Iranian government-sponsored hackers are conducting active cyber operations against global commercial and government networks, according to a warning issued earlier this week by United States and United Kingdom intelligence agencies. […]

supply chain

In response to President Biden’s Executive Order 14017, America’s Supply Chains, the Department of Energy (DOE) today released a comprehensive plan to ensure security and increase energy independence in the United States.  […]

cellphone
Achieve Zero Vulnerability With Proven Appliance-Based Security

The CIO Council is currently leading an effort, along with a multi-agency working group, to develop a new Zero Trust Playbook for agencies, according to Thomas Santucci, the director of the General Services Administration Data Center and Cloud Optimization Initiative Program Management Office (DCCOI PMO). […]

NIST

The National Institute of Standards and Technology (NIST) is seeking information on evaluating and improving its cybersecurity resources, including a possible update to its Cybersecurity Framework first issued in 2014 and later updated in 2018.   […]

With tensions mounting between Russia and Ukraine, the Cybersecurity and Infrastructure Security Agency (CISA) is warning critical infrastructure (CI) owners and operators – as well as any other United States-based organizations – to keep their guard up. To help organizations do that, the cybersecurity agency released insights for the CI sector, as well as a new webpage Feb. 18 to help organizations better steel themselves against a potential Russian cyber threat. […]

Space NASA Satellites

The U.S. Space Force’s Space Systems Command, along with the U.S. Air Force, is looking for feedback on its plans to conduct live, virtual, and on-orbit space cyber test and training events to boost training efforts for cyber professionals. […]

CISA

The Cybersecurity and Infrastructure Security Agency (CISA) has launched a new webpage featuring a catalog of free cybersecurity tools and resources that the agency hopes will serve as a “one-stop resource where organizations of all sizes can find free public and private sector resources to reduce their cybersecurity risk.” […]

The White House’s top cybersecurity advisor today blamed Russia for cyberattacks earlier this week against the Ukrainian government and banking sectors and said that the U.S. is actively helping Ukraine to fend off cyber assaults in the run-up to a possible Russian military invasion of that country. […]

Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly made a strong pitch on Feb. 17 for the agency’s push to create an underlying culture of organizational success that she said is critical to creating optimal performance at the nation’s cyber defense agency. […]

Just over a week after announcing the agency’s largest-ever financial seizure – $3.6 billion in Bitcoin – Deputy Attorney General Lisa Monaco said today that Eun Young Choi will serve as the first director of the Department of Justice’s National Cryptocurrency Enforcement Team (NCET). […]

A new cybersecurity advisory from the Federal government’s top cybersecurity watchdogs says that Russian state-sponsored hackers have compromised numerous defense industrial base (DIB) contractors both large and small over the past two years, and warns about the extensive bag of tricks that those hackers use when they target defense contractors. […]

The Senate Small Business and Entrepreneurship Committee on Feb. 15 voted to approve the Small Business Administration (SBA) Cyber Awareness Act (H.R. 3462), which requires SBA to issue an annual report on its cybersecurity capabilities, and notify Congress in the event of a cybersecurity breach potentially compromising sensitive information. […]

The Department of Defense (DoD) expects around 80,000 Defense Industrial Base (DIB) contractors will need a third-party assessment to reach Level 2 compliance for the Cybersecurity Maturity Model Certificate (CMMC) 2.0 program – double the previously estimated number of companies. […]

cybersecurity

Efforts by the Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) to invest in real-time information sharing capabilities are keying the Biden administration’s campaign to improve industrial control systems (ICS) cybersecurity, CISA and NSA officials said this week. […]

A new memo from the Department of Defense (DoD) is encouraging the use of a continuous Authorization To Operate (cATO) under the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) – instead of a point-in-time ATO – to serve as the “gold standard” for systems’ cybersecurity risk management. […]

website

The General Services Administration is going on the hunt for a permanent director to lead its Login.gov effort and oversee deployment of the $187 million Technology Modernization Fund (TMF) award GSA got for the project last year. […]

F-35

The Department of Defense’s (DoD) F-35 Lightning II Joint Program Office (JPO) Cyber Team seeks to advance its cyber capabilities to better protect against cyber threats and increase mission assurance. […]

cyber workforce

While the Office of the National Cyber Director (ONCD) is still the new kid on the block in Federal cybersecurity policy circles, National Cyber Director Chris Inglis said this week that his office’s success ultimately will hinge on whether it can unite policy, people, and doctrine to act as a viable collaborator with the Federal government and private industry. […]

After reviewing the cyberattack trends from 2021, the Cybersecurity and Infrastructure Security Agency (CISA) issued a joint advisory with the FBI and other international security partners warning of the rising global threat of ransomware and gave mitigation and remediation advice. […]

Internal Revenue Service (IRS) Commissioner Charles Rettig told Sen. Maggie Hassan, D-N.H., in late December that the IRS needs more money and changes to the tax code to better prevent and prosecute criminal uses of cryptocurrency, which has emerged in recent years as a favored medium of exchange involving ransomware and other cyber attacks. […]

Federal law enforcement seized more than $3.6 billion in stolen cryptocurrency directly linked to the 2016 hack of virtual currency exchange Bitfinex, and have arrested a husband and wife from New York allegedly connected to the stolen bitcoins.     […]

In the wake of the discovery and remediation efforts surrounding the Log4shell vulnerability in the Apache library that contains Log4j, the Cybersecurity and Infrastructure Security Agency (CISA) called for efforts to push forward a software bill of materials (SBOM). Those calls were reiterated today at a Senate hearing on the vulnerability by industry witnesses involved in remediation efforts. […]

Leadership of the Senate Homeland Security and Governmental Affairs Committee has introduced a package bill in the Senate that would update both the Federal Information Security Management Act (FISMA), which sets cybersecurity requirements for Federal agencies, and codify the Federal Risk and Authorization Management Program (FedRAMP) that certifies cloud services as secure to use for Federal government agencies. […]

NSA

The National Security Agency (NSA) released its “2021 NSA Cybersecurity Year in Review” report that highlights a year filled with increased collaboration with industry experts to mitigate cyber threats. […]

supply chain risk management process automation
cyber workforce

In their efforts to help shrink the cyber workforce shortage, officials from the Office of the National Cyber Director (OCND) and the Cybersecurity and Infrastructure Security Agency (CISA) are emphasizing the need for collaboration and creation of a more robust culture of cybersecurity – starting with K-12 education on up. […]

Categories