Former U.S. Secretary of Defense Ash Carter said cybersecurity risks are a “very serious matter” and called for stronger retaliation from the U.S. government and Department of Defense (DoD) against malicious cyber actors. […]
As the Federal government continues to focus on boosting the nation’s cybersecurity hygiene, Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly said Nov. 18 that visibility and modernization are the keys to improving the nation’s cybersecurity posture. […]
The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI issued a cybersecurity advisory today, warning public and private sector organizations to stay vigilant for ransomware attacks and other cyberattacks leading up to and during the holiday season. […]
After a potential setback late last week, Sens. Gary Peters, D-Mich., and Rob Portman, R-Ohio, are still looking to attach their legislation to reform the Federal Information Security Modernization Act (FISMA) added to the Senate’s fiscal year (FY) 2022 National Defense Authorization Act (NDAA) making its way through the chamber, a Senate Homeland Security and Governmental Affairs Committee staffer told MeriTalk. […]
The Cybersecurity and Infrastructure Security Agency (CISA) has launched its Infrastructure Dependency Primer (IDP) learning tool, which aims to help state, local, tribal, and territorial planners and decisionmakers better understand how infrastructure dependencies can impact their communities and how to increase resilience. […]
The complexity and flexibility of emerging fifth-generation (5G) wireless technologies make the process of defining a security assessment boundary complex, thus it’s crucial to maintain a wide aperture concerning 5G cybersecurity, an official from the Cybersecurity and Infrastructure Security Agency (CISA) said during a Palo Alto Network webinar on Nov 18. […]
The Cybersecurity and Infrastructure Security Agency (CISA) will be rolling out a new protected Domain Name System (DNS) technology in 2022, CISA’s Trusted Internet Connections (TIC) program lead Sean Connelly said on Nov. 18. […]
The Office of the National Cyber Director has hired Rexford G. “Rex” Booth as its senior policy advisor, according to Booth’s LinkedIn. […]
The Department of Justice (DoJ) announced it has charged two Iranian nationals for their role in a cyber-enabled disinformation and threat campaign “to intimidate and influence American voters, and otherwise undermine voter confidence and sow discord” in the 2020 U.S. presidential election. […]
The House of Representatives passed the Build Back Better (BBB) Act this morning, sending the more than $1.75 trillion reconciliation package to the Senate. The bill includes billions for supply chain resiliency, as well as additional cybersecurity and IT modernization funding. […]
The Senate Commerce, Science, and Transportation Committee voted Nov. 17 to approve President Biden’s nomination of Laurie Locascio to become Undersecretary of Commerce for Standards and Technology, and director of the National Institute for Standards and Technology (NIST). […]
U.S., U.K., and Australian cybersecurity agencies are warning that hackers associated with Iran have exploited vulnerabilities in Fortinet and Microsoft products to carry out attacks. Officials urged in a recent advisory that critical infrastructure organizations patch these vulnerabilities to mitigate against possible attacks. […]
An FBI official did not deny prior reports that the agency held the decryption key from the Kaseya ransomware attacks for multiple weeks without giving it to parties victimized by the attacks but told the House Oversight and Reform Committee at a Nov. 16 hearing that it chose to do so in the interest of figuring out how to achieve the widest-ranging impact from the key. […]
The Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) released new Cybersecurity Incident and Vulnerability Response Playbooks today, completing a vital assignment from President Biden’s Cybersecurity executive order (EO). […]
The Biden administration issued its cybersecurity executive order (EO) in May 2021, giving marching orders to Federal agencies to move to zero trust security architectures, among other directives. During a SCGov panel discussion today, Federal chief information security officers (CISOs) shared how they’re leveraging their agency’s previous programs around zero trust to fulfill the obligations of the EO. […]
The FBI’s email system was hacked, sending emails to thousands of recipients about a fake cyberattack, the agency confirmed over the weekend. The law enforcement agency said the cause of the hack has since been remediated. […]
The White House said today it has created a task force made up mostly of top Federal agency officials to “coordinate effective implementation” of the many new programs and mandates created by the $1.2 trillion Infrastructure Investment and Jobs Act signed into law by President Biden on November 15. The task force is being created through a new executive order. […]
The Department of Homeland Security (DHS) finally launched the Cyber Talent Management System (CTMS) to enable more effective recruitment, development, and retention of cybersecurity talent. […]
In the wake of a Government Accountability Office (GAO) report encouraging the Departments of Education and Homeland Security (DHS) to update K-12 cybersecurity guidance, several Democrat senators have written to both agencies urging them to heed GAO’s recommendations, and establish critical infrastructure council structures to advance the issue. […]
President Biden on Nov. 11 signed the Secure Equipment Act, which will prevent equipment manufactured by Chinese state-backed firms such as Huawei, ZTE, Hytera, Hikvision, and Dahua from being further utilized and marketed in the United States. […]
Sponsors of two major pieces of legislation that would make formative changes to the way that private sector companies report cyberattacks to the government – and how Federal government agencies conduct their own cyber defenses – are hitching their hopes for passage to annual defense spending legislation that traditionally gets strong bipartisan support from lawmakers. […]
With K-12 educational institutions increasingly targeted by ransomware and other cyber attacks during the coronavirus pandemic, the Government Accountability Office (GAO) is pushing the Department of Education to update its plans – which currently date from 2010 – for addressing cyber risks faced by schools. […]
With cybercriminals becoming more sophisticated at disguising themselves as legitimate network users, a top Defense Department (DoD) IT official said this week that the Pentagon’s move to zero trust security architectures gives the agency a “fighting chance” to detect and eject hackers before they can do much damage. […]
Following a November 10 meeting with French President Emmanuel Macron, Vice President Kamala Harris announced that the U.S. will sign onto a three-year old framework offered by the French government as an international framework for cooperation on cyber and supply chain security. […]
After its passage by the House of Representatives Nov. 5, President Biden plans to sign the Infrastructure Investment and Jobs Act on Monday, Nov. 15, authorizing billions of new funding for broadband and cybersecurity, in addition to traditional infrastructure, the administration announced Nov. 10. […]
Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly said November 10 that the agency’s Binding Operational Directive (BOD) issued earlier this month to Federal agencies to remediate against a list of 300 known exploited cyber vulnerabilities appears to be getting a good reception from government and industry as an effective roadmap on how to prioritize action against prevalent cyber threats. […]
According to a recently released Tripwire survey, most security professionals in the private and public sector described their zero trust security adoption as either progressing, or even well-developed, but also in need of more work. […]
The Department of Veterans Affairs (VA) has released a new cybersecurity strategy intended to protect against exposure of Veterans’ personal information or the corruption of critical data. […]
After more than two months of angling and dealmaking, the House of Representatives voted to approve the $1 trillion Infrastructure Investment and Jobs Act – also known as the Bipartisan Infrastructure Framework – on November 5, sending the bill along with its $2 billion in cyber funding and $65 billion in broadband appropriations to President Biden’s desk for final approval. […]
Richard Grabowski, acting program manager for the Cybersecurity and Infrastructure Security Agency’s (CISA) Continuous Diagnostics and Mitigation (CDM) program, explained at a November 4 event organized by FCW that new memoranda of understanding (MOA) that the program has been signing with Federal agencies are a key component to enabling better cyber threat hunting by CISA across agency networks. […]