Anne Neuberger, the White House deputy national security advisor for cyber and emerging technologies who is a driving force behind the Biden administration’s cybersecurity executive order issued earlier this month, today noted an initial “disappointment” with Federal network hygiene in a follow-up discussion about the broader aims of the order. […]

The recent Colonial Pipeline hack has made more people aware of the threats that lurk in cyberspace, and Sen. Angus King, I-Maine, says it’s time for the government to develop a new relationship with the private sector on cybersecurity and take an all-of-society approach to protecting critical infrastructure. “The private sector has been very reluctant […]

In light of the recent Colonial Pipeline ransomware attack, the Department of Homeland Security’s (DHS) Transportation Security Administration (TSA) released a new directive requiring all critical pipeline owners and operators to report cyberattacks, DHS announced today. […]

Mark Munsell, deputy director of data and innovation at the National Geospatial-Intelligence Agency (NGA) and the agency’s former CTO, is urging the Federal government to build cyber applications faster in order to out-compete adversaries, and to expand industry partnerships. […]

In a Senate Appropriations Committee review of the Department of Homeland Security’s (DHS) fiscal year (FY) 2022 budget request today, DHS Secretary Alejandro Mayorkas emphasized the importance of building resilience among the nation’s cybersecurity and the cyber workforce. […]

Reps. Ted Lieu, D-Calif., and Nancy Mace, R-S.C., led a bipartisan group of legislators in reintroducing the Ensuring National Constitutional Rights for Your Private Telecommunications (ENCRYPT) Act. […]

The Professional Services Council (PSC), which represents government contractors, urged Congress in a May 21 letter to include funding for cybersecurity and IT modernization in an upcoming infrastructure funding package that aligns with President Biden’s American Jobs Plan. […]

A new report from NASA’s Office of Inspector General (OIG) shows the agency is exposed to a “higher-than-necessary risk from cyber threats,” but a new contract shows promise for NASA to secure its systems more effectively. […]

President Biden’s National Infrastructure Advisory Council (NIAC) is preparing a report for the White House National Security Council (NSC) focused on “challenges facing the critical infrastructure workforce and the risks to national security posed by a lack of skilled workers,” and paying special attention to the cybersecurity workforce. […]

Following a string of high-profile cyber attacks against private sector and government organizations over the past several months, more than half of Americans surveyed by The Harris Poll believe further cybersecurity investments are essential to combat the threat, and that the Federal government, the military, and the private sector should share cyber threat and attack data to help in the fight. […]

The Government Accountability Office (GAO) has outlined 28 priority open recommendations for the Department of Veterans Affairs (VA) in a new report, which include items involving information technology and timely COVID-19 data collection. […]

Several House members expressed concern today over the Department of Veterans Affairs’ (VA) approach to managing cyber risks and the agency’s cybersecurity strategies, while the agency’s chief information security officer countered that VA cyber programs are on par with those at work in other Federal agencies. “VA prides itself as being the nation’s largest integrated […]

The House Homeland Security Committee voted May 18 to advance five bills that would look to improve the nation’s cybersecurity in several areas, including protecting pipeline infrastructure, testing cybersecurity readiness, and improving state and local cybersecurity, among others. […]

The Endless Frontier bill championed by Senate Majority Leader Chuck Schumer, D-N.Y., and set for Senate floor debate over the next several days has grown by leaps and bounds this week with the addition of semiconductor manufacturing and cybersecurity components and has even gotten a new name – the U.S. Innovation and Competition Act of 2021. […]

In a new report of nearly 30,000 cyber incidents, roughly 70 percent of public sector breaches were found to be the product of social engineering campaigns—relying mostly on phishing attacks. […]

Federal CIO Clare Martorana today laid out her vision for civilian government-wide Federal IT improvements that match up broadly with many of the larger goals outlined in projects and spending priorities announced earlier this month for the recent $1 billion cash infusion into the Technology Modernization Fund (TMF). In her first extended public policy address […]

Senators expressed concern that the Department of Defense (DoD) is not doing enough to support small businesses in the defense industrial base (DIB) to implement or subsidize cybersecurity protocols, including the DoD’s Cybersecurity Maturity Model Certificate (CMMC) at a May 18 Senate Subcommittee on Cybersecurity hearing. […]

An internal review of the Department of Defense’s (DoD) Cybersecurity Maturity Model Certification (CMMC) program has been completed, according to Sen. Joe Manchin, D-W.Va., who said he understands that the DoD review will produce “significant” changes to the program. […]

Following the recent ransomware attack on Colonial Pipeline Company, Rep. Elissa Slotkin, D-Mich., proposed a bill last week that would require the Cybersecurity and Infrastructure Security Agency (CISA) to establish a National Cyber Exercise Program to test the United States’ cyber readiness. […]

Fifteen members of the House Committee on Homeland Security reintroduced the Pipeline Security Act on May 14 in an effort to secure pipelines from nefarious cybersecurity or terrorist attacks, in the wake of the recent ransomware attack on Colonial Pipeline Company. […]

With the Colonial Pipeline ransomware attack adding to the count of high-profile cyberattacks to make news in the past six months, members of Congress focused in on how the United States can deter such attacks, as well as how to attract talent to the cyber workforce, at a May 14 House Armed Services subcommittee hearing. […]

Tech-sector reaction to the White House’s sweeping cybersecurity executive order issued May 12 came in largely positive today, with security technology makers particularly applauding the urgency of the administration’s plans, the enterprise-wide view that the order takes for improving security, and its actions to hasten the movement of Federal agencies to cloud services. […]

Acting Cybersecurity and Infrastructure Security Agency (CISA) Director Brandon Wales said today the government is concerned that the nation is witnessing the prelude to broader-based cyber attacks, and he called on Congress to take action on legislation that would require reporting of cyber incidents to the Federal government. […]

Expanding and investing in the Cybersecurity and Infrastructure Security Agency’s (CISA) Pipeline Cybersecurity Initiative could address cybersecurity risks and prevent future cyberattacks on United States pipeline infrastructure, such as the recent Colonial Pipeline hack, according to Rep. John Katko, R-N.Y. […]

The Cybersecurity and Infrastructure Security Agency (CISA) is working on a “hardened” cloud environment that it can evaluate through pilots with Federal agencies, CISA Acting Director Brandon Wales told senators on May 11. […]

The chairman and ranking member of the Senate Homeland Security and Governmental Affairs Committee said today they are interested in changing the Federal Information Security Management Act (FISMA) to make sure that Congress gets timely notifications about major cyberattacks that have a national impact. […]

The United States and the United Kingdom have issued a joint cyber advisory on Russian Foreign Intelligence Service (SVR) tactics, techniques, and procedures. […]

Reps. Andy Kim, D-N.J., and Joe Wilson, R-S.C., introduced bipartisan legislation on May 4 that would strengthen states’ cybersecurity readiness and allow governors to deploy their state’s National Guard to respond to cybersecurity threats. […]

Numerous Federal agencies are springing into action in response to the ransomware attack on Colonial Pipeline Company, a major supplier of fuel to the northeastern U.S. that temporarily shut down pipeline operations after disclosing the attack on May 7. […]

The deputy commander of the Air Force’s information warfare command, known as the Sixteenth Air Force or Air Forces Cyber, is calling for the Air Force to automate its Cybersecurity Service Provider (CSSP) in order to remain one step ahead of adversaries. […]