The Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) and the FBI are looking into last week’s spear-phishing campaign targeting the United States Agency for International Development (USAID), and have not found any “significant impact” to Federal agencies, according to a May 28 joint statement. […]
Sens. Gary Peters, D-Mich., and Rick Scott, R-Fla., reintroduced the K-12 Cybersecurity Act May 27 in an effort to strengthen the cybersecurity of school systems. This is the second time the two introduced the Act, having previously introduced similar legislation in 2019 in the last Congress. […]
President Biden’s FY2022 budget document released today proposes a 14 percent increase from the estimated cybersecurity funding level for last year, to a total of $9.8 billion in Federal civilian cybersecurity funding. […]
The United States Agency for International Development (USAID) was the victim of a May 25 spear-phishing campaign that carried all the hallmarks of a state-sponsored attack, Microsoft said yesterday. […]
President Biden’s Department of Homeland Security (DHS) nominees pledged their commitment to elevate the United States’ cybersecurity posture, in order to prevent future cyberattacks, during a May 27 Senate Committee on Homeland Security & Governmental Affairs hearing. […]
Anne Neuberger, the White House deputy national security advisor for cyber and emerging technologies who is a driving force behind the Biden administration’s cybersecurity executive order issued earlier this month, today noted an initial “disappointment” with Federal network hygiene in a follow-up discussion about the broader aims of the order. […]
The recent Colonial Pipeline hack has made more people aware of the threats that lurk in cyberspace, and Sen. Angus King, I-Maine, says it’s time for the government to develop a new relationship with the private sector on cybersecurity and take an all-of-society approach to protecting critical infrastructure. “The private sector has been very reluctant […]
In light of the recent Colonial Pipeline ransomware attack, the Department of Homeland Security’s (DHS) Transportation Security Administration (TSA) released a new directive requiring all critical pipeline owners and operators to report cyberattacks, DHS announced today. […]
Mark Munsell, deputy director of data and innovation at the National Geospatial-Intelligence Agency (NGA) and the agency’s former CTO, is urging the Federal government to build cyber applications faster in order to out-compete adversaries, and to expand industry partnerships. […]
In a Senate Appropriations Committee review of the Department of Homeland Security’s (DHS) fiscal year (FY) 2022 budget request today, DHS Secretary Alejandro Mayorkas emphasized the importance of building resilience among the nation’s cybersecurity and the cyber workforce. […]
Reps. Ted Lieu, D-Calif., and Nancy Mace, R-S.C., led a bipartisan group of legislators in reintroducing the Ensuring National Constitutional Rights for Your Private Telecommunications (ENCRYPT) Act. […]
The Professional Services Council (PSC), which represents government contractors, urged Congress in a May 21 letter to include funding for cybersecurity and IT modernization in an upcoming infrastructure funding package that aligns with President Biden’s American Jobs Plan. […]
A new report from NASA’s Office of Inspector General (OIG) shows the agency is exposed to a “higher-than-necessary risk from cyber threats,” but a new contract shows promise for NASA to secure its systems more effectively. […]
President Biden’s National Infrastructure Advisory Council (NIAC) is preparing a report for the White House National Security Council (NSC) focused on “challenges facing the critical infrastructure workforce and the risks to national security posed by a lack of skilled workers,” and paying special attention to the cybersecurity workforce. […]
Following a string of high-profile cyber attacks against private sector and government organizations over the past several months, more than half of Americans surveyed by The Harris Poll believe further cybersecurity investments are essential to combat the threat, and that the Federal government, the military, and the private sector should share cyber threat and attack data to help in the fight. […]
The Government Accountability Office (GAO) has outlined 28 priority open recommendations for the Department of Veterans Affairs (VA) in a new report, which include items involving information technology and timely COVID-19 data collection. […]
Several House members expressed concern today over the Department of Veterans Affairs’ (VA) approach to managing cyber risks and the agency’s cybersecurity strategies, while the agency’s chief information security officer countered that VA cyber programs are on par with those at work in other Federal agencies. “VA prides itself as being the nation’s largest integrated […]
The House Homeland Security Committee voted May 18 to advance five bills that would look to improve the nation’s cybersecurity in several areas, including protecting pipeline infrastructure, testing cybersecurity readiness, and improving state and local cybersecurity, among others. […]
The Endless Frontier bill championed by Senate Majority Leader Chuck Schumer, D-N.Y., and set for Senate floor debate over the next several days has grown by leaps and bounds this week with the addition of semiconductor manufacturing and cybersecurity components and has even gotten a new name – the U.S. Innovation and Competition Act of 2021. […]
In a new report of nearly 30,000 cyber incidents, roughly 70 percent of public sector breaches were found to be the product of social engineering campaigns—relying mostly on phishing attacks. […]
Federal CIO Clare Martorana today laid out her vision for civilian government-wide Federal IT improvements that match up broadly with many of the larger goals outlined in projects and spending priorities announced earlier this month for the recent $1 billion cash infusion into the Technology Modernization Fund (TMF). In her first extended public policy address […]
Senators expressed concern that the Department of Defense (DoD) is not doing enough to support small businesses in the defense industrial base (DIB) to implement or subsidize cybersecurity protocols, including the DoD’s Cybersecurity Maturity Model Certificate (CMMC) at a May 18 Senate Subcommittee on Cybersecurity hearing. […]
An internal review of the Department of Defense’s (DoD) Cybersecurity Maturity Model Certification (CMMC) program has been completed, according to Sen. Joe Manchin, D-W.Va., who said he understands that the DoD review will produce “significant” changes to the program. […]
Following the recent ransomware attack on Colonial Pipeline Company, Rep. Elissa Slotkin, D-Mich., proposed a bill last week that would require the Cybersecurity and Infrastructure Security Agency (CISA) to establish a National Cyber Exercise Program to test the United States’ cyber readiness. […]
Fifteen members of the House Committee on Homeland Security reintroduced the Pipeline Security Act on May 14 in an effort to secure pipelines from nefarious cybersecurity or terrorist attacks, in the wake of the recent ransomware attack on Colonial Pipeline Company. […]
With the Colonial Pipeline ransomware attack adding to the count of high-profile cyberattacks to make news in the past six months, members of Congress focused in on how the United States can deter such attacks, as well as how to attract talent to the cyber workforce, at a May 14 House Armed Services subcommittee hearing. […]
Tech-sector reaction to the White House’s sweeping cybersecurity executive order issued May 12 came in largely positive today, with security technology makers particularly applauding the urgency of the administration’s plans, the enterprise-wide view that the order takes for improving security, and its actions to hasten the movement of Federal agencies to cloud services. […]
Acting Cybersecurity and Infrastructure Security Agency (CISA) Director Brandon Wales said today the government is concerned that the nation is witnessing the prelude to broader-based cyber attacks, and he called on Congress to take action on legislation that would require reporting of cyber incidents to the Federal government. […]
Expanding and investing in the Cybersecurity and Infrastructure Security Agency’s (CISA) Pipeline Cybersecurity Initiative could address cybersecurity risks and prevent future cyberattacks on United States pipeline infrastructure, such as the recent Colonial Pipeline hack, according to Rep. John Katko, R-N.Y. […]
The Cybersecurity and Infrastructure Security Agency (CISA) is working on a “hardened” cloud environment that it can evaluate through pilots with Federal agencies, CISA Acting Director Brandon Wales told senators on May 11. […]