Earlier this month, U.S. Cyber Command (CYBERCOM) conducted a wide-ranging defensive cyberspace operation focused on sweeping for known malware, and intended to “highlight and enhance CYBERCOM’s interoperability with partners.” […]
New research from (ISC)² sheds light on what it would take to close the longstanding cyber workforce shortage, and the answer is a big number. According to new research from the nonprofit, the cybersecurity profession needs to grow by 3.4 million people to close the global workforce gap. […]
A new report from the Government Accountability Office (GAO) found that Federal agencies are successfully helping state, local, tribal, and territorial (SLTT) governments prevent and respond to ransomware attacks; however, there is still room to improve collaboration. The GAO offered three recommendations for Federal agencies to improve collaboration. […]
The Office of Personnel Management (OPM), during a government operations subcommittee of the House Oversight and Reform Committee hearing, said that it wants to work with Congress on developing a cyber workforce plan to compete for cyber talent. […]
The White House, along with the Departments of Labor and Commerce, are kicking off a 120-day “sprint” aimed at promoting registered apprenticeships in cybersecurity as a way to begin tackling the persistent cyber workforce shortage in the U.S. […]
The Cyber Safety Review Board (CSRB) – in its inaugural report released today – praised the Cybersecurity and Infrastructure Security Agency (CISA) for its response to the ongoing Log4j software vulnerability, and found that to date there have not been any significant Log4J-based attacks on U.S. critical infrastructure. […]
Rep. Jim Langevin, D-R.I., one of the leading voices on cybersecurity in Congress, is pushing for an amendment to the FY2023 National Defense Authorization Act (NDAA) to include two items he has long advocated – the creation of a class of a “systemically important” critical infrastructure providers, and the formation of a government Bureau of Cyber Statistics. […]
The National Institute of Standards and Technology (NIST) has announced the first group of winners from its six-year quantum-resistant cryptographic algorithm competition.
The first group of four winners designed encryption tools to withstand assaults from future quantum computers. They will become part of NIST’s post-quantum cryptographic standard, which is expected to be finalized in two years. […]
A cyberattack on IT services provider Geographic Solutions, Inc. (GSI) has disrupted the provision of unemployment and workforce benefits for thousands of people in several states and Washington, D.C. […]
The Cybersecurity and Infrastructure Security Agency (CISA) today issued an updated version of its Cloud Security Technical Reference Architecture (TRA) that serves as guidance for Federal civilian agencies for secure migration to cloud services. […]
The White House’s Office of the National Cyber Director (NCD) has made a few new recent hires to staff up the office and support the office’s mission. […]
By Scott Ormiston, Federal Solutions Architect, Synack Within a single week in late March, the Biden administration both reissued the call for American companies to shore up their cybersecurity efforts in the wake of the Russia-Ukraine war, and requested nearly $11 billion in cybersecurity funding from Congress for the Federal government and its agencies for […]
The Department of Health and Human Services (HHS) still needs to address a pair of open cybersecurity priority recommendations related to cybersecurity coordination and implementation of a cybersecurity framework, according to a new report by the Government Accountability Organization (GAO). […]
While concern in some quarters of the tech world continues to grow about how to keep pace with growing data storage demand, the Government Accountability Office (GAO) concluded in a new report that exotic alternatives – think options like synthetic DNA – to fill the gap are probably still years away. […]
As President Biden’s landmark cybersecurity executive order (EO) approaches its first anniversary on May 12, new research shows that most Federal cybersecurity decision-makers solidly back the aims of the EO, but also think that its initial timelines to implement zero trust security are unrealistic. […]
The Navy Postgraduate School (NPS) has entered into a Cooperative Research and Development Agreement (CRADA) with Microsoft to look to integrate and utilize emerging technologies in service of the warfighter and national security, the Navy announced May 2. […]
The Cybersecurity and Infrastructure Security Agency (CISA) is seeking industry feedback on two reference documents, one for Secure Cloud Business Applications (SCuBA) and a framework for organization visibility data, according to an April 19 CISA blog post. […]
The Cybersecurity and Infrastructure Security Agency (CISA) said today it adding to its Joint Cyber Defense Collaborative (JCDC) group several private sector firms with expertise in protecting industrial control systems (ICS) and operational technology (OT). […]
The National Institute of Standards and Technology (NIST) is working to apply its Cybersecurity Framework to the ground-based segments of space operations, an April 18 NIST report says. […]
As the Russian invasion of Ukraine continues through its second month with no let-up in sight, Federal cybersecurity and law enforcement officials are warning that they still see indications of potential Russian cyberattacks on United States critical infrastructure, and are reiterating their “Shields Up” warning to meet those potential threats. […]
The Cybersecurity and Infrastructure Security Agency (CISA), along with the FBI, Department of Energy (DoE), and National Security Agency (NSA), is warning that advanced persistent threat (APT) actors are seeking to gain full access to industrial control systems (ICS) and Supervisory Control and Data Acquisition (SCADA) systems, CISA warned in a cybersecurity advisory April 13. […]
The long road to implementing zero trust security architectures may be driven by top-down policy directives and prioritizing technology pillars, but the art and science of communication and collaboration are showing up as vital inputs into organizing Federal agency technologists and network users to move toward the government’s zero trust goals. […]
With the 60-day deadlines for some of the objectives from the Office of Management and Budget’s Zero Trust memo now in the rearview, Federal agencies should have a zero trust implementation plan in place, with a focus on initial data categorization and laying the groundwork for a zero trust architecture. […]
Code for America received two separate investments, totaling $100 million over seven years, to set up its Safety Net Innovation Lab and work with state and local government agencies to modernize their social safety net administration services to make access to government services more equitable, the nonprofit announced April 12. […]
The United States Special Operations Command (SOCOM) is hosting a Security at the Edge Cyber Challenge, with the multiple-phase challenge seeking to identify technologies that are capable of providing security-at-the-edge capabilities, according to a special notice posted on SAM.gov. […]
Microsoft Corp. said it has disrupted cyberattacks from a group linked to the GRU – Russia’s foreign military unit – that were targeting Ukrainian entities and media organizations, as well as government institutions and foreign policy think tanks in the United States, according to an April 7 company blog. […]
Senior Federal and industry cybersecurity leaders agreed that the Office of Management and Budget’s (OMB) August 2021 memorandum M-21-31 to implement new event logging and share threat information has proven to be a significant step in bolstering cybersecurity across Federal civilian agencies. […]
In an effort to better protect critical infrastructure, House representatives and Federal cybersecurity officials spoke today about how to most effectively identify the nation’s most systemically important critical infrastructure. […]
The Department of Treasury announced that, in collaboration with domestic Federal law enforcement partners, its Office of Foreign Assets Control (OFAC) levied sanctions against Hydra, the world’s largest darknet market, and Garantex, a virtual currency exchange. […]
The sometimes-arcane wheels of the congressional process are turning the House and Senate toward finishing up their work on major innovation legislation that includes a $52 billion investment in revitalizing the U.S. semiconductor industry, along with a raft of new cybersecurity programs. […]