Preparing for a potential cyberattack enables agencies to regain the use of critical systems and infrastructures as soon as possible after a crisis. However, according to Federal leaders, the human element of any cyber preparedness plan remains a top challenge. […]
The United States Cyber Command (CYBERCOM) is responsible for the nation’s joint cyber warfighting architecture, and its executive director said this week that additional budget authorities extended to the command under the fiscal year (FY) 2022 National Defense Authorization Act (NDAA) will allow for more aligned joint training and advanced training of cyber operators, according to the CYBERCOM Executive Director. […]
The House Committee on Energy and Commerce today voted to approve the Spectrum Innovation Act of 2022 (H.R. 7624) which will provide clarity on the auctioning of low gigahertz spectrum mandated by the Infrastructure Investment and Jobs Act, while also directing up to $3.4 billion of proceeds from the auction to help pay for communications service providers to “rip and replace” untrusted IT equipment from their networks. […]
The House Appropriations Subcommittee on Defense voted to approve today by voice vote a full-committee draft released earlier this week for proposed fiscal year 2023 defense funding, including includes $11.2 billion for cybersecurity, cyberspace operations, and cyber research and development. […]
As the exclusive assessor partner for the Department of Defense’s (DoD) Cybersecurity Maturity Model Certification (CMMC) program, the Cybersecurity Maturity Model Certification Accreditation Body has worked to make itself an accessible partner for the Defense Industrial Base. […]
Rep. Darren Soto, D-Fla., along with Christy Goldsmith Romero, a newly appointed commissioner of the Commodity Futures Trading Commission (CFTC), today urged Congress to provide regulatory clarity on the growing cryptocurrency and blockchain industries. […]
As Federal and state government agencies face growing cyber threats, the Department of Justice (DoJ) must improve its coordination with other Federal agencies on cybersecurity requirements and assessments of state agencies to better manage fragmentation of that process, the Government Accountability Office (GAO) said in its latest annual open priority recommendations report to the agency. […]
The Government Accountability Office (GAO) said in a new report that the Social Security Administration (SSA) still needs to improve its cybersecurity by addressing how it coordinates with states and other Federal agencies. […]
While the Cybersecurity and Infrastructure Security Agency (CISA) is working to make progress on numerous discrete security policy directives and projects that it has been handed in recent years, a top agency official explained today that the higher-level goals uniting most of those tasks boil down to the government and the private sector achieving much greater visibility into cyber threats and how to defend against them, and not leaving organizations to defend against threats on their own. […]
After a releasing an op-ed with Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly last week that called CISA’s “Shields Up” campaign a new baseline for cyber defenses, National Cyber Director Chris Inglis said today that the cost of entry for cyber attackers is still too low to create stout deterrence. […]
The Government Accountability Office (GAO) has added three new priority recommendations to its list for the Small Business Administration (SBA) including new items that aim to improve COVID-19 response oversight and communications in order to reduce related risks. […]
The House on June 8 voted to approve a bill that would require the Food and Drug Administration (FDA), among other tasks, to ensure cybersecurity throughout the lifecycle of medical devices and make sure that device makers meet minimum cybersecurity requirements set by the agency. […]
Federal CIO Clare Martorana today published the Biden administration’s Information Technology Operating Plan that ties together the efforts of four big Federal tech programs and offices into the administration’s goals to improve citizen service and cybersecurity, among other goals. […]
The Department of Energy (DOE) needs to develop a comprehensive approach to electric grid resiliency that coordinates disaster response and grid recovery, as well as utilizes lessons learned from prior natural disasters, according to a June 9 report from the Government Accountability Office (GAO). […]
States have a big opportunity to provide internet service to millions of unconnected citizens people with billions in broadband funding provided by Congress in bipartisan infrastructure legislation, but states have a lot of work to do to make the most of the funds, according to a McKinsey & Co. report released on June 7. […]
As the Cybersecurity and Infrastructure Security Agency (CISA) continues to grapple with the early stages of a rulemaking process for recently enacted cyber incident reporting legislation, CISA Director Jen Easterly said it will be crucial to develop trust with the private sector so that the law is seen as “value-added” and not a burden. […]
The Biden-Harris Administration is seeking feedback on a pending national strategy for privacy-preserving data sharing and analytics, according to a request for information (RFI) released today in the Federal Register. […]
The Cybersecurity and Infrastructure Security Agency (CISA), along with the National Security Agency (NSA) and the FBI, this week issued a joint advisory warning telecommunications companies and network service providers of People’s Republic of China (PRC) state-sponsored cyber actors that continue to pose a threat to their networks. […]
The Department of the Treasury said it approved about $631 million of funding to four states from the Coronavirus Capital Projects Fund (CPF), which will provide money for affordable broadband infrastructure and other digital connectivity technology projects. […]
The Department of Defense’s (DoD) cost and schedule estimates for fully deploying its latest-generation electronic health record system (EHRM) are unreliable and could have the impact of depriving agency leadership of the right information upon which to base deployment decisions, according to a new report by the Government Accountability Office (GAO). […]
The fiscal year (FY) 2023 National Defense Authorization Act (NDAA) continued to take shape today as the House Armed Services Subcommittee on Cyber, Innovative Technologies, and Information Systems voted to approve its markup of language related to cybersecurity and other tech matters that likely will be featured in the NDAA. […]
New bipartisan legislation from Sens. Kirsten Gillibrand, D-N.Y., and Cynthia Lummis, R-Wy., aims to create a complete regulatory framework for digital assets such as cryptocurrencies, but the senators emphasized today how the bill also addresses the cyber aspect of digital assets. […]
Reps. Gerry Connolly, D-Va., and John Sarbanes, D-Md. – both of whom represent districts with large Federal employee populations – have reintroduced legislation that the members of Congress said will “strengthen and expand the federal government’s telework programs by capitalizing on lessons learned” during the coronavirus pandemic when many Federal agencies had most employees working from remote locations. […]
The National Institutes of Standards and Technology (NIST) has finalized new guidance to provide engineers across government and private enterprises with essential design principles for engineering trustworthy secure systems. […]
The Cybersecurity and Infrastructure Security Agency (CISA) on June 6 unveiled its latest cybersecurity public service campaign – aimed at trying to boost adoption of multifactor authentication (MFA) – coinciding with the opening of the RSA Conference in San Francisco, where agency leadership including Director Jen Easterly will be speaking this week. […]
The Tennessee Valley Authority (TVA) – a federally-owned electric utility serving seven states with power generated from dams on the Tennessee River – is employing vulnerable versions of operating systems in its non-dam control system, according to an audit from TVA’s Office of Inspector General (OIG) which examines cybersecurity controls that system. […]
New Senate legislation unveiled today would retain at least for now the status quo on current Federal oversight of some cryptocurrency trading, but also would set the stage for a much broader examination of how and whether the Federal government should create regulatory structures for a wider range of digital assets that includes cryptocurrency. […]
As the Federal government works through the rulemaking process for the recently signed Incident Reporting legislation that originated in the Senate Homeland Security and Governmental Affairs Committee, witnesses for that same committee today stressed the need for unity among both reporting avenues and standardization of data to help operationalize the data. […]
The Department of Veterans Affairs (VA) Office of Inspector General (OIG) is calling on the agency to address its slow progress in improving its cybersecurity posture, but the VA said a lack of funding causes the agency to lose high-quality IT personnel. […]
The Government Accountability Office (GAO) has added unemployment insurance (UI) fraud to its list of “high risk” areas for the Federal government, and has tasked the Department of Labor (DOL) – which provides funding and assistance to states to run their UI programs – with finding a fix to the problem. […]