The House Armed Services Committee passed the fiscal year 2022 (FY2022) National Defense Authorization Act (NDAA) on Sept. 1 by a bipartisan vote of 57-2. The bill will now move to the full chamber for consideration. […]

The United States Air Force (USAF) announced that Mansfield-Lahm Air National Guard Base in Ohio is its preferred location for a new cyber warfare wing at the department. […]

The Federal Bureau of Investigation (FBI) has identified a cyber-criminal group that calls itself the “OnePercent Group,” and has carried out ransomware attacks against U.S. companies since November 2020 utilizing double-extortion tactics, according to an FBI flash report released on August 23. […]

The White House’s August 25 cybersecurity meeting between administration officials, tech-sector and other private-company CEOs, and representatives of the education and insurance sectors yielded a long list of big-dollar corporate commitments to improve security, and the pledges of educational institutions to offer programs that aim to help swell the size of the U.S. cybersecurity workforce. […]

The Biden administration has tasked the National Institute of Standards and Technology (NIST) to work with industry and other parties to come up with a new framework “to improve the security and integrity of the technology supply chain.” […]

President Biden on August 25 gathered Federal government cybersecurity leaders and a deep roster of corporate leaders at a White House meeting that he said aimed to “raise the bar” on cybersecurity across the government, critical infrastructure, and private sectors. […]

The Cybersecurity and Infrastructure Security Agency (CISA) has agreed to work with Singapore’s Cyber Security Agency (CSA) to expand cybersecurity research and development and critical technologies. […]

Wireless service provider T-Mobile USA today increased its reported totals for customer accounts affected by a cyberattack that the company disclosed earlier this week. […]

Ransomware attacks are on the rise and adversaries are developing more sophisticated cyberattacks, but Federal cyber experts agree that “the vast majority” of ransomware attacks active today can be prevented by good basic cyber hygiene practices. […]

The Government Accountability Office (GAO) released an AI accountability framework back in July, but a GAO official said at NextGov’s Emerging Tech conference August 18 that the organization’s work on AI oversight remains a work in process. […]

As the first-ever appointed and confirmed National Cyber Director (NCD), Chris Inglis is responsible for coordinating the nation’s cyber strategy. But first, he’ll have to build out his office. […]

With the Infrastructure Investment and Jobs Act and a $3.5 trillion budget resolution now passed in the Senate, the House is looking for ways to combine votes the two pieces of legislation in order to speed up the process of approving them, House Speaker Nancy Pelosi, D-Calif., said in an August 15 Dear Colleague Letter. […]

John Costello has a new position at the Office of the National Cyber Director, serving as chief of staff, according to his LinkedIn. […]

The Senate is on break until September 15, but while on recess major committees will be working on legislative language for the $3.5 trillion budget resolution passed August 11. While the bill largely looks to tackle “soft infrastructure” and climate change, there are a variety of tech objectives in the resolution as well. […]

Infrastructure week finally arrived in Washington, D.C. with the Senate’s approval of the $1 trillion Infrastructure Investment and Jobs Act on Tuesday morning. The bill – whose main tech-related titles include $65 billion for broadband and around $2 billion for cybersecurity – cleared the Senate by a vote of 69-30. […]

Following a pair of votes on the Infrastructure Investment and Jobs Act over the weekend, the bipartisan infrastructure measure is nearing the finish line in the Senate. The bill is currently on track for a final vote in the Senate on Tuesday morning. […]

Chris Cleary, the principal cyber advisor at the Department of the Navy, called cybersecurity an “infinite game” today and stressed that the United States will lose that game if it does not have the adequate funding or resources to continue the fight against adversaries. […]

The Senate’s Infrastructure Investment and Jobs Act – the bipartisan infrastructure plan currently working its way through the amendment process – totals about $2 billion in cybersecurity funding, the White House said in an August 3 fact sheet about the legislation. […]

Senators introduced bipartisan legislation this week aimed to strengthen the United States’ cybersecurity posture and protect the nation’s Systemically Important Critical Infrastructure (SICI). The bill includes several key recommendations from the Cyberspace Solarium Commission (CSC). […]

Chris Inglis, the nation’s first-ever national cyber director, has called for the establishment of a Bureau of Cyber Statistics, which would exist within the Department of Homeland Security, to collect and publish cybersecurity statistics to properly understand cyber threats and how to address them. […]

The Cybersecurity and Infrastructure Security Agency (CISA) has launched a new vulnerability disclosure policy (VDP) platform for the Federal civilian enterprise that provides a single crowdsourcing platform for agencies to report vulnerabilities. […]

Sens. Maria Cantwell, D-Wash., chair of the Senate Commerce, Science, and Transportation Committee, and Roger Wicker, R-Miss., want the Department of Commerce (DOC), including the National Institute of Standards and Technology (NIST), to take additional actions to address cybersecurity threats. […]

While the steady performance of most large Federal agencies on the latest version of the FITARA Scorecard drew notes of praise from leaders of the House Government Operations Subcommittee at their July 28 hearing to review the grades, the central focus on the hearing – cybersecurity and IT modernization – got the most attention from private sector tech leaders. […]

The White House released a National Security Memorandum (NSM) today containing a new set of actions aimed to strengthen cybersecurity efforts to protect United States critical infrastructure amid the growing number of cyber threats and cyberattacks. […]

As the number of cyberattacks impacting critical infrastructure continues to grow, members of Congress and representatives from the Department of Energy (DoE), Cybersecurity and Infrastructure Security Agency (CISA), and Federal Energy Regulatory Commission (FERC) agreed that more needs to be done to protect the electric grid from a potentially “devastating” cyberattack. […]

The Senate Armed Services Committee said on June 22 it completed its markup of the Fiscal Year (FY) 2022 National Defense Authorization Act (NDAA), which includes a $1 billion increase in funds for programs developing AI, microelectronics, advanced materials, 5G, and biotechnology. […]

U.S. Customs and Border Protection (CBP) has not always protected Mobile Passport Control (MPC) applications from cybersecurity threats, according to a report from the Department of Homeland Security’s Office of Inspector General (OIG). […]

The National Institute of Standards and Technology (NIST) has released guidance outlining security measures for critical software and minimum standards for vendors’ testing of their software source code as part of the agency’s assignments under the Biden administration’s executive order (EO) on cybersecurity. […]

Rep. John Katko, R-N.Y., ranking member of the House Committee on Homeland Security, called for increased funding for the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA), saying CISA “needs to be a $5 billion agency in the next five years.” […]

The Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive on July 13 ordering Federal agencies to disable the Microsoft Windows Print Spooler service, after discovering a vulnerability that allows attackers to remotely take over systems and enable adversaries to compromise the entire identity infrastructure of an agency. […]