In a report released Feb. 25, the Government Accountability Office (GAO) said that “most” of nine agencies tasked with protecting the 16 critical infrastructure sectors “have not developed methods to determine the level and type of adoption of the National Institute of Standards and Technology’s (NIST) Framework for Improving Critical Infrastructure Cybersecurity.” […]

A senior official speaking Feb. 26 at the RSA Conference clarified recent steps by the State Department to publicly attribute and condemn acts of cyber aggression on the part of Russia, calling the actions of the Department part of a deliberate attempt to establish a framework for appropriate nation-state behavior in cyberspace. […]

Federal officials from the Defense Department (DoD), Justice Department (DoJ), and the Director of National Intelligence (DNI) on Feb. 25 totaled up the sobering costs of intellectual property theft from U.S. interests in recent years, and pointed to strategies their agencies are pursuing to put a dent into that total going forward. […]

State and local election officials said at the RSA security conference in San Francisco on Feb. 24 that Federal election assistance funding has been vital to their efforts to shore up election infrastructure security over the past few years. […]

Three members of the Cyberspace Solarium Commission (CSC) on Feb. 25 hinted at several themes of the group’s upcoming recommendations for U.S. cybersecurity doctrine and policy that is due for public release on March 11. Central to the report’s conclusions will be a rethinking of cyber deterrence strategies, and greater coordination between the Federal government’s several agencies that focus on cyber defense, they indicated. […]

The National Institute for Standards and Technology (NIST) released a report outlining best practices in building the cybersecurity workforce through regional partnerships. […]

A group of public sector cybersecurity leaders, speaking on a panel Feb. 24 at the RSA Public Sector Day event, discussed the challenge of reconciling competing priorities when assessing both the business value and mission value of cybersecurity investments. […]

Cybersecurity and Infrastructure Security Agency (CISA) Director Christopher Krebs pledged today that there is no issue drawing more focus and attention at the Federal government level than election security leading up to the 2020 elections later this year. […]

Members of the Senate Armed Services Committee investigated the cybersecurity of contractors working with the United States Transportation Command during a hearing Tuesday. […]

The National Governors Association (NGA) urged Congress to take action on key pieces of legislation that will help harden state and local government’s (SLGs) cybersecurity defenses. […]

The Federal Trade Commission (FTC) released its 2019 Privacy and Data Security Update that highlighted “a record year for enforcement actions aimed at protecting consumer privacy and data security.” […]

The Congressional Budget Office (CBO) found that the Cybersecurity Vulnerability Identification and Notification Act of 2020 (H.R. 5680) could slightly lower the deficit, but not by a significant amount. The bill, introduced by Rep. Jim Langevin, D-R.I. on Jan. 27, would authorize the Cybersecurity and Infrastructure Security Agency (CISA) to issue administrative subpoenas in rare […]

There is a concerning lack of cyber confidence and organizational maturity across all levels of government, according to a survey released today by SolarWinds. The report, which surveyed IT operations and security decisionmakers from Federal, state, and local governments, found that the biggest IT pain points for the public sector are IT complexity, insider threats, and controlling user network access. […]

Sean Plankey, Principal Deputy Assistant Secretary for Cybersecurity, Energy, Security, and Emergency Response (CESER) at the Department of Energy (DoE), today outlined solutions to cybersecurity skills gaps in the industrial controls sector as security for that sector continues to change from older “manual-mode” methods to more modern technologies. […]

In a letter to ShiftState Security Chief Security Officer Andre McGregor, Sen. Ron Wyden, D-Ore., challenged the results of an audit ShiftState was supposed to have conducted of the Voatz voting app. […]

The Tennessee Valley Authority’s (TVA) phishing prevention training is ineffective and lacks formalized procedures, according to a Feb. 21 report from the Office of the Inspector General (OIG). […]

In a recent report about 2020 Democratic presidential candidates’ cybersecurity posture, each of the  campaigns scored a “B” letter grade or better, and showed increased focus and investment in good cyber hygiene. […]

Two intelligence agency deputy chief information security officers (CISO) agreed Feb. 19 at an event organized by AFCEA NOVA that cyber threat data sharing between agencies is a virtue that needs to happen more often and more quickly. […]

The U.S. Navy Cyber Warfare Development Group (NCWDG) announced the opening of the Cyber Foundry at Fort Meade, Md., on Feb. 18. […]

A Federal judge ruled Feb. 18 that Congress has the authority to ban Federal agencies and contractors from doing business with Chinese communications equipment maker Huawei. […]

The voting app Voatz has come under increased scrutiny following a Feb. 13 report from Massachusetts Institute of Technology (MIT) researchers. […]

A U.S. Department of Commerce Office of the Inspector General (OIG) report found that Commerce exposed sensitive data to unvetted foreign nationals through poor security program controls. […]

The Department of Defense (DoD), Federal Bureau of Investigation, and Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) detailed a North Korean hacking operation that employs even pieces of malware. […]

The National Mediation Board (NMB) has not yet fully implemented several Government Accountability Office (GAO) recommendations including those involving information privacy and information security. […]

The Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) is promising state and local election officials that it will be vigilant, trustworthy, and transparency about 2020 election security in the agency’s #Protect2020 Strategic Plan. […]

While the 2020 election cycle has been officially underway for less than a month, there have already been significant technology concerns. While the most notable tech concern was the Feb. 3 Iowa Caucus, researchers at the Massachusetts Institute of Technology (MIT) raised additional concerns in a report published Feb. 13. […]

Department of Energy (DoE) Secretary Dan Brouillette announced in a Feb. 13 memo that Karen Evans will leave her post as assistant secretary for Cybersecurity, Energy Security, and Emergency Response (CESER). She will be succeeded by Alexander Gates. […]

The House Homeland Security Committee advanced the State and Local Cybersecurity Improvement Act out of committee on Feb. 12. […]

The House Science, Space, and Technology Committee approved two bills on Feb. 12 to harden the U.S. electric grid against cyberattacks. […]

Department of Homeland Security Acting CIO Beth Cappello said she is directing the move of the Cybersecurity Operations Center from the CISO Directorate to the Information Technology Operations Directorate (ITO). […]