The Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA), along with international partners, published guidance last week for cyber defenders that advises them to not remove PowerShell – Microsoft’s built-in command-line tool with Windows – but to properly configure it.
The U.S. Air Force AFNet Sustainment and Operations Branch – in collaboration with the Air Combat Command (ACC) Directorate of Cyberspace and Information Dominance and the Platform One team– is driving toward developing a modern software-based perimeter that will deliver zero trust capabilities to applications across the service branch, an Air Force official said.
By: Kyle Dimitt, Principal Engineer, Compliance Research at LogRhythm Supply chain attacks have been on the rise across the globe, as we saw with targeted attacks against SolarWinds and Kaseya. The spike has created a large risk in the Federal government since industry supply chains don’t necessarily have to adhere to a set level of […]
Bipartisan legislation introduced in the Senate on June 23 aims to create new rules for bulk exports of U.S. citizens’ personal data that would help protect that data from use by hostile foreign governments.
The Federal Communications Commission (FCC) Broadband Data Task Force announced that fixed and mobile broadband providers in the Broadband Data Collection (BDC) may obtain early access to certain portions of the system to enter identifiable information in advance of the broadband availability data filing window on June 30.
Cybersecurity leaders from the Defense Department (DoD) are providing some more clarity on the timeline for implementation of the Cybersecurity Maturity Model Certification (CMMC) program, and said they expect CMMC requirements could begin appearing in solicitations for government contracts as early as May 2023.
Amit Mital, senior director for cybersecurity and policy on the White House’s National Security Council (NSC), is on the hunt for a unified and trusted secure digital identity technology that he said has the potential to dramatically reduce identity-based fraud and the success of attempted ransomware attacks.
The accelerated move toward digital transformation spurred by the COVID-19 pandemic has proven to be challenging to many as they have further embraced hybrid IT structures, according to a recent report from SolarWinds.
The Department of Defense (DoD) published its Responsible Artificial Intelligence (RAI) Strategy and Implementation Pathway (S&I) today, providing a clear path forward for the Pentagon’s AI efforts.
The Office of Majority Leader of the House of Representatives Steny Hoyer, D-Md., is pushing for Congress to better prioritize digital technologies and keep pace with the evolving world.
The U.S. House of Representatives has passed legislation that would strengthen U.S. cybersecurity protections for Industrial Control Systems (ICS) amid increased Russian cyber threats to ICS targets.
The Cybersecurity and Infrastructure Security Agency (CISA) today issued an updated version of its Cloud Security Technical Reference Architecture (TRA) that serves as guidance for Federal civilian agencies for secure migration to cloud services.
President Biden on June 21 signed a bill that establishes a cybersecurity rotational workforce program within the Federal government.
The U.S. Department of Justice – in collaboration with law enforcement partners in Germany, the Netherlands, and United Kingdom – has dismantled the infrastructure of a Russian botnet known as RSOCKS and responsible for hacking millions of computers and other electronic devices around the world.
The Cybersecurity and Infrastructure Security Agency (CISA) is aiming to issue the second version of its Zero Trust Maturity Model this summer, according to Eric Goldstein, CISA’s executive assistant director for cybersecurity.
A recent keynote address from Lt. Gen. Robert Skinner, director of the Defense Information Systems Agency (DISA), stands out as a perfect example of this digital transformation-inspired dynamic. Skinner spoke at AFCEA International’s TechNet Cyber event and presented a “wish list” of advancements that would help DISA significantly improve operations and solve its problems. “Every great innovation started when somebody said, ‘Wouldn’t it be cool if…’” Skinner told his audience of private sector IT firms.
The Government Accountability Office (GAO) has outlined 11 priority open recommendations for the Department of Housing and Urban Development (HUD), including to improve IT management, according to a new report from the watchdog agency.
The United States Postal Service (USPS) has appointed Michael Billingsley as the new director for Cybersecurity Engineering for the Office of the Chief Information Officer.
Several Defense Department (DoD) officials have called the transition from prototype to full-scale production within DoD’s acquisition process one of DoD’s biggest problems, including Stefanie Tompkins, director of the Defense Advanced Research Projects Agency (DARPA), calling it a “full-contact sport.”
The Cybersecurity and Infrastructure Security Agency (CISA) released cloud use case guidance for its Trusted Internet Connections (TIC) 3.0 program, the agency announced on June 16.
The White House’s Office of the National Cyber Director (NCD) has made a few new recent hires to staff up the office and support the office’s mission.
The National Institute of Standards and Technology (NIST) National Cybersecurity Center of Excellence (NCCoE) has selected an 18th cybersecurity firm – PC Matic – to participate in its Implementing a Zero Trust Architecture (ZTA) project.
The White House’s Office of Management and Budget’s (OMB) zero trust memo issued earlier this year, M-22-09, directed Federal agencies to migrate to zero trust security architectures, but a White House official this week said agencies’ success in that effort will look different for the policy’s various directives.
As the market for non-fungible tokens (NFT) grows – with NFT revenue now expected to exceed $130 billion by 2030 – the Federal will need additional expertise to address the policy and regulatory needs of the market required to best protect consumers, a report from the Government Accountability Office (GAO) says.
The House Appropriations Homeland Security Subcommittee today approved a homeland security budget print for fiscal year (FY) 2023 that includes $2.93 billion for the Cybersecurity and Infrastructure Security Agency (CISA), representing a $334 million increase from FY2022 and a $417 million increase over the requested amount.
The National AI Research Resource (NAIRR) Task Force – established by the Biden administration in June 2021 to determine the viability of establishing a NAIRR and develop a roadmap to establishing the resource – is working toward delivering its final report in December.
The House Oversight and Reform Committee on June 15 approved legislation that would modernize Federal telework programs and promote additional data collection about the benefits of telework. The bill now heads to the full House for consideration.
Preparing for a potential cyberattack enables agencies to regain the use of critical systems and infrastructures as soon as possible after a crisis. However, according to Federal leaders, the human element of any cyber preparedness plan remains a top challenge.
The United States Cyber Command (CYBERCOM) is responsible for the nation’s joint cyber warfighting architecture, and its executive director said this week that additional budget authorities extended to the command under the fiscal year (FY) 2022 National Defense Authorization Act (NDAA) will allow for more aligned joint training and advanced training of cyber operators, according to the CYBERCOM Executive Director.
The House Committee on Energy and Commerce today voted to approve the Spectrum Innovation Act of 2022 (H.R. 7624) which will provide clarity on the auctioning of low gigahertz spectrum mandated by the Infrastructure Investment and Jobs Act, while also directing up to $3.4 billion of proceeds from the auction to help pay for communications service providers to “rip and replace” untrusted IT equipment from their networks.