Senators introduced bipartisan legislation this week aimed to strengthen the United States’ cybersecurity posture and protect the nation’s Systemically Important Critical Infrastructure (SICI). The bill includes several key recommendations from the Cyberspace Solarium Commission (CSC). […]

Chris Inglis, the nation’s first-ever national cyber director, has called for the establishment of a Bureau of Cyber Statistics, which would exist within the Department of Homeland Security, to collect and publish cybersecurity statistics to properly understand cyber threats and how to address them. […]

The Cybersecurity and Infrastructure Security Agency (CISA) has launched a new vulnerability disclosure policy (VDP) platform for the Federal civilian enterprise that provides a single crowdsourcing platform for agencies to report vulnerabilities. […]

Sens. Maria Cantwell, D-Wash., chair of the Senate Commerce, Science, and Transportation Committee, and Roger Wicker, R-Miss., want the Department of Commerce (DOC), including the National Institute of Standards and Technology (NIST), to take additional actions to address cybersecurity threats. […]

While the steady performance of most large Federal agencies on the latest version of the FITARA Scorecard drew notes of praise from leaders of the House Government Operations Subcommittee at their July 28 hearing to review the grades, the central focus on the hearing – cybersecurity and IT modernization – got the most attention from private sector tech leaders. […]

The White House released a National Security Memorandum (NSM) today containing a new set of actions aimed to strengthen cybersecurity efforts to protect United States critical infrastructure amid the growing number of cyber threats and cyberattacks. […]

As the number of cyberattacks impacting critical infrastructure continues to grow, members of Congress and representatives from the Department of Energy (DoE), Cybersecurity and Infrastructure Security Agency (CISA), and Federal Energy Regulatory Commission (FERC) agreed that more needs to be done to protect the electric grid from a potentially “devastating” cyberattack. […]

The Senate Armed Services Committee said on June 22 it completed its markup of the Fiscal Year (FY) 2022 National Defense Authorization Act (NDAA), which includes a $1 billion increase in funds for programs developing AI, microelectronics, advanced materials, 5G, and biotechnology. […]

U.S. Customs and Border Protection (CBP) has not always protected Mobile Passport Control (MPC) applications from cybersecurity threats, according to a report from the Department of Homeland Security’s Office of Inspector General (OIG). […]

The National Institute of Standards and Technology (NIST) has released guidance outlining security measures for critical software and minimum standards for vendors’ testing of their software source code as part of the agency’s assignments under the Biden administration’s executive order (EO) on cybersecurity. […]

Rep. John Katko, R-N.Y., ranking member of the House Committee on Homeland Security, called for increased funding for the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA), saying CISA “needs to be a $5 billion agency in the next five years.” […]

The Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive on July 13 ordering Federal agencies to disable the Microsoft Windows Print Spooler service, after discovering a vulnerability that allows attackers to remotely take over systems and enable adversaries to compromise the entire identity infrastructure of an agency. […]

NASA is looking for a contractor who can provide cybersecurity and privacy support for all of its centers and facilities, according to a recent request for proposals (RFP) on SAM.gov. […]

The Small Business Administration (SBA) Office of the Inspector General (OIG) said in its newly released annual Federal Information Security Modernization Act (FISMA) report for Fiscal Year 2020 that SBA’s  information security was “not effective” last year due in part to the COVID-19 pandemic. […]

A Department of Defense (DoD) Office of Inspector General (OIG) report found that 3D printers pose a cybersecurity risk to the agency, after discovering DoD employees were not properly securing the IT systems used to develop 3D products, and were unaware the 3D printers even had IT systems that could be hacked. […]

The Department of Homeland Security (DHS) onboarded over 300 new cybersecurity employees, and made an additional 500 tentative job offers, during its 60-day Cybersecurity Workforce Sprint, exceeding the sprint’s original goal by 50 percent. […]

The SolarWinds software supply chain hack represented a seismic shift in cybersecurity awareness for public and private sector organizations. The attack, which compromised thousands of organizations, including at least nine Federal agencies – laid bare the reality that organizations may be compromised even if they don’t know it yet, and even if they are diligent about cybersecurity. […]

The Cybersecurity and Infrastructure Security Agency (CISA) released a request for information (RFI) to identify potential vendors to support the secure and reliable operation of the dot-gov top-level domain (TLD). […]

A report by the Government Accountability Office (GAO) found that the Department of Health and Human Services (HHS) has clearly defined roles and responsibilities for coordination with healthcare organizations to support cybersecurity efforts. However, GAO found areas where HHS could improve collaboration. […]

As cyberattacks become more frequent and prevalent, the National Security Agency’s (NSA) Director of Cybersecurity Rob Joyce says the biggest vulnerability for both the private and public sectors is technical debt. […]

Cybersecurity experts from Federal, state, and local governments agree that in wake of increased cyberattacks during the COVID-19 pandemic, it’s increasingly important to protect healthcare data through an elevated cybersecurity posture. […]

What does it cost to open up a new top-level executive branch office to coordinate the government’s sprawling and ever-growing cybersecurity efforts? If you guessed $15 million, you’d be right in line with the thinking of the House Appropriations Committee, which released on June 23 the draft fiscal year 2022 Financial Services and General Government (FSGG) funding bill that includes $15 million to launch the new Office of the National Cyber Director. […]

The Government Accountability Office (GAO) found in a new report that while the Department of Defense (DoD) has taken some risk management actions to better defend its inventory management systems against cyber threats, it should take additional steps to make them more secure. […]

With the focus turning to securing critical infrastructure and a backdrop of an increased number of cyberattacks, a survey of the cybersecurity in the water and waste management sector shows a number of facilities with incomplete cybersecurity programs, the Water Information Sharing and Analysis Center (ISAC) found in an April 2021 study. […]

Federal and private sector cybersecurity experts will be sharing their secrets to success on how Federal agencies can modernize their IT and cybersecurity posture at MeriTalk’s “Accelerating Success: How to Meet the Requirements of the Cybersecurity Executive Order” webinar on June 22 from 10 to 11:30 a.m. EDT. […]

The United States has some of the most significant cyber capabilities in the world, but Department of Defense (DoD) leaders today agreed that cybersecurity is an area where the United States is “vulnerable” and still has “a lot more work to do” when it comes to developing cyber capabilities. […]

Cybersecurity in general, and ransomware in specific, climbed high onto the ladder of major policy issues at both the weekend meeting of G-7 nations this weekend, and the NATO Summit that concluded on June 14. […]

The Department of Defense (DoD) has made progress in improving software and cybersecurity associated with its weapons systems, but the programs still struggle to implement and execute modern software development practices, according to a recent Government Accountability Office (GAO) report. […]

Robin Carnahan, President Biden’s nominee for administrator of the General Services Administration (GSA), sailed through a Senate Homeland Security and Governmental Affairs Committee confirmation hearing today while offering commitments to create a more user-friendly GSA and support digital infrastructure investments. […]

Sen. Mark Warner, D-Va., chairman of the Senate Intelligence Committee, said today he expects legislation will be soon filed in Congress to mandate cyber incident reporting to Federal authorities. […]