A new report from the Government Accountability Office (GAO) found that Federal agencies are successfully helping state, local, tribal, and territorial (SLTT) governments prevent and respond to ransomware attacks; however, there is still room to improve collaboration. The GAO offered three recommendations for Federal agencies to improve collaboration. […]
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a binding operational directive (BOD) that sets baseline requirements for Federal civilian agencies to identify assets and vulnerabilities on their networks, and to provide data to CISA on those assets and on vulnerability detection. […]
President Biden has declared October 2022 as Cybersecurity Awareness Month – making it the 19th consecutive year of that designation. […]
The Cybersecurity and Infrastructure Security Agency (CISA) announced this week that its Protective Domain Name System (DNS) – the agency’s latest shared service offering – is available to all Federal civilian agencies to enhance their cyber defenses. […]
The Senate Homeland Security and Governmental Affairs Committee on September 28 approved by voice vote the Securing Open Source Software Act, which aims to put more Federal government muscle behind protecting open source software following the emergence of the Log4J vulnerability late last year. […]
The Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) released a new cybersecurity advisory on September 22 to help owners and operators of critical infrastructure better protect operational technology (OT) and industrial control systems (ICS) assets from the increasing probability of cyberattacks. […]
Sen. Gary Peters, D-Mich., chairman of the Homeland Security and Governmental Affairs Committee, and Ranking Member Rob Portman, R-Ohio, introduced bipartisan legislation on Sept. 22 that aims to protect open-source software in response to issues raised by the Log4j vulnerability that emerged in December 2021. […]
The Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) released a joint Cybersecurity Advisory on Sept. 21 that revealed Iranian hackers had access to the Albanian government’s network about 14 months before launching the destructive July cyberattack. […]
The Office of the National Cyber Director (ONCD) is developing Federal interagency processes to create transparent and coherent cyber action plans that align with the current activity underway in the cyber landscape, an agency official said. […]
Members of Congress voiced their concerns on the need for more cybersecurity to protect the water infrastructure of the United States at a Homeland Security Committee hearing on Sept. 21. […]
The Federal Communications Commission’s (FCC) Public Safety and Homeland Security Bureau has banned two China-associated telecommunication organizations from providing their services in the United States. […]
The National Security Agency (NSA) and the Cybersecurity and Infrastructure Security Agency (CISA) have published a report that details some of the security concerns of Open Radio Access Network (Open RAN), as well as some of the ways to mitigate such concerns. […]
The Department of Homeland Security (DHS) has announced a first-of-its-kind cybersecurity grant program specifically to support state and local governments (SLGs) across the country. […]
Federal Chief Information Officer Clare Martorana told House lawmakers today that she envisions promising payoffs over the next year from Technology Modernization Fund (TMF) investments spurred by Congress’s $1 billion cash infusion into the fund last year. […]
The Cybersecurity and Infrastructure Security Agency (CISA) is working closely with industry and the National Institute of Standards and Technology (NIST) to finalize its cyber performance goals, an agency official told lawmakers on September 15. […]
Reps. Jason Crow, D-Colo., and Brian Fitzpatrick, R-Pa., on September 13 introduced bipartisan legislation to protect Americans’ healthcare data from cyberattacks. […]
A Federal advisory committee this week approved a set of recommendations to help the Cybersecurity and Infrastructure Security Agency (CISA) protect critical infrastructure, even as the panel criticized some of the government’s current efforts to do so as unfocused and lacking clear national goals. […]
The Office of Management and Budget (OMB) today issued marching orders to Federal agencies to take action to comply with National Institute of Standards and Technology (NIST) guidance for the use of secure supply chain software, as ordered by President Biden’s cybersecurity executive order issued in May 2021. […]
The Cybersecurity and Infrastructure Security Agency (CISA) has issued its strategic plan for 2023 to 2025, setting forth four main goals of cyber defense, risk reduction and resilience, operational collaboration, and agency unification. […]
The Cybersecurity and Infrastructure Security Agency (CISA) published a new request for information (RFI) today looking for feedback on how to best implement cyber incident reporting requirements for critical infrastructure owners and operators. […]
Having a strong “collective defense” – whether that’s a public-private partnership or an international alliance – is critical to defending against cyber adversaries and keeping all entities safe, according to Ann Dunkin, chief information officer (CIO) at the Department of Energy. […]
Russia’s war on Ukraine has not singularly been a terrestrial battle. The war has also involved large-scale cyber operations – the first of its kind. However, Russia has been unable to achieve any prominent advantage in its cyber warfare efforts after its first attack. Ukrainian digital officials attribute this to their ‘secret ingredient’ – the Ukrainian IT Army. […]
The White House said it condemns Iran for its cyberattack against Albania and plans to take action to hold Iran accountable, according to a September 7 statement from the National Security Council (NSC). […]
Work by the Biden administration’s Office of the National Cyber Director (ONCD) on a national cybersecurity strategy is “well underway,” said the Government Accountability Office (GAO) in a report issued this week that features a timeline of the ONCD’s activities since mid-2021. […]
The cyber domain is an ever-changing landscape and the best way to gain an advantage and mitigate possible threats is constant surveillance, said David Frederick, the executive director at the U.S. Cyber Command. […]
The Cyberspace Solarium Commission (CSC) has made a “real impact” on the nation’s cybersecurity posture, Sen. Angus King, I-Maine, said today, and its work is not over yet. […]
While the Department of Defense’s (DoD) new Cybersecurity Maturity Model Certification (CMMC) program seeks to significantly improve the way its contractors store and protect sensitive data, it cannot direct industry on what actions they need to take to be CMMC compliant, said the DoD CMMC lead. […]
The Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly today previewed the agency’s new strategic plan, as well as a request for information (RFI) on cybersecurity incident reporting that will both be released “in a couple days.” […]
The top Federal intelligence community and cybersecurity agencies this week issued a new software supply chain developers guide, and said they “strongly encourage” government agencies and software providers alike to follow the guidelines in order to improve security of the software supply chain. […]
Scott Davis has been promoted to Chief Information Security Officer (CISO) at the Office of Information and Technology (OIT), United States Customs and Border Protection (CBP), according to a CBP spokesperson. […]