A new report from the Government Accountability Office (GAO) finds that Federal agencies and critical infrastructure owners must do a better job at sharing information to tackle increasingly complex cyber threats. […]
The Department of Homeland Security (DHS) – the Cybersecurity and Infrastructure Security Agency’s (CISA) parent agency – said yesterday that only 571 of CISA’s 3,117 employees would continue to work through a government shutdown – meaning that 79 percent of the agency’s staff would be staying home until government funding is restored. […]
Tech leaders from six prominent government agencies offered suggestions Tuesday for how they want to see the FITARA Scorecard categories improve, particularly when it comes to cybersecurity metrics. […]
The number two official at the Justice Department (DoJ) warned today that the pending government shutdown is “quite dangerous and quite irresponsible” in terms of the effect it would have on the nation’s ability to defend against cyber threats. […]
Today, the Cybersecurity and Infrastructure Security Agency (CISA) released the new Hardware Bill of Materials (HBOM) Framework for Supply Chain Risk Management product from the Information and Communications Technology (ICT) Supply Chain Risk Management (SCRM) Task Force. […]
While the news bread is still not quite baked on this one, check us out next week for all the details on new research from MeriTalk and Pluralsight that shows what Federal government cybersecurity leaders need to succeed in the ever changing cyber landscape. […]
The Council of the Inspectors General on Integrity and Efficiency (CIGIE) issued a summary today of the top challenges facing Federal agencies, as identified by those agencies’ respective Offices of the Inspector General (OIG) – and once again IT issues headed up the list. […]
Cybersecurity experts across the private sector expressed concerns today that a Federal government shutdown would have major negative impacts on the Cybersecurity and Infrastructure Security Agency’s (CISA) ability to defend Federal networks and keep its critical cyber programs running. […]
The Department of Homeland Security (DHS) warned last week that the United States should expect to see an uptick in use of artificial intelligence (AI) tools that will help to bolster adversary tactics over the next year. […]
The Defense Advanced Research Projects Agency (DARPA) has turned to artificial intelligence (AI) capabilities to bolster cybersecurity defenses against continued and growing threats, an agency official explained last week. […]
The Office of the National Cyber Director (ONCD) is creating a playbook that aims to clarify, facilitate, and encourage incorporation of cybersecurity into the Federal grant process. […]
The Cybersecurity and Infrastructure Security Agency’s (CISA) new Cyber Supply Chain Risk Management (C-SCRM) Office is in the process of developing training and maturity models for Federal agencies, with an eye of releasing these resources in the new fiscal year (FY) to begin on Oct. 1. […]
While the Internal Revenue Service (IRS) has made strides in safeguarding taxpayer data, the Government Accountability Office (GAO) said in a new report that thousands of IRS contractors are not undergoing the same insider threat awareness training that agency staff engages in, and that this training deficit means that contractors are “at increased risk of being unprepared to handle taxpayer information.” […]
The head of the National Security Agency’s (NSA) data science and artificial intelligence (AI) efforts said that government agencies should consider how to apply AI to cybersecurity operations but warned that they also need to heavily focus on how adversaries will leverage the emerging tool against them. […]
Federal Chief Information Security Officer (CISO) Chris DeRusha said late Thursday that new cybersecurity metrics are helping the Federal government to better measure its success in moving towards an improved risk posture. […]
President Biden on Sept. 7 extended a national emergency order dating back to 2018 and warning of the potential for overseas meddling in U.S. elections. […]
The Justice Department (DoJ) said this week that Verizon Business Network Services agreed to pay a fine of $4.09 million to the government after failing to “completely satisfy certain cybersecurity controls in connection with an information technology service provided to federal agencies.” […]
In order to create a more robust cybersecurity workforce, security experts explained on Wednesday that cybersecurity education needs to start at the K-12 level. […]
Top defense and intelligence officials shared this week the trends that worry them the most when it comes to the constantly evolving cyber threat landscape and what their top priorities are on the horizon given current world events and emerging cyber threat trends. […]
Just six months after the White House released its National Cybersecurity Strategy (NCS), Acting National Cyber Director (NCD) Kemba Walden said that her office is looking forward to publishing a posture report. […]
Rep. Ted Lieu, D-Calif., on Aug. 29 reintroduced his Improving Contractor Cybersecurity Act, which aims to require vendors that wish to do business with the United States government to maintain vulnerability disclosure policies (VDP) and programs. […]
The Transportation Security Administration (TSA) is adopting an automated capability that will ensure inactive accounts on one of its critical IT systems are shut down within 45 days. […]
Although the Federal government has made progress in protecting U.S. critical infrastructure through a largely voluntary approach, Federal Chief Information Security Officer (CISO) Chris DeRusha today called for minimum cybersecurity requirements for critical infrastructure. […]
Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly called on Congress today to reauthorize the Chemical Facility Anti-Terrorism Standards (CFATS) program – which the cybersecurity chief said has resulted in improving the security posture of high-risk facilities by 60 percent. […]
The recently established Advanced Research Projects Agency for Health (ARPA-H), which is housed within the Department of Health and Human Services (HHS), has launched a new project to better protect the U.S. healthcare system’s IT infrastructure. […]
The President’s National Infrastructure Advisory Council (NIAC) made a broad call Monday for the creation of a National Water Strategy to ensure the nation can deliver sustainable critical infrastructure systems that are responsive to cyber threats. […]
In light of rising software supply chain security attacks, Rep. Nancy Mace, R-S.C., introduced new legislation today that aims to help Federal contractors identify and fix software vulnerabilities before adversaries can exploit them. […]
As part of its broad efforts to foster a secure-by-design and -default technology ecosystem, the Cybersecurity and Infrastructure Security Agency (CISA) called on AI software makers last week to build security into systems from the outset. […]
The White House has extended the deadline to submit comments for its request for information (RFI) on cybersecurity regulatory harmonization and regulatory reciprocity to Oct. 31. […]
The Cybersecurity and Infrastructure Security Agency (CISA) – alongside the National Security Agency (NSA) and National Institute of Standards and Technology (NIST) – released a joint factsheet today encouraging early planning for migration to post-quantum cryptographic standards by developing a Quantum-Readiness Roadmap. “Quantum-Readiness: Migration to Post-Quantum Cryptography” is urging organizations – especially those that support critical infrastructure […]