Rep. Jim Langevin, D-R.I., one of the leading voices on cybersecurity in Congress, is pushing for an amendment to the FY2023 National Defense Authorization Act (NDAA) to include two items he has long advocated – the creation of a class of a “systemically important” critical infrastructure providers, and the formation of a government Bureau of Cyber Statistics. […]
The Office of Management and Budget (OMB) is working to develop a system that generates trust scores before allowing access to its network or applications, according to the chief information security officer (CISO) of the agency’s Management and Operations Division. […]
To better manage and protect against cybersecurity risks the Environmental Protection Agency (EPA) must establish an enterprise-wide cybersecurity risk assessment framework, the Government Accountability Office (GAO) said in its latest annual priority recommendations report to the agency. […]
The Department of Energy (DoE) said on July 6 that it will prioritize awards under a $2.3 billion power grid modernization grant funding program to include systems at risk of disruptive events including cyber attacks. […]
Developing a cybersecurity risk management strategy would improve the Department of Energy’s (DOE) efforts to manage cybersecurity risks and protect the nation’s electric grid, the Government Accountability Office (GAO) said in its latest annual priority recommendations report to the agency. […]
The Government Accountability Office (GAO) is recommending in a new report that the Defense Department (DoD) adopt a more centralized and “robust” strategy to mitigate a variety of risks faced by Defense Industrial Base (DIB) companies that supply the Pentagon and do a better job keeping track of the results of those mitigation efforts. […]
Rep. Ritchie Torres, D-N.Y., introduced legislation on July 1 that would require the Cybersecurity and Infrastructure Security Agency (CISA) to investigate and report on the impact of the 2020 SolarWinds cyberattack on Federal agency networks and U.S. critical infrastructure. […]
The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and Department of the Treasury (DoT) released an advisory on July 6 that attributes ransomware attacks launched against healthcare and public health (HPH) organizations to North Korean state-sponsored organizations. […]
The Department of Justice (DoJ) is targeting increased efforts to fight ransomware-driven cyber attacks – amid a host of other improved cybersecurity approaches – as one of a number of new agency priority goals in DoJ’s 2022-2026 Strategic Plan published on July 1. […]
The Cybersecurity and Infrastructure Security Agency (CISA) has set a deadline of July 22 for Federal civilian agencies to apply Microsoft’s June 2022 Patch Tuesday update. […]
The Cybersecurity and Infrastructure Security Agency (CISA), FBI, Treasury Department, and the Financial Crimes Enforcement Network (FinCEN) have released a joint cybersecurity advisory warning of MedusaLocker targeting vulnerabilities in Remote Desktop Protocol (RDP) to conduct ransomware attacks. […]
A cyberattack on IT services provider Geographic Solutions, Inc. (GSI) has disrupted the provision of unemployment and workforce benefits for thousands of people in several states and Washington, D.C. […]
Laura Galante took over last month as director of the Cyber Threat Intelligence Integration Center (CTIIC), according to her LinkedIn account. […]
The Cybersecurity and Infrastructure Security Agency (CISA) has issued guidance for users of Microsoft Exchange Online to switch from Basic Authentication, or “Basic Auth,” to Modern Authentication, or “Modern Auth” – which supports multi-factor authentication (MFA) – by the beginning of October. […]
The North Atlantic Treaty Organization (NATO) declared on June 29 its adoption of a new “strategic concept” that names Russia as the “most significant and direct threat” to NATO allies’ security and stability, wraps cybersecurity initiatives more tightly into the alliance’s strategy, and establishes a Defense Innovation Accelerator “to bolster our technological edge.” […]
Federal cybersecurity leaders argued against the effectiveness of cyber insurance as a way to alleviate financial burdens associated with ransomware attacks during a hearing of the House Homeland Security Committee’s panel on intelligence and counterterrorism on June 28. […]
U.S. Cyber Command (USCC) wants more technology organizations on the front lines of the global cybersecurity effort to improve defensive capabilities and share threat data with the government, a senior official from the command said on June 27. […]
The Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA), along with international partners, published guidance last week for cyber defenders that advises them to not remove PowerShell – Microsoft’s built-in command-line tool with Windows – but to properly configure it. […]
Cybersecurity leaders from the Defense Department (DoD) are providing some more clarity on the timeline for implementation of the Cybersecurity Maturity Model Certification (CMMC) program, and said they expect CMMC requirements could begin appearing in solicitations for government contracts as early as May 2023. […]
Amit Mital, senior director for cybersecurity and policy on the White House’s National Security Council (NSC), is on the hunt for a unified and trusted secure digital identity technology that he said has the potential to dramatically reduce identity-based fraud and the success of attempted ransomware attacks. […]
The U.S. House of Representatives has passed legislation that would strengthen U.S. cybersecurity protections for Industrial Control Systems (ICS) amid increased Russian cyber threats to ICS targets. […]
The Cybersecurity and Infrastructure Security Agency (CISA) today issued an updated version of its Cloud Security Technical Reference Architecture (TRA) that serves as guidance for Federal civilian agencies for secure migration to cloud services. […]
President Biden on June 21 signed a bill that establishes a cybersecurity rotational workforce program within the Federal government. […]
The U.S. Department of Justice – in collaboration with law enforcement partners in Germany, the Netherlands, and United Kingdom – has dismantled the infrastructure of a Russian botnet known as RSOCKS and responsible for hacking millions of computers and other electronic devices around the world. […]
The Cybersecurity and Infrastructure Security Agency (CISA) is aiming to issue the second version of its Zero Trust Maturity Model this summer, according to Eric Goldstein, CISA’s executive assistant director for cybersecurity. […]
A recent keynote address from Lt. Gen. Robert Skinner, director of the Defense Information Systems Agency (DISA), stands out as a perfect example of this digital transformation-inspired dynamic. Skinner spoke at AFCEA International’s TechNet Cyber event and presented a “wish list” of advancements that would help DISA significantly improve operations and solve its problems. “Every great innovation started when somebody said, ‘Wouldn’t it be cool if…’” Skinner told his audience of private sector IT firms. […]
The United States Postal Service (USPS) has appointed Michael Billingsley as the new director for Cybersecurity Engineering for the Office of the Chief Information Officer. […]
The White House’s Office of the National Cyber Director (NCD) has made a few new recent hires to staff up the office and support the office’s mission. […]
The White House’s Office of Management and Budget’s (OMB) zero trust memo issued earlier this year, M-22-09, directed Federal agencies to migrate to zero trust security architectures, but a White House official this week said agencies’ success in that effort will look different for the policy’s various directives. […]
The House Appropriations Homeland Security Subcommittee today approved a homeland security budget print for fiscal year (FY) 2023 that includes $2.93 billion for the Cybersecurity and Infrastructure Security Agency (CISA), representing a $334 million increase from FY2022 and a $417 million increase over the requested amount. […]