As the National Institute of Standards and Technology (NIST) works to update its influential Cybersecurity Framework – first issued in 2014 and later updated in 2018 – a NIST official said on May 17 that the agency is leaning on industry feedback as it embarks on the new update. […]
Federal government cybersecurity leaders told House members today that the government has made very significant progress in executing the Biden administration’s cybersecurity executive order (EO) issued a year ago, but also reminded lawmakers that funding is key to continued success in implementing crucial tenets of the order. […]
With $1.3 trillion of investments to infrastructure projects on tap in the Infrastructure Investment and Jobs Act, National Cyber Director Chris Inglis today emphasized the importance of making sure each of those projects are made secure from a cyber perspective. […]
Rapidity of incident response and personnel training are high on the priority list at the Defense Department’s U.S. Transportation Command (TRANSCOM) as it grapples with implementing cybersecurity strategies, a TRANSCOM official said on May 12. […]
Several major technology organizations have pledged more than $30 million to bolster the security of open-source software. […]
Achieving effective cybersecurity relies on experts from all corners of an enterprise – network systems administrators, cloud experts, data stewards, cybersecurity officers, and more. Making all of those parts work right together makes cybersecurity the ultimate team sport, and it requires all levels of an organization to understand and avoid risks to a network, said Steven Hernandez the chief information security officer (CISO) for the Department of Education (DoE). […]
The 107 conferees assigned to hash out the differences between the House and Senate-passed semiconductor manufacturing, innovation, and competition bills met for the first time May 12 to officially kick off the conferencing process and begin to stake out their priorities for the final bill. […]
The United States on May 12 signed onto an expanded version of the Budapest Convention that governs international cooperation against cyber crime, and that in its expanded form will allow for easier collection of cross-border electronic evidence. […]
Larry Grossman, Director of Information Security and Privacy Services at the Federal Aviation Administration (FAA), explained this week that his organization’s priorities for improving cybersecurity run the gamut from the latest in zero trust work, to the more traditional but necessary steps to improve cyber hygiene across the board. […]
The House of Representatives approved a pair of bills May 10 to bolster Federal cybersecurity by creating a Federal cybersecurity rotational workforce program and developing a training program for Federal officials with supply chain risk management responsibilities. […]
The Biden Administration is continuing to build out its still-nascent Office of the National Cyber Director (ONCD) with three new senior additions to the team including a prominent executive from Microsoft and a former official from the Central Intelligence Agency (CIA). […]
The Cybersecurity and Infrastructure Security Agency (CISA) issued a joint cybersecurity advisory on May 11 – along with Federal law enforcement partners and international allies – that warns of an increase in malicious cyber activity targeting managed service providers (MSPs). […]
Cybersecurity services provider CrowdStrike said today it has identified a sophisticated post-exploitation framework that was first detected in 2021 and that has been observed in multiple victim environments in geographically distinct locations – with intrusions spanning technology, academic, and government sectors. […]
The Department of Transportation’s (DoT) Pipeline and Hazardous Materials Safety Administration (PHMSA) has proposed nearly $1 million in fines against Colonial Pipeline Company for multiple alleged “probable violations” of Federal pipeline safety regulations, PHMSA announced May 5. […]
The National Institute of Standards and Technology (NIST) released a zero trust planning guide May 6 for Federal administrators that provides an overview of how the NIST Risk Management Framework (RMF) can be used to develop and implement a zero trust architecture (ZTA). […]
The never-ending rise of cyberattacks on government agencies and critical infrastructure providers underlines the urgent need for both government and the private sector to accelerate toward more agile and resilient cybersecurity models. Government and industry cybersecurity experts will point the way forward to more resilient security postures when they gather on Thursday, May 19 from […]
The never-ending battle against cyber adversaries – and the Federal government’s aim for a quantum leap in improving cyber defenses around zero trust security concepts – has made cybersecurity the white-hot priority for both the public and private sector over the past 12 months. […]
One year ago, the Colonial Pipeline ransomware attack set off a chain reaction of cyber initiatives that would forever impact the private and public sectors. […]
The National Institute of Standards and Technology (NIST) has updated its cybersecurity guidance for supply chain risk management to help organizations protect themselves in acquiring and using technology products and services. […]
As ransomware attacks become more sophisticated and damaging, resources from the Federal government are providing guidance on how to combat attacks, reduce attack surfaces, and speed recovery – government and private sector experts said during a May 3 webinar organized by MeriTalk and Cohesity. […]
As President Biden’s landmark cybersecurity executive order (EO) approaches its first anniversary on May 12, new research shows that most Federal cybersecurity decision-makers solidly back the aims of the EO, but also think that its initial timelines to implement zero trust security are unrealistic. […]
The Department of Defense (DoD) is in the process of updating the Code of Federal Regulations (CFR) to include the Cybersecurity Maturity Model Certification (CMMC) 2.0 program, and DoD’s Principal Deputy CIO Kelly Fletcher said that an updated CFR should be available for public comment by March 2023. […]
The Securities and Exchange Commission (SEC) said on May 3 it will add 20 new positions to its expanded and newly christened Crypto Assets and Cyber Unit – the division responsible for protecting investors in crypto markets, and from cyber-related threats. […]
Rep. Elissa Slotkin, D-Mich., said today that in a world free of constraints she would want companies to need cybersecurity hygiene certifications in order to deal with the Federal government. […]
The Federal government is making a big push toward zero trust security architectures, but with an abundance of guidance on what makes a zero trust architecture successful, the looming question for many Federal agencies is ‘where do we start?’ Randy Resnick, senior advisor for the Zero Trust Portfolio Management Office at the Department of Defense (DoD), believes the first step is planning. […]
The National Institute of Standards and Technology (NIST) is seeking feedback on a draft special publication about its 5G technologies cybersecurity guidance. […]
President Biden today issued an executive order (EO) that elevates the importance of quantum information science (QIS) by reconstituting a previously created Federal QIS advisory committee and putting it more closely under the White House’s wing, while at the same time issuing a National Security Memorandum that lays out plans to address cybersecurity risks posed by quantum computers. […]
The Library of Congress is planning to create a Cloud Management Office (CMO) within its Office of the Chief Information Officer (OCIO), according to the agency’s justification for its fiscal year (FY) 2023 budget request. […]
The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) on Thursday updated a joint cybersecurity advisory regarding malware deployed by Russian state actors as the country continues its war against Ukraine. […]
As Federal agencies look to bring a zero trust security architecture to their disparate agencies and missions, resources are the main obstacle for agencies, the chief information security officer (CISO) for the Department of Homeland Security’s Information and Analysis (DHS I&A) division said today. […]