Federal Chief Information Security Officer (CISO) Chris DeRusha said late Thursday that new cybersecurity metrics are helping the Federal government to better measure its success in moving towards an improved risk posture. […]
The Justice Department (DoJ) said this week that Verizon Business Network Services agreed to pay a fine of $4.09 million to the government after failing to “completely satisfy certain cybersecurity controls in connection with an information technology service provided to federal agencies.” […]
The State Department is currently working on a new comprehensive version of an international cyber strategy that it will be circulating around the agency and government this fall. […]
A recently disclosed Chinese hack of Commerce and State Department officials’ emails was found to be linked to a Microsoft engineer’s compromised corporate account, the tech giant announced in a blog post this week. […]
In order to create a more robust cybersecurity workforce, security experts explained on Wednesday that cybersecurity education needs to start at the K-12 level. […]
As the Cybersecurity and Infrastructure Security Agency (CISA) finishes up the rulemaking process for the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA), CISA Director Jen Easterly said today that trusted partnerships are vital to sharing threat information in the meantime. […]
Just six months after the White House released its National Cybersecurity Strategy (NCS), Acting National Cyber Director (NCD) Kemba Walden said that her office is looking forward to publishing a posture report. […]
Rep. Ted Lieu, D-Calif., on Aug. 29 reintroduced his Improving Contractor Cybersecurity Act, which aims to require vendors that wish to do business with the United States government to maintain vulnerability disclosure policies (VDP) and programs. […]
The Department of Defense’s (DoD) organization responsible for protecting and defending its network globally is adopting a three-part approach to improve cyber readiness and cybersecurity tactics across the department, a senior DoD official said this week. […]
The Department of the Air Force is seeking to bring more workers into the Cyber Excepted Service (CES) to increasingly recruit and retain civilian cyber professionals, the department’s chief information officer (CIO) said this week. […]
The Transportation Security Administration (TSA) is adopting an automated capability that will ensure inactive accounts on one of its critical IT systems are shut down within 45 days. […]
Although the Federal government has made progress in protecting U.S. critical infrastructure through a largely voluntary approach, Federal Chief Information Security Officer (CISO) Chris DeRusha today called for minimum cybersecurity requirements for critical infrastructure. […]
The recently established Advanced Research Projects Agency for Health (ARPA-H), which is housed within the Department of Health and Human Services (HHS), has launched a new project to better protect the U.S. healthcare system’s IT infrastructure. […]
The President’s National Infrastructure Advisory Council (NIAC) made a broad call Monday for the creation of a National Water Strategy to ensure the nation can deliver sustainable critical infrastructure systems that are responsive to cyber threats. […]
In light of rising software supply chain security attacks, Rep. Nancy Mace, R-S.C., introduced new legislation today that aims to help Federal contractors identify and fix software vulnerabilities before adversaries can exploit them. […]
The Department of Defense (DoD) is calling on private companies, academic organizations, and non-profits that can provide certification, training, courses, or formal education to apply to the Pentagon’s Cyber Workforce Qualification Program. […]
The Cybersecurity and Infrastructure Security Agency (CISA) – alongside the National Security Agency (NSA) and National Institute of Standards and Technology (NIST) – released a joint factsheet today encouraging early planning for migration to post-quantum cryptographic standards by developing a Quantum-Readiness Roadmap. “Quantum-Readiness: Migration to Post-Quantum Cryptography” is urging organizations – especially those that support critical infrastructure […]
The Cybersecurity and Infrastructure Security Agency (CISA) is looking to change the technology ecosystem through its secure-by-design and -default guidelines, and CISA officials explained the agency’s plan to foster this ecosystem at the Black Hat USA Conference in Las Vegas last week. […]
The Cybersecurity and Infrastructure Security Agency’s (CISA) Joint Cyber Defense Collaborative (JCDC) today published the Cyber Defense Plan for Remote Monitoring and Management (RMM), making it the first-ever plan developed by industry and government partners through the JCDC. […]
Federal Chief Information Security Officer (CISO) Chris DeRusha explained today how the National Cybersecurity Strategy (NCS) and implementation plan released by the Office of the National Cyber Director (ONCD) earlier this year lines up nicely with the goals of improving Federal government cybersecurity, but also warned that the prevalence of legacy IT systems still being used by many Federal agencies continues to stand in the way of security improvements. […]
The Cybersecurity and Infrastructure Security Agency (CISA) has led a handful of identity security initiatives over the past year, and, according to a CISA official, is closing in on finalized guidance on recommended cybersecurity configuration baselines for select cloud products – like Microsoft 365 and Google Workspace. […]
The Cybersecurity and Infrastructure Security Agency (CISA) is launching a new program that will collect information to provide tailored technical assistance, services, and resources to critical infrastructure (CI) organizations and state, local, Tribal, and territorial (SLTT) governments. […]
The Cyber Safety Review Board (CSRB) will assess the recent Microsoft Exchange Online intrusion and conduct a broader review of issues relating to cloud-based identity and authentication infrastructure, the Secretary of Homeland Security Alejandro Mayorkas announced today. […]
The Federal Communications Commission (FCC) is seeking public comment on a proposal to create a voluntary cybersecurity labeling program that would provide consumers with clear information about the security of their smart devices. […]
The head of the Cybersecurity and Infrastructure Security Agency (CISA) said this week that the United States needs to take a page out of Ukraine’s cyber playbook and build more resiliency into its critical infrastructure now. […]
The Cybersecurity and Infrastructure Security Agency (CISA) is looking to utilize AI capabilities to keep Americans safe from cyber threats and bolster the nation’s cyber defense, CISA Director Jen Easterly said this week. […]
“Ensuring cybersecurity” remains at the top of the Internal Revenue Service’s (IRS) list of priorities issued annually by the Government Accountability Office (GAO) for the fifth year in a row. […]
Cybersecurity technology provider CrowdStrike said in a report issued today that its Falcon OverWatch managed threat hunting unit saw a 40 percent year-over-year jump in “observed interaction intrusion volumes” for the year ended June 30. […]
Faced with increasing cyberattacks on K-12 schools, the Biden-Harris administration today unveiled several government actions to help bolster their cyber defenses, along with numerous commitments from private-sector organizations that aim for the same result. […]
A new report from tech security provider BlackBerry finds a 40 percent in cyberattacks targeting government agencies and public services organizations during the three months ended in May 2023. […]