The Cybersecurity and Infrastructure Security Agency (CISA) announced that it will begin overseeing the .gov top-level domain (TLD) in April 2021, with a mandate to enhance security for the domain which is considered critical infrastructure. […]
The Department of Justice (DoJ) is warning of fake unemployment websites after receiving reports that scammers created the websites to obtain consumer’s personal information and other sensitive data. […]
The Cybersecurity and Infrastructure Security Agency (CISA) announced that it has awarded the Center for Infrastructure Assurance and Security (CIAS) at The University of Texas at San Antonio a $1.2 million grant to launch a pilot program to help state, local, tribal, and territorial governments identify high value assets (HVA) in order to prioritize resources and planning. […]
The Department of Homeland Security (DHS) issued a draft request for proposal (RFP) searching for a Cybersecurity Compensation System Support Services. […]
The Department of Defense (DoD) has improved its cybersecurity efforts since 2018, but still lacks clear cybersecurity guidelines in acquisition program contracts, a recent Government Accountability Office (GAO) report said. […]
The Biden administration has identified cybersecurity and digital threats among its top priorities for national and global security, according to new guidance issued by the White House on March 3. […]
The Cybersecurity and Infrastructure Security Agency (CISA) on March 3 issued an emergency directive to Federal civilian agencies to patch a critical vulnerability in Microsoft Exchange on-premises products. The agency said that cloud services such as Microsoft 365 and Azure systems “are not known to be affected by this vulnerability.” […]
The Department of Homeland Security’s Customs and Border Protection (CBP) organization has appointed Sonny Bhagowalia as its permanent CIO, MeriTalk has confirmed, letting him take the word “acting” off his business cards. Bhagowalia had held the position in an acting capacity since last June when former CBP CIO Phil Landfried retired. […]
The Federal government’s response to the Russia-backed SolarWinds cyberhack – and the pressing need for government agencies to speed progress on putting in place cybersecurity protections including through the Continuous Diagnostics and Mitigation (CDM) program – […]
The Army’s Deputy CIO Greg Garcia retired on Feb. 26, ending nearly four decades in Federal service, Army’s CIO office confirmed. Garcia served as the Army’s first deputy CIO since last August when the CIO and G-6 offices split into separate organizations. […]
Sec. of Defense Lloyd Austin announced that President Joe Biden has made a slew of appointments at the Pentagon, including two in the cyber realm. […]
The House Homeland Security and Oversight and Reform committees held a joint public hearing today to discuss the Russia-based hack of government and private sector networks via SolarWinds Orion products. During the hearing, both the private sector witnesses and members of Congress called for better cybersecurity practices, legislation, and increased information sharing. […]
The bipartisan Cyber Diplomacy Act was reintroduced in the house this week. The legislation, cosponsored by Reps. Jim Langevin, D-R.I., Michael McCaul, R-Texas, Gregory Meeks, D-N.Y., and Mike Gallagher, R-Wis., Adam Kinzinger, R-Ill., and Bill Keating, D-Mass., will require the State Department to open the Bureau of International Cyberspace Policy. […]
Department of Homeland Security (DHS) Secretary Alejandro Mayorkas announced today that DHS will increase the required minimum spend on cybersecurity through the Federal Emergency Management Agency (FEMA) grant awards from 5 percent to 7.5 percent – approximately a $25 million increase across the country. […]
The Department of Labor’s (DoL) Office of Inspector General (OIG) released a report stating the agency is making progress on improving the Unemployment Insurance (UI) program, which has faced billions of dollars in widespread unemployment compensation fraud during the COVID-19 pandemic. […]
The Cybersecurity and Infrastructure Security Agency (CISA) named Matt Hartman the deputy executive assistant director of cybersecurity at the agency this month, confirmed by Hartman’s LinkedIn profile. […]
While it’s no secret that the healthcare sector became a major target for ransomware attacks during the COVID-19 pandemic, former Cybersecurity and Infrastructure Security Agency (CISA) Director Chris Krebs is shedding new light on the tone of CISA’s efforts to bite back against health-sector threats. […]
Amid the shift to widescale telework to stem the spread of COVID-19, Federal, state, and local government (SLG) employees are dealing with an increase in credential-theft mobile attacks. […]
With the “beta” in beta.SAM.gov just a few short months from retirement, the General Services Administration (GSA) announced it will validate the identity of agency administrators starting May 24. […]
An executive order to be signed by President Biden today will order Federal agencies to conduct year-long reviews of their supply chain and industrial base risks, with the defense industrial base (DIB) and information and communications technology (ICT) industrial base among six key sectors identified in the order. […]
Speaking today during an open hearing on the hacking of U.S. networks by foreign adversaries, Senate Intelligence Committee Chairman Mark Warner, D-Va., questioned why the U.S. shouldn’t have mandatory cyberattack reporting systems in light of the recent Russia-backed hack of government and private sector networks via SolarWinds software products. […]
Two influential House committees said they will hold a public hearing into the Russia-based hack of government and private sector networks via SolarWinds Orion products, along with other recent attacks, on Feb. 26 at 9 a.m. […]
The Election Infrastructure Government Coordinating Council – whose leadership spans Federal, state, and local government election officials – applauded inter-government cooperation on implementing cybersecurity safeguards in the 2020 election cycle, and pledged to use lessons learned going forward to improve election security and resiliency. […]
The Federal Communications Commission voted on Feb. 17 to seek public comment on possible changes to how it implements a $1.9 billion program to help network service providers replace equipment in their networks made by China-based Huawei, ZTE, and any other providers that the Federal government may deem as risky to national security. […]
The Department of Justice (DoJ) announced it has indicted three North Korean military hackers as part of a series of cyberattacks intended to steal and extort more than $1.3 billion of money and cryptocurrency from financial institutions and companies. […]
The leader of the Federal government’s investigation of the Russia-backed hack of government and private sector networks via SolarWinds Orion products said Feb. 17 that the attack “compromised” nine Federal government networks – matching with earlier estimates from Federal law enforcement and intelligence agencies that “follow-on” activity by the hackers after initial breaches via software downloads were seen in “fewer than 10” Federal agencies. […]
Sen. Mark Warner, D-Va., chairman of the Senate Intelligence Committee, is asking the FBI and the Environmental Protection Agency (EPA) to provide more information on the recent attempt by cyber criminals to poison the water supply at an Oldsmar, Fla. water treatment facility. […]
The Cybersecurity and Infrastructure Security Agency (CISA), FBI, and the Treasury Department have issued a joint cybersecurity advisory about North Korean malicious activity known as “AppleJeus.” […]
What’s the biggest lesson to be learned from the recent thwarting of an attempt by cyber criminals to poison the water supply in Oldsmar, Fla.?
According to the Cybersecurity and Infrastructure Security Agency (CISA), the hackers likely took advantage of an outdated operating system to gain access, and the agency said “continuing to use any operating system within an enterprise beyond the end of life status may provide cyber criminals access into computer systems.” […]
The National Institute of Standards and Technology (NIST) created a Positioning, Navigation and Timing (PNT) Profile using its Cybersecurity Framework that can be used as part of a risk management framework to assist organizations in managing risk to systems, networks, and assets that use PNT services. […]