a global mining company located in Fujian Province, and three of its subsidiaries Xinjiang Zijin Zinc Industry Co., Ltd., Xinjiang Zijin Nonferrous Metals Co., Ltd., and Xinjiang Habahe Ashele Copper Co., Ltd., are located in the XUAR. Zijin Mining Group Co., Ltd. (“Zijin Mining”), is principally engaged in the exploration and extraction of metals, including zinc, copper, lead, silver, gold, iron ore, and sulfuric acid.  Zijin Mining owns and sources material from at least three mines and smelters in Xinjiang, which are operated by the company’s various subsidiaries. These include the Ashele Copper Mine operated by Xinjiang Habahe Ashele Copper Co., Ltd. (Ashele Copper), the Wulagen Lead and Zinc Mine operated by Xinjiang Zijin Zinc Co., Ltd. (Zijin Zinc), and the Xinjiang Zijin Nonferrous Zinc Smelter operated by Xinjiang Zijin Nonferrous Metals Co., Ltd. (Zijin Nonferrous). The United States Government has reasonable cause to believe, based on specific and articulable information, that Zijin Mining, Ashele Copper, Zijin Zinc, and Zijin Nonferrous source material, specifically zinc, copper, lead, silver, and sulfuric acid, from the XUAR. Information reviewed by the FLETF, including publicly available information, indicates that Zijin Mining, Ashele Copper, Zijin Zinc, and Zijin Nonferrous have established mines and production sites in the XUAR, and source zinc, copper, lead, silver, and sulfuric acid from the XUAR. The FLETF therefore determined that the activities of Zijin Mining Group Co., Ltd., Xinjiang Zijin Zinc Industry Co., Ltd., Xinjiang Zijin Nonferrous Metals Co., Ltd., and Xinjiang Habahe Ashele Copper Co., Ltd. satisfy the criteria for addition to the UFLPA Entity List described in Section 2(d)(2)(B)(v).   Xinjiang Habahe Ashele Copper Co., Ltd. (also known as Ashele Copper) is currently on the UFLPA Entity List under Section 2(d)(2)(B)(ii) and will appear on both sub-lists.

In addition to the 37 new entities, the FLETF made a technical correction to the name of an entity included in the list under Section 2(d)(2)(B)(ii), changing the listing from “Aksu Huafu Textiles Co. (including two aliases: Akesu Huafu and Aksu Huafu Dyed Melange Yarn)” to “Aksu Huafu Color Spinning Co., Ltd. (also known as Aksu Huafu Textiles Co., Ltd.; Akesu Huafu; Aksu Huafu Dyed Melange Yarn; and Akesu Huafu Melange Yarn Co., Ltd.).”

DHS will publish the revised UFLPA Entity List as an appendix to a Federal Register notice. 

The UFLPA, signed into law by President Joseph R. Biden, Jr. in December 2021, mandates that CBP apply a rebuttable presumption that goods that are either mined, produced or manufactured wholly or in part in the XUAR or produced by entities identified on the UFLPA Entity List are prohibited from importation into the United States, unless the Commissioner of CBP determines, by clear and convincing evidence, that the goods were not produced with forced labor.  CBP began enforcing the UFLPA in June 2022.  Since then, CBP has reviewed more than 11,300 shipments valued at more than $3.67 billion under the UFLPA.   

This expansion of the UFLPA Entity List reflects DHS’ and the FLETF’s prioritization of combatting the introduction of forced labor into U.S. supply chains.     

You can read more about the FLETF by visiting: www.dhs.gov/uflpa.   

Source: US Department of Homeland Security

WASHINGTON – Today the Cybersecurity and Infrastructure Security Agency (CISA) released a new Venue Guide for Security Enhancements to help venue operators enhance safety, protect assets, and create secure environments through effective security measures and best practices.

“Venues have increasingly become targets, yet many lack the resources to secure their day-to-day operations and special events effectively,” said Dr. David Mussington, CISA’s Executive Assistant Director for Infrastructure Security. “In response, and in collaboration with industry experts and security professionals, our agency has developed this guide to empower venue operators with the tools needed to identify and manage risk effectively.”

This guide aims to help venue operators enhance safety, protect assets, and create secure environments through effective security measures and best practices by:

1. Providing guidance for venues, such as evaluating security measures, complexity levels, costs, options, and threats mitigated by these measures. By balancing these factors, venues can create a secure environment for operators and guests.
2. Recommending broadly applicable considerations for evaluating security practices, such as assessing measures and improving physical security compliance to ensure staff and visitor safety.
3. Offering actionable guidance for prioritizing the most effective security practices and proactively reducing the risk of major threats.
4. Providing venue operators with a tailored menu of security options, allowing them to select the most suitable and effective measures for their venue’s budget, size, location, and risk factors.

###

About CISA 

As the nation’s cyber defense agency and national coordinator for critical infrastructure security, the Cybersecurity and Infrastructure Security Agency leads the national effort to understand, manage, and reduce risk to the digital and physical infrastructure Americans rely on every hour of every day.

Visit CISA.gov for more information and follow us on X, Facebook, LinkedIn, Instagram. 

Source: US Department of Homeland Security

Extension Allows Eligible Sudanese Nationals Who Arrived on or before August 16, 2023, to Maintain TPS and Employment Authorization Following Vetting

WASHINGTON – The Department of Homeland Security announced today the extension of Temporary Protected Status- (TPS) for Sudan for 18 months. This extension is due to ongoing armed conflict and extraordinary and temporary conditions that continue to prevent individuals from safely returning. 

After reviewing the country conditions in Sudan and consulting with interagency partners, it was determined that an 18-month TPS extension is warranted because of continued political instability that has triggered human rights abuses, including direct attacks on civilians. Militias have targeted fleeing civilians, murdering innocent people escaping conflict, and prevented remaining civilians from accessing lifesaving supplies. These conditions currently prevent Sudanese nationals and habitual residents from safely returning. Such a determination meets the statutory obligation to decide, at least 60 days before the expiration of a TPS designation, whether the conditions for designation continue to be met and merit an extension.

The extension of TPS for Sudan allows approximately 1,900 current eligible beneficiaries to re-register for TPS, if they continue to meet eligibility requirements. Re-registration is limited to individuals who previously registered for TPS under Sudan’s designation. This population includes nationals of Sudan (and individuals without nationality who last resided in Sudan) who have been continuously residing in the United States since at least August 16, 2023, with or without lawful immigration status.

Every individual processed by the Department of Homeland Security goes through rigorous national security and public safety vetting during the original application process and again during re-registration. If any individual is identified as posing a threat, they may be detained, removed, or referred to other federal agencies for further investigation or prosecution as appropriate. Individuals are barred from TPS if they have been convicted of any felony or two misdemeanors.

DHS recognizes that not all re-registrants may receive a new Employment Authorization Document (EAD) before their current EAD expires and is automatically extending for 12 months the validity of EADs previously issued under Sudan’s TPS designation.

U.S. Citizenship and Immigration Services (USCIS) will continue to process pending applications filed under the Sudan designation.  Both initial applicants and re-registering current beneficiaries who have a pending Form I-821 or Form I-765 do not need to file either application again. If USCIS approves an individual’s pending Form I-821, USCIS will grant them TPS through October 19, 2026.  Similarly, if USCIS approves a pending TPS-related Form I-765, USCIS will issue the individual a new EAD that will be valid through the same date.   

A soon-to-be-published Federal Register notice will explain the eligibility criteria, timelines, and procedures necessary for current beneficiaries to re-register and renew their EADs.

Source: US Department of Homeland Security

Extension Allows Eligible Ukrainian Nationals Who Arrived on or Before August 16, 2023, to Maintain TPS and Employment Authorization Following Vetting 

WASHINGTON – The Department of Homeland Security announced today the extension of Temporary Protected Status (TPS) for Ukraine for 18 months. The extension of TPS is due to ongoing armed conflict and extraordinary and temporary conditions in Ukraine that prevent eligible Ukrainian nationals from safely returning. 

After reviewing the country conditions in Ukraine and consulting with interagency partners, it was determined that an 18-month TPS extension is warranted because of conditions resulting from the expansion of the Russian military invasion into Ukraine, the largest conventional military action in Europe since World War II. Russia’s expanded military invasion has led to high numbers of civilian casualties and reports of war crimes and crimes against humanity committed by Russian military forces and officials. This invasion has caused a humanitarian crisis, with significant numbers of individuals fleeing and damage to civilian infrastructure that has left many without electricity or access to medical services. These conditions prevent Ukrainian nationals and habitual residents from safely returning. Such a determination meets the statutory obligation to decide, at least 60 days before the expiration of a TPS designation, whether the conditions for designation continue to be met and merit an extension.

The extension of TPS for Ukraine allows approximately 103,700 current eligible beneficiaries to re-register for TPS, if they continue to meet eligibility requirements. Re-registration is limited to individuals who previously registered for TPS under Ukraine’s designation. This population includes nationals of Ukraine (and individuals without nationality who last resided in Ukraine) who have been continuously residing in the United States since at least August 16, 2023, with or without lawful immigration status. 

Every individual processed by the Department of Homeland Security goes through rigorous national security and public safety vetting during the original application process and again during re-registration. If any individual is identified as posing a threat, they may be detained, removed, or referred to other federal agencies for further investigation or prosecution as appropriate. Individuals are barred from TPS if they have been convicted of any felony or two misdemeanors. 

DHS recognizes that not all re-registrants may receive a new Employment Authorization Document before their current EAD expires and is automatically extending for 12 months the validity of EADs previously issued under Ukraine’s TPS designation. 

U.S. Citizenship and Immigration Services (USCIS) will continue to process pending applications filed under the Ukraine designation. Both initial applicants and re-registering current beneficiaries who have a pending Form I-821 or Form I-765 do not need to file either application again. If USCIS approves an individual’s pending Form I-821, USCIS will grant them TPS through October 19, 2026. Similarly, if USCIS approves a pending TPS-related Form I-765, USCIS will issue the individual a new EAD that will be valid through the same date.    

A soon-to-be-published Federal Register notice will explain the eligibility criteria, timelines, and procedures necessary for current beneficiaries to re-register and renew EADs. 

Source: US Department of Homeland Security

Extension Allows Eligible Venezuelan Nationals Who Arrived on or Before July 31, 2023, to Maintain TPS and Employment Authorization Following Vetting

WASHINGTON –The Department of Homeland Security announced today the extension of Temporary Protected Status (TPS) for Venezuela for 18 months. The extension of TPS is due to extraordinary and temporary conditions that prevent eligible Venezuelan nationals from safely returning. After reviewing the country conditions in Venezuela and consulting with interagency partners, it was determined that an 18-month TPS extension is warranted based on the severe humanitarian emergency the country continues to face due to political and economic crises under the inhumane Maduro regime. These conditions have contributed to high levels of crime and violence, impacting access to food, medicine, healthcare, water, electricity, and fuel. Such a determination meets the statutory obligation to decide, at least 60 days before the expiration of a TPS designation, whether the conditions for designation continue to be met and merit an extension.

Individuals may be eligible if they have continuously resided in the United States on or before July 31, 2023. Venezuelan nationals who arrived in the United States after July 31, 2023, are not eligible for TPS. Those who do not enter through a lawful process or pathway will be subject to enforcement consequences. 

Every individual processed by the Department of Homeland Security goes through rigorous national security and public safety vetting during the original application process and again during re-registration. If any individual is identified as posing a threat, they may be detained, removed, or referred to other federal agencies for further investigation or prosecution as appropriate. Individuals are barred from TPS if they have been convicted of any felony or two misdemeanors.   The extension of TPS for Venezuelans runs from April 3, 2025, to October 2, 2026, and allows approximately 600,000 eligible current beneficiaries to retain TPS through October 2, 2026, if they re-register and continue to meet TPS eligibility requirements. Venezuelan nationals who registered for TPS under the 2021 Venezuela TPS designation are also eligible to re-register for TPS under this extension, as they meet the same eligibility requirements. Venezuelan TPS beneficiaries must timely re-register during the re-registration period that runs from the publication of Federal Register notice to September 10, 2025, to ensure they keep their TPS and work authorization. DHS recognizes that not all re-registrants may receive a new Employment Authorization Document (EAD) before their current EAD expires and is automatically extending through April 2, 2026, the validity of certain EADs previously issued.

U.S. Citizenship and Immigration Services (USCIS) will continue to process pending applications filed under previous Venezuela designations. Both initial applicants and re-registering current beneficiaries who have a pending Form I-821 or Form I-765 under Venezuela 2023 do not need to file either application again. If USCIS approves an individual’s pending Form I-821, USCIS will grant them TPS through October 2, 2026. Similarly, if USCIS approves a pending TPS-related Form I-765, USCIS will issue the individual a new EAD that will be valid through the same date. 

A soon-to-be-published Federal Register notice will explain the eligibility criteria, timelines, and procedures necessary for current beneficiaries to re-register and renew EADs. Re-registration is limited to individuals who previously registered for and were granted TPS under either the 2021 or 2023 designations for Venezuela.

Source: US Department of Homeland Security

Source: US Department of Homeland Security

During emergency events, the Department of Homeland Security (DHS) works with its federal, state, local, and non-governmental partners to support the needs of the people in the areas that may be impacted.

In such circumstances, U.S. Immigration and Customs Enforcement (ICE) and U.S. Customs and Border Protection (CBP) remind the public that sites that provide emergency response and relief are considered protected areas. To the fullest extent possible, ICE and CBP do not conduct immigration enforcement activities at protected areas such as along evacuation routes, sites used for sheltering or the distribution of emergency supplies, food or water, or registration sites for disaster-related assistance or the reunification of families and loved ones.

At the request of FEMA or local and state authorities, ICE and CBP may help conduct search and rescue, air traffic de-confliction and public safety missions. ICE and CBP provide emergency assistance to individuals regardless of their immigration status. DHS officials do not and will not pose as individuals providing emergency-related information as part of any enforcement activities.

DHS is committed to ensuring that every individual who seeks shelter, aid, or other assistance as a result of a natural disaster or emergency event is able to do so regardless of their immigration status.

DHS carries out its mission without discrimination on the basis of race, religion, gender, sexual orientation or gender identity, ethnicity, disability or political associations, and in compliance with law and policy.

For information about filing a complaint with the DHS Office for Civil Rights and Civil Liberties about these matters, please visit our Make a Civil Rights Complaint page.

Source: US Department of Homeland Security

New Resource for Federal, State, and Local Officials Provides Best Practices for Responsible AI Development in the Public Sector

WASHINGTON – Today, the Department of Homeland Security (DHS) released the “Playbook for Public Sector Artificial Intelligence Deployment,” an innovative guide designed to help government officials improve the delivery of services through the responsible and effective deployment of generative artificial intelligence (GenAI) technologies. The playbook offers actionable steps state, local and federal officials can take and examples of how DHS applied and learned these principles in its own GenAI journey. By implementing the recommended actions and best practices, organizations can build a robust foundation for AI deployment, enhance internal capabilities, and ensure responsible and effective use of AI technologies.

“The rapid evolution of GenAI presents tremendous opportunities for public sector organizations. DHS is at the forefront of federal efforts to responsibly harness the potential of AI technology,” said Secretary of Homeland Security Alejandro N. Mayorkas. “This new resource draws from our own experiences to help state and local leaders adopt AI technologies in their own work. Safely harnessing the potential of GenAI requires collaboration across government, industry, academia, and civil society, and we hope state and local leaders join our effort to foster a responsible, mission-focused culture of innovation.”

“The release of this playbook marks a significant step forward in our efforts to integrate safe and secure AI use responsibly and effectively within the public sector,” said DHS Chief Information Officer Eric Hysen. “By sharing our experiences and best practices, we aim to empower other government agencies to leverage AI in a way that enhances their missions while safeguarding the rights and privacy of the individuals they serve.”

Over the past several years, DHS has been at the forefront of integrating AI into its operations. The Department has developed and implemented numerous AI and machine learning (ML) initiatives to enhance its capabilities in areas such as cybersecurity, border security, disaster response, and immigration services. These efforts include the creation of the DHS Artificial Intelligence Task Force, the publication of the DHS Artificial Intelligence Roadmap, and the establishment of the AI Corps to attract top AI talent. DHS remains committed to advancing AI technologies in a manner that upholds the highest standards of privacy, civil rights, and civil liberties.

The playbook features detailed case studies from DHS’s own pilots, which tested GenAI applications that enhanced investigative leads, assisted local governments with hazard mitigation planning, and created innovative training opportunities for immigration officers. The cutting-edge guide makes recommendations to state and local leaders based on lessons learned from these pilots and is designed to be an accessible resource for public sector organizations at any stage of their AI journey.

The Playbook traces the steps that DHS took in our own development of GenAI applications:

• Develop Mission-Enhancing GenAI Use Cases: Approaches for aligning AI projects with organizational priorities and mission needs.
• Build Coalitions and Foster Effective Governance: Strategies for gaining buy-in within your organization from senior leadership and building cross-organizational coalitions.
• Leverage Tools and Infrastructure: Recommendations for taking advantage of existing technical tools and infrastructure to support AI development.
• Use AI Responsibly and Safely: Principles for minimizing potential harm and ensuring ethical AI use.
• Measure Progress and Defining Success: Methods for tracking the effectiveness of AI deployments through key performance indicators.
• Train Employees and Hiring Technical Talent: Approaches for upskilling current employees and attracting technical talent.
• Seek User Feedback: Best practices for engaging users and stakeholders throughout the AI development lifecycle.

This playbook is a product of the Department’s ongoing commitment to transparency and harnessing the transformative potential of AI while ensuring the safety, security, and privacy of the American people. Most recently, DHS published its updated AI Use Case Inventory, providing public visibility into non-classified and non-sensitive uses of AI across the Department. Additionally, the Department has implemented robust training programs to educate employees on responsible AI use and has engaged with external stakeholders, including Congress and the public, to build trust and demonstrate accountability. In November 2024, DHS launched the Roles and Responsibilities Framework for Artificial Intelligence in Critical Infrastructure, a set of actionable recommendations to help promote safe and secure development and deployment of artificial intelligence across all U.S. critical infrastructure, which was written in consultation with DHS’s AI Safety and Security Board, a public-private advisory committee composed of AI leaders representing industry, academia, civil society, and the public sector. 

DHS will continue to share further lessons learned and updates as it advances its AI initiatives. To read the playbook, visit DHS Generative AI Public Sector Playbook | Homeland Security.

To learn more about the ways DHS is safely and responsibly leveraging AI to protect the homeland, visit the Artificial Intelligence at DHS webpage.

Source: US Department of Homeland Security

Guidance helps all organizations strengthen security in software development life cycle

WASHINGTON – Today, the Cybersecurity and Infrastructure Security Agency (CISA) released new voluntary cybersecurity performance goals for the information technology (IT) and product design sector. The IT Sector Specific Goals (SSGs) are aligned to Secure by Design principles and will help to protect the sector from cyber incidents, identify and address vulnerabilities prior to product release, improve incident response, and significantly improve software security. CISA worked extensively with the IT Sector Coordinating Council (IT SCC) to develop these goals. Through the IT SCC, subject matter experts, associations, and other key partners provided critical, beneficial input and supported the development process.

While specific to the IT sector, the goals provide software and product developers in all critical infrastructure sectors with minimum foundational practices upon which they should focus their efforts. Recommended actions include:

• Logically separate all software development environments from each other using controls such as network segmentation and access controls.
• Regularly log, monitor, and review trust relationships used for authorization and access across software development environments.
• Require multi-factor authentication (MFA)—ideally phishing resistant MFA—to access all software development environments.
• Establish and enforce security requirements for software products used across software development environments.
• Do not store sensitive data or credentials in source code. Instead, store sensitive data and credentials in an encrypted manner, such as using a secret manager.
• Establish a software supply chain risk management program

“The IT SSGs help critical infrastructure sectors significantly strengthen cybersecurity in the design and development of software and hardware. We encourage organizations to review and implement the goals which will benefit and protect the supply chain including consumers,” said CISA Director Jen Easterly, “The industry collaboration was critical to shaping goals with highest-impact and guiding organizations to prioritize their efforts. We applaud organizations that are choosing to take ownership of the security outcomes of their customers.”

CISA encourages product developers to adopt these SSGs to significantly improve the cybersecurity posture of software products, to include those designed for critical infrastructure services, relied upon by our nation. For more information, visit Cybersecurity Performance Goals on CISA.gov. 

###

About CISA 

As the nation’s cyber defense agency and national coordinator for critical infrastructure security, the Cybersecurity and Infrastructure Security Agency leads the national effort to understand, manage, and reduce risk to the digital and physical infrastructure Americans rely on every hour of every day.

Visit CISA.gov for more information and follow us on X, Facebook, LinkedIn, Instagram.