While Russia’s war in Ukraine continues, the cyberattacks coming from the invading country have, surprisingly, been rather mild and contained, Senator Mark Warner, D-Va., said today. […]
President Biden was poised late Friday to sign a full-year appropriations bill for fiscal year (FY) 2022 ending Sept. 30, after the Senate passed the spending bill late March 10. […]
The House of Representatives late on March 9 passed the long-awaited full-year appropriations bill for fiscal year (FY) 2022 ending Sept. 30, along with a four-day continuing resolution (CR) to give the Senate a few more days to shepherd the full-year omnibus spending bill to passage. […]
House and Senate Appropriations Committees today unveiled a full-year omnibus spending bill covering Federal government operations for the rest of fiscal year (FY) 2022 that ends on Sept. 30. […]
The White House’s Office of Management and Budget (OMB) is urging agencies to “immediately” implement the National Institute of Standards and Technology (NIST) guidance on software supply chain security. […]
Google said today it agreed to buy cybersecurity defense and response services provider Mandiant for $5.4 billion in cash. After the acquisition closes, Google will wrap Mandiant into its Google Cloud business. […]
While President Biden’s 2021 cybersecurity executive order (EO) doesn’t address all of the Federal government’s cybersecurity needs, a security expert from the Cybersecurity and Infrastructure Security Agency (CISA) said the EO’s goal drives toward prioritization of the government’s most pressing needs – rather than a fix-all approach. […]
The Federal Communications Commission (FCC) has launched a Notice of Inquiry (NOI) to seek comments on cyber risks to the Border Gateway Protocol (BGP) – the routing protocol for the Internet – in response to increasing cyber threats following Russia’s invasion of Ukraine. […]
A group of nonprofits focusing on cybersecurity and implementation have formed a coalition to develop, share, deploy, and increase awareness of best cybersecurity practices, tools, standards, and services across the public and private sectors. […]
With tensions mounting between Russia and Ukraine, the Cybersecurity and Infrastructure Security Agency (CISA) is warning critical infrastructure (CI) owners and operators – as well as any other United States-based organizations – to keep their guard up. To help organizations do that, the cybersecurity agency released insights for the CI sector, as well as a new webpage Feb. 18 to help organizations better steel themselves against a potential Russian cyber threat. […]
The Cybersecurity and Infrastructure Security Agency (CISA) has launched a new webpage featuring a catalog of free cybersecurity tools and resources that the agency hopes will serve as a “one-stop resource where organizations of all sizes can find free public and private sector resources to reduce their cybersecurity risk.” […]
The White House’s top cybersecurity advisor today blamed Russia for cyberattacks earlier this week against the Ukrainian government and banking sectors and said that the U.S. is actively helping Ukraine to fend off cyber assaults in the run-up to a possible Russian military invasion of that country. […]
Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly made a strong pitch on Feb. 17 for the agency’s push to create an underlying culture of organizational success that she said is critical to creating optimal performance at the nation’s cyber defense agency. […]
Just over a week after announcing the agency’s largest-ever financial seizure – $3.6 billion in Bitcoin – Deputy Attorney General Lisa Monaco said today that Eun Young Choi will serve as the first director of the Department of Justice’s National Cryptocurrency Enforcement Team (NCET). […]
A new memo from the Department of Defense (DoD) is encouraging the use of a continuous Authorization To Operate (cATO) under the National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) – instead of a point-in-time ATO – to serve as the “gold standard” for systems’ cybersecurity risk management. […]
While the Office of the National Cyber Director (ONCD) is still the new kid on the block in Federal cybersecurity policy circles, National Cyber Director Chris Inglis said this week that his office’s success ultimately will hinge on whether it can unite policy, people, and doctrine to act as a viable collaborator with the Federal government and private industry. […]
After reviewing the cyberattack trends from 2021, the Cybersecurity and Infrastructure Security Agency (CISA) issued a joint advisory with the FBI and other international security partners warning of the rising global threat of ransomware and gave mitigation and remediation advice. […]
The National Security Agency (NSA) released its “2021 NSA Cybersecurity Year in Review” report that highlights a year filled with increased collaboration with industry experts to mitigate cyber threats. […]
In their efforts to help shrink the cyber workforce shortage, officials from the Office of the National Cyber Director (OCND) and the Cybersecurity and Infrastructure Security Agency (CISA) are emphasizing the need for collaboration and creation of a more robust culture of cybersecurity – starting with K-12 education on up. […]
Third-party auditors found several deficiencies in the Department of Labor’s (DoL) information security program and determined it was not effective. […]
The National Science Foundation (NSF) plans to invest in eight new CyberCorps Scholarship for Service projects to address the demand for dedicated cybersecurity professionals, particularly in government agencies. […]
A new report from the Government Accountability Office (GAO) sees a slew of opportunities for the extended reality (XR) technology within the Federal government, but also cautions that several cyber-related challenges remain. […]
The National Science Foundation (NSF) is well along with its cloud adoption plans, and eyeing several key security-related milestones over the next couple of years, explained Chezian Sivagnanam, NSF’s chief enterprise architect, at Jan. 26 virtual event organized by FCW. […]
The White House announced today it will extend the Industrial Control Systems (ICS) Cybersecurity Initiative to the water sector, as part of a larger effort to set cybersecurity baselines for critical infrastructure and protect it from cyber threats. […]
The Biden administration’s cybersecurity executive order (EO) issued in May 2021, brought along an ambitious deadline schedule for reporting requirements, which Federal chief information officers (CIOs) advise agencies to meet – even if their answer is that they’re “not ready yet.” […]
With tensions rising over a possible further Russian invasion of Ukraine, the Biden Administration is laying out potential sanctions it could impose against Russia, up to and including export controls on American-made technologies including AI-enabling and other software products, according to a senior administration official. […]
The National Security Agency (NSA) has issued a technical report for systems administrators to prevent cyber actors from using malicious PDFs to target networks in a Windows environment. […]
Over the past several months, the United States has experienced many cyberattacks to large cities and small towns. These attacks, Secretary of the Department of Homeland Security (DHS) Alejandro Mayorkas told mayors across the country indicate that cities across the United States need to identify a cyber leader regardless of the size and sophistication of the infrastructure to remain vigilant about cybersecurity. […]
President Biden today signed a National Security Memorandum (NSM) intended to improve the cybersecurity of National Security, Department of Defense (DoD), and Intelligence Community (IC) Systems. […]
Government and private sector software security experts met with White House officials on Jan. 13 to discuss ways to boost the security of the open-source software that helps to run everything from consumer gadgets to massive industrial systems. […]