Identity solutions provider Okta said this week that the hack of its customer support management system disclosed in October impacted many more of its customers than previously thought, but did not impact its FedRAMP High and Defense Department IL4 environments used by the Federal government. […]

The Intelligence Advanced Research Projects Activity (IARPA) is seeking to provide novel technologies to improve the response of both law enforcement and the intelligence community (IC) in attributing the sources of malicious cyberattacks. […]

Jen Easterly, CISA

The Cybersecurity and Infrastructure Security Agency (CISA) – in partnership with the United Kingdom’s National Cyber Security Centre (NCSC) – has released guidelines to help AI developers make informed cybersecurity decisions.  […]

The Department of Navy on Tuesday released its inaugural Department of the Navy Cyber Strategy, which identifies seven distinct lines of effort to enhance the naval services’ cybersecurity posture and emphasizes cyber as a warfighting domain. […]

The Department of Energy’s Idaho National Laboratory (INL) has suffered a significant data breach that exposed the data of employees including included addresses, Social Security numbers, and bank account information. […]

CISA
CISA

The Cybersecurity and Infrastructure Security Agency (CISA) has announced the launch of its new Cybersecurity Shared Services Pilot Program, which is designed to deliver cutting-edge cybersecurity shared services on a voluntary basis to critical infrastructure entities such as the healthcare, water, and K-12 education sectors. […]

White House flag at half mast
NIST

The National Institute of Standards and Technology (NIST) on Nov. 9 released new draft guidance of revised cybersecurity requirements for protecting sensitive unclassified information housed by non-Federal systems and organizations including government contractors. […]

Microsoft HQ
Anne Neuberger, deputy national security advisor for cyber and emerging technology

An alliance of nearly 50 countries has joined together to sign a policy statement pledging that their governments will not pay ransom demands to cybercriminals, a senior White House official said today. […]

The Department of Homeland Security (DHS) unveiled new cybersecurity evaluation metrics it will use to evaluate the cyber defenses of contractors before awarding contracts, the department announced in a notice published to Sam.gov on November 1. […]

Cybersecurity

With cybersecurity becoming ever more important to organizational success, a new report from ISC2 finds that the workforce gap in the cybersecurity sector across the globe has grown by 13 percent on a year-over-year basis since 2022, indicating the need to fill an additional four million more needed cybersecurity jobs.   […]

election security

Harry Coker – President Biden’s pick to serve as the nation’s second-ever permanent National Cyber Director (NCD) – sailed through his first Senate nomination hearing today with little to no opposition from lawmakers. Coker pledged that the workforce would be his top priority if confirmed to the chief cyber position. […]

U.S. Cyber Command (CYBERCOM) said it is conducting a focused internal defensive cyberspace project to improve the internal defensive capabilities of the service and its allies during the month of October. […]

cybersecurity

A new report out this week from Zscaler ThreatLabz finds a 400 percent increase in internet of things (IoT) and operational technology (OT) malware attacks since 2022, underscoring the need for better zero trust security to protect critical infrastructures. […]

The Cybersecurity and Infrastructure Security Agency (CISA) is leading an effort to update the National Cyber Incident Response Plan (NCIRP) by the end of 2024, as directed in the Biden administration’s National Cybersecurity Strategy released earlier this year. CISA, in close coordination with the Office of the National Cyber Director (ONCD), is embarking on a […]

Cyber workforce

The top Republican on the House Homeland Security Cybersecurity and Infrastructure Protection Subcommittee – the congressional arm that maintains oversight of the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) – said today that an insufficient workforce remains the top cyber threat to our nation.   […]

Air Force

Many Federal agencies are looking to use AI as a key cybersecurity tool, but before agencies get too far ahead of themselves, U.S. Air Force Deputy Chief Information Officer (DCIO) Winston Beauchamp said on Tuesday that the number one thing agencies can do to improve their cybersecurity posture is to modernize their IT architecture. […]

Chris DeRusha, Federal CISO

Federal Chief Information and Security Officer (CISO) Chris DeRusha said today that as the Federal government is making real progress on cybersecurity, his “cup is actually half empty” when it comes to the security of AI. […]

GSA General Services Administration
ransomware

A recent survey found that organizations victimized by ransomware attacks are increasingly deciding to pay the ransom demand to regain access to their systems and data. Those same organizations also are concerned that generative AI could enhance future attacks. […]

water, tap water, safe drinking water

The Executive Director of the Cybersecurity and Infrastructure Security Agency (CISA) said today that the threat posed by China within the cyber realm is evolving and much more serious today than it was a decade ago ­– particularly when it comes to potentially targeting the United States’ critical infrastructure. […]

AI
FBI

Many Federal government agencies are having a difficult time filling cybersecurity roles with skilled personnel, but going forward, the FBI is placing an emphasis on building a diverse workforce to support its mission. […]

CISA

The Cybersecurity and Infrastructure Security Agency (CISA) published new guidance today to improve security and risk management of open source software (OSS) use at operational technology (OT) vendors and critical infrastructure facilities. […]

A newly released advisory from the Cybersecurity and Infrastructure Security Agency (CISA), in partnership with the National Security Agency (NSA), highlights the most common cybersecurity misconfigurations in large organizations.  […]

Categories