The Army’s Deputy CIO Greg Garcia retired on Feb. 26, ending nearly four decades in Federal service, Army’s CIO office confirmed. Garcia served as the Army’s first deputy CIO since last August when the CIO and G-6 offices split into separate organizations. […]
Sec. of Defense Lloyd Austin announced that President Joe Biden has made a slew of appointments at the Pentagon, including two in the cyber realm. […]
The House Homeland Security and Oversight and Reform committees held a joint public hearing today to discuss the Russia-based hack of government and private sector networks via SolarWinds Orion products. During the hearing, both the private sector witnesses and members of Congress called for better cybersecurity practices, legislation, and increased information sharing. […]
The bipartisan Cyber Diplomacy Act was reintroduced in the house this week. The legislation, cosponsored by Reps. Jim Langevin, D-R.I., Michael McCaul, R-Texas, Gregory Meeks, D-N.Y., and Mike Gallagher, R-Wis., Adam Kinzinger, R-Ill., and Bill Keating, D-Mass., will require the State Department to open the Bureau of International Cyberspace Policy. […]
Department of Homeland Security (DHS) Secretary Alejandro Mayorkas announced today that DHS will increase the required minimum spend on cybersecurity through the Federal Emergency Management Agency (FEMA) grant awards from 5 percent to 7.5 percent – approximately a $25 million increase across the country. […]
The Department of Labor’s (DoL) Office of Inspector General (OIG) released a report stating the agency is making progress on improving the Unemployment Insurance (UI) program, which has faced billions of dollars in widespread unemployment compensation fraud during the COVID-19 pandemic. […]
The Cybersecurity and Infrastructure Security Agency (CISA) named Matt Hartman the deputy executive assistant director of cybersecurity at the agency this month, confirmed by Hartman’s LinkedIn profile. […]
While it’s no secret that the healthcare sector became a major target for ransomware attacks during the COVID-19 pandemic, former Cybersecurity and Infrastructure Security Agency (CISA) Director Chris Krebs is shedding new light on the tone of CISA’s efforts to bite back against health-sector threats. […]
Amid the shift to widescale telework to stem the spread of COVID-19, Federal, state, and local government (SLG) employees are dealing with an increase in credential-theft mobile attacks. […]
With the “beta” in beta.SAM.gov just a few short months from retirement, the General Services Administration (GSA) announced it will validate the identity of agency administrators starting May 24. […]
An executive order to be signed by President Biden today will order Federal agencies to conduct year-long reviews of their supply chain and industrial base risks, with the defense industrial base (DIB) and information and communications technology (ICT) industrial base among six key sectors identified in the order. […]
Speaking today during an open hearing on the hacking of U.S. networks by foreign adversaries, Senate Intelligence Committee Chairman Mark Warner, D-Va., questioned why the U.S. shouldn’t have mandatory cyberattack reporting systems in light of the recent Russia-backed hack of government and private sector networks via SolarWinds software products. […]
Two influential House committees said they will hold a public hearing into the Russia-based hack of government and private sector networks via SolarWinds Orion products, along with other recent attacks, on Feb. 26 at 9 a.m. […]
The Election Infrastructure Government Coordinating Council – whose leadership spans Federal, state, and local government election officials – applauded inter-government cooperation on implementing cybersecurity safeguards in the 2020 election cycle, and pledged to use lessons learned going forward to improve election security and resiliency. […]
The Federal Communications Commission voted on Feb. 17 to seek public comment on possible changes to how it implements a $1.9 billion program to help network service providers replace equipment in their networks made by China-based Huawei, ZTE, and any other providers that the Federal government may deem as risky to national security. […]
The Department of Justice (DoJ) announced it has indicted three North Korean military hackers as part of a series of cyberattacks intended to steal and extort more than $1.3 billion of money and cryptocurrency from financial institutions and companies. […]
The leader of the Federal government’s investigation of the Russia-backed hack of government and private sector networks via SolarWinds Orion products said Feb. 17 that the attack “compromised” nine Federal government networks – matching with earlier estimates from Federal law enforcement and intelligence agencies that “follow-on” activity by the hackers after initial breaches via software downloads were seen in “fewer than 10” Federal agencies. […]
Sen. Mark Warner, D-Va., chairman of the Senate Intelligence Committee, is asking the FBI and the Environmental Protection Agency (EPA) to provide more information on the recent attempt by cyber criminals to poison the water supply at an Oldsmar, Fla. water treatment facility. […]
The Cybersecurity and Infrastructure Security Agency (CISA), FBI, and the Treasury Department have issued a joint cybersecurity advisory about North Korean malicious activity known as “AppleJeus.” […]
What’s the biggest lesson to be learned from the recent thwarting of an attempt by cyber criminals to poison the water supply in Oldsmar, Fla.?
According to the Cybersecurity and Infrastructure Security Agency (CISA), the hackers likely took advantage of an outdated operating system to gain access, and the agency said “continuing to use any operating system within an enterprise beyond the end of life status may provide cyber criminals access into computer systems.” […]
The National Institute of Standards and Technology (NIST) created a Positioning, Navigation and Timing (PNT) Profile using its Cybersecurity Framework that can be used as part of a risk management framework to assist organizations in managing risk to systems, networks, and assets that use PNT services. […]
In an audit of the Defense Department’s (DoD) cybersecurity requirements for weapon systems in the operations and support (O&S) phase of the DoD acquisition lifecycle, the DoD Inspector General (IG) highlighted five weapon systems that have been successfully updating cybersecurity requirements and meeting Risk Management Framework requirements. […]
After Sens. Mark Warner, D-Va., chairman of the Senate Intelligence Committee, and Marco Rubio, R-Fla., the committee’s ranking member, called for the designation of a single official to lead the U.S. response to the Russia-backed hack of thousands of government and private-sector networks via SolarWinds Orion products, the White House confirmed to the senators that Deputy National Security Advisor Anne Neuberger is leading the effort. […]
Anne Neuberger, deputy national security advisor for cyber and emerging technology on President Biden’s National Security Council (NSC), said this week that the administration is working on a new national cybersecurity strategy and that it will likely feature some of the recommendations that have already been made by the President’s National Security Telecommunications Advisory Committee (NSTAC) but not yet implemented. […]
As agencies are scrambling to recover and build up their cybersecurity from the Russia-backed hack of thousands of government and private-sector networks via SolarWinds Orion products, Federal agency leaders say it will not be easy. […]
The road to better cybersecurity for government and the private sector looks like a long, uphill climb, with no concept of a finish line. […]
The U.S. Army Materials Command is forgoing a competitive bidding process for cyber training services while it waits for a bid protest between two contractors to be resolved. […]
Sens. Mark Warner, D-Va., chairman of the Senate Intelligence Committee, and Marco Rubio, R-Fla., the committee’s ranking member, are urging the Biden administration to “assign a clear leader” to lead the United States’ response to the Russia-backed hack of thousands of government and private-sector networks via SolarWinds Orion products. […]
The Federal Energy Regulatory Commission (FERC) is proposing a rule change that would provide rate incentives for electric companies that go “above and beyond” current regulations in their cybersecurity investments. […]
The Department of Defense’s (DoD) Cyber Crime Center (DC3) is launching a pilot program for Defense Industrial Base (DIB) companies to participate in their Vulnerability Disclosure Program (VDP), which shares vulnerability data and aims to improve cyber hygiene. […]