As the cyber threat landscape continues to morph for entities at the Federal level, so too does it change for governments at the state, local, and tribal level. For the state of Illinois, adding cyber into emergency management and working closely with counties has helped to better prepare the state for cyber threats. […]

The Joint Cyber Defense Collaborative created in August by the Cybersecurity and Infrastructure Security Agency (CISA) has the potential to greatly help Federal government authorities and private sector firms better “connect the dots” on global threats in cyberspace, said National Cyber Director Chris Inglis in remarks on October 13 during CISA’s National Cybersecurity Summit event. […]

The new world of Federal government cybersecurity is quickly taking shape, and MeriTalk’s Cyber Central: Defenders Unite virtual event on October 28 is hosting the policy-makers and industry leaders that are bringing the next generation of technologies to bear to protect the networks that bring vital services to all Americans. […]

Cybersecurity and Infrastructure Security Agency (CISA) Executive Director Brandon Wales said today that the private sector needs to do more to help the government combat ransomware attacks, and expressed hope that the recently formed Joint Cyber Defense Collaborative (JCDC) effort between government and industry will go a long way toward providing a coordinated approach to deal with those and other cybersecurity threats. […]

When implementing a successful zero trust architecture, Federal chief information officers (CIOs) and chief information security officers (CISOs) encourage agencies to look towards modernization and to think of zero trust as an “integration architecture.” […]

The Biden-Harris Administration is taking steps this week to gin up international support to fight ransomware as the White House National Security Council (NSC) hosts a two-day virtual assembly with 30 foreign partners to discuss joint efforts to counter the attacks. […]

Cybersecurity is the ultimate team sport, Jim Richberg says in a new MeriTV interview. It requires greater public-private cyber information sharing – called for in the May Executive Order on Improving the Nation’s Cybersecurity (EO) and backed up by several new pieces of legislation – but the conditions for it must be established over time, he advised. […]

On Oct. 8, President Joe Biden signed the bipartisan K-12 Cybersecurity Act of 2021 into law to provide school districts with resources to combat and protect themselves against cyberattacks. […]

In a recent letter to the Department of Justice (DoJ), the Department of the Treasury (Treasury), the Department of State (State Department), and the Department of Homeland Security (DHS) lawmakers urge the agencies to pursue all options available to protect American communities and infrastructure from the growing threat of ransomware. They emphasized the need for stronger coordination between departments, primarily to address the role of cryptocurrency in ransomware attacks. […]

Sens. Shelley Moore Capito, R-W.Va., and John Hickenlooper, D-Colo., introduced legislation that would revamp the National Telecommunications and Information Administration’s (NTIA) Office for Policy Analysis and Development to have a stronger focus on cybersecurity efforts. […]

The Office of Management and Budget (OMB) is giving Federal agencies a three-month deadline to make initial strides at identifying the current state of endpoint detection and response (EDR) capabilities on their networks and to start undertaking additional work with the Cybersecurity and Infrastructure Security Agency (CISA) to quicken the pace of deploying those capabilities. […]

Microsoft’s new Digital Defense Report finds that Federal agencies and organizations have been the most targeted sector by cyber threat actors since the middle of last year, and that attacks emanating from Russia have been the most frequent. […]

With Federal agencies needing to move the bulk of their workforce to remote or hybrid environments since the start of the COVID-19 pandemic, the Cybersecurity and Infrastructure Security Agency’s (CISA) Continuous Diagnostics and Mitigation (CDM) program has worked with agencies to account for the increase in attack vectors and take a more proactive risk management stance, CDM Program Lead Richard Grabowski said. […]

Sen. Elizabeth Warren, D-Mass., and Rep. Deborah Ross, D-N.C., introduced a bicameral bill this week that would require ransomware victims to report to the government when they have paid a ransom, with an aim of bolstering the flow of critical cybersecurity data. […]

The White House will host an international ransomware gathering next week aimed at improving international cooperation among governments in the fight against ransomware-driven cyberattacks, said Jeff Greene, chief of cyber response and policy for the White House’s National Security Council. […]

Paul Cunningham, chief information security officer (CISO) at the Department of Veterans (VA), explained this week how the agency is addressing cybersecurity vulnerabilities to protect its users and their health care and financial data as the agency has turned increasingly to providing telehealth services for veterans. […]

In light of this year’s cyberattack on Colonial Pipeline and other critical infrastructure targets in the United States, the Department of Homeland Security’s Transportation Security Administration (TSA) component is prepping a new cybersecurity directive covering “high-risk” railroad operations, according to DHS Secretary Alejandro Mayorkas.  […]

With an increased focus on cybersecurity after a spate of high-profile cyberattacks on U.S. government and business organizations since late last year, members of Congress are continuing to call for a clearly defined national cyber deterrent policy. Three prime movers on cybersecurity legislation Congress – Sen. Angus King, I-Maine, and Reps. John Katko, R-N.Y., and Yvette Clarke, D-N.Y. – explained the need to codify a cyber deterrence policy at the Aspen Cyber Summit Oct. 6. […]

Reps. John Katko, R-N.Y., and Abigail Spanberger, D-Va., introduced a bipartisan bill in the House this week that aims to protect systemically important critical infrastructure (SICI) from cyberattacks. […]

The Senate Homeland Security and Government Affairs Committee voted today to approve the Cyber Incident Reporting Act, which would require critical infrastructure operators to report cyberattacks to the Federal government, and require most government and business entities to report to the government if they make a ransomware payment. […]

The Senate Homeland Security and Governmental Affairs Committee voted unanimously today to advance for full Senate consideration of a bill that would extensively overhaul the 2014 version of the Federal Information Security Management Act (FISMA) that sets cybersecurity requirements for Federal civilian agencies. […]

In September, the Department of the Treasury took a series of actions to combat ransomware, including sanctioning a virtual currency exchange for facilitating financial transactions for ransomware actors. Treasury’s actions follow a Transportation Security Administration (TSA) security directive requiring owners and operators of TSA-designated critical pipelines to protect against ransomware attacks, and discussions between President Biden and Russian President Vladimir Putin about ransomware attacks from Russian soil. […]

Deputy Attorney General Lisa Monaco said today the Department of Justice (DoJ) is launching two new initiatives to combat cyber threats, including the creation of a National Cryptocurrency Enforcement Team, and a civil cyber fraud initiative that will fine Federal contractors who don’t follow required cybersecurity standards. […]

The House on September 29 passed the K-12 Cybersecurity Act – a piece of bipartisan legislation from Sens. Gary Peters, D-Mich., and Rick Scott, R-Fla., with a companion bill in the House led by Rep. Jim Langevin, D-R.I. The bill has already been approved by the Senate, and has been sent to the White House for President Biden’s signature. […]

Federal CIO Clare Martorana emphasized today that the road to Federal agency IT improvements runs not only through agency CIO offices, but also needs to benefit from support from the entire organization’s executive suite.   […]

The Democratic and Republican leaders of the Senate Homeland Security and Governmental Affairs Committee have unveiled their long-awaited legislation to update the 2014 Federal Information Security Modernization Act that provides cybersecurity marching orders to Federal civilian agencies. […]

As the cyber threats we face become more diverse across the nation and globe, security, and IT operations teams must encompass diverse perspectives. For MeriTalking’s first installment of the “Human Side of Cyber” series, MeriTalk’s Nicole Burdette sits down with Teddra Burgess, Senior Vice President, Public Sector at Tanium to dive into the importance of having diverse perspectives and experiences on an organization’s cyber response team. […]

The Democratic leaders of the House and Senate made official over the weekend what had become obvious by late last week: the hoped-for late September votes on two big Federal infrastructure funding bills were sliding into October. […]

A sampling of Federal agencies’ efforts to provide remote access for telework during the COVID-19 pandemic shows that each of the agencies was able to put the right technologies in place to accomplish that goal, but that several had not fully addressed relevant guidance for securing remote access systems, the Government Accountability Office (GAO) found. […]

The National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) released a joint Cybersecurity Information Sheet that helps detail factors for choosing a virtual private network (VPN) and secure deployment. […]