Reps. Jason Crow, D-Colo., and Brian Fitzpatrick, R-Pa., on September 13 introduced bipartisan legislation to protect Americans’ healthcare data from cyberattacks.
A Federal advisory committee this week approved a set of recommendations to help the Cybersecurity and Infrastructure Security Agency (CISA) protect critical infrastructure, even as the panel criticized some of the government’s current efforts to do so as unfocused and lacking clear national goals.
The Office of Management and Budget (OMB) today issued marching orders to Federal agencies to take action to comply with National Institute of Standards and Technology (NIST) guidance for the use of secure supply chain software, as ordered by President Biden’s cybersecurity executive order issued in May 2021.
The Cybersecurity and Infrastructure Security Agency (CISA) has issued its strategic plan for 2023 to 2025, setting forth four main goals of cyber defense, risk reduction and resilience, operational collaboration, and agency unification.
The Cybersecurity and Infrastructure Security Agency (CISA) published a new request for information (RFI) today looking for feedback on how to best implement cyber incident reporting requirements for critical infrastructure owners and operators.
Having a strong “collective defense” – whether that’s a public-private partnership or an international alliance – is critical to defending against cyber adversaries and keeping all entities safe, according to Ann Dunkin, chief information officer (CIO) at the Department of Energy.
Russia’s war on Ukraine has not singularly been a terrestrial battle. The war has also involved large-scale cyber operations – the first of its kind. However, Russia has been unable to achieve any prominent advantage in its cyber warfare efforts after its first attack. Ukrainian digital officials attribute this to their ‘secret ingredient’ – the Ukrainian IT Army.
The White House said it condemns Iran for its cyberattack against Albania and plans to take action to hold Iran accountable, according to a September 7 statement from the National Security Council (NSC).
Work by the Biden administration’s Office of the National Cyber Director (ONCD) on a national cybersecurity strategy is “well underway,” said the Government Accountability Office (GAO) in a report issued this week that features a timeline of the ONCD’s activities since mid-2021.
The cyber domain is an ever-changing landscape and the best way to gain an advantage and mitigate possible threats is constant surveillance, said David Frederick, the executive director at the U.S. Cyber Command.
The Cyberspace Solarium Commission (CSC) has made a “real impact” on the nation’s cybersecurity posture, Sen. Angus King, I-Maine, said today, and its work is not over yet.
While the Department of Defense’s (DoD) new Cybersecurity Maturity Model Certification (CMMC) program seeks to significantly improve the way its contractors store and protect sensitive data, it cannot direct industry on what actions they need to take to be CMMC compliant, said the DoD CMMC lead.
The Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly today previewed the agency’s new strategic plan, as well as a request for information (RFI) on cybersecurity incident reporting that will both be released “in a couple days.”
The top Federal intelligence community and cybersecurity agencies this week issued a new software supply chain developers guide, and said they “strongly encourage” government agencies and software providers alike to follow the guidelines in order to improve security of the software supply chain.
Scott Davis has been promoted to Chief Information Security Officer (CISO) at the Office of Information and Technology (OIT), United States Customs and Border Protection (CBP), according to a CBP spokesperson.
While the term “cybersecurity is a team sport” has long been used to reiterate the importance of collaboration within and between agencies on matters of network protection, a senior California state official is pointing to how Federal, state, and academic entities in California are putting this mantra into action.
The Federal Bureau of Investigation (FBI) has pinpointed three top challenges the agency plans to address as it gets ready to make more use of mobile technologies, an agency senior technology lead said today.
The Department of Homeland Security (DHS) appears to be nothing solid progress against a list of ten recommendations from the agency’s inspector general (IG) to make improvements to internal cybersecurity policies and employee training practices, according to an August 22 IGr eport that covers audit results reaching as far back as fiscal year 2019.
The chemical sector is next in line under the Biden administration’s plan to examine cybersecurity of U.S. critical infrastructure sectors with an ultimate aim of improving resilience in those sectors.
The Department of Homeland Security (DHS) is looking use self-assessments to evaluate the cybersecurity posture of agency contractors, rather than conduct third-party assessments like the Department of Defense (DoD) is doing with its Cybersecurity Maturity Model Certification (CMMC) program.
The National Security Telecommunications Advisory Committee (NSTAC) voted on August 23 to approve a report recommending that the Cybersecurity and Infrastructure Security Agency (CISA) issue an order requiring all Federal civilian agencies to catalog all of their operational technology (OT) devices and systems as one of many steps to improve OT cybersecurity in government and the private sector.
Because adversaries like China and Russia increasingly have their hands in the information communication technology arena – whether directly or through subsidiaries – one of the keys to improving cybersecurity in an expanding threat landscape involves strong risk management, in addition to prevention, Federal experts said this week.
Kurt DelBene, chief information officer (CIO) at the Department of Veterans Affairs (VA), said today that his agency is not spending enough on cybersecurity, and would benefit from being able to pay higher salaries in order to recruit and retain cyber experts.
The Government Accountability Office (GAO) said in new report issued today that it has delivered another 18 recommendations to the Defense Department (DoD) to improve operations across a range of agency functions, and also provided an update showing some DoD progress on outstanding cybersecurity-related recommendations.
The U.S. Marine Corps (USMC) has awarded Sealing Technologies a $168.5 million task order to help the agency implement a suite of tools designed for executing defensive cyber operations (DCO).
The Cybersecurity and Infrastructure Security Agency (CISA) has made only limited progress in improving the overall quality of cyber threat data information it shares with third parties, and needs to do more to provide context for that shared information, the Department of Homeland Security (DHS) Office of Inspector General (IG) said in an oversight report.
The Department of Energy (DoE) announced $45 million of investments that aim to create, accelerate, and test next-generation technology to protect the electric grid from cyberattacks and ensure the seamless offering of clean and cheap energy to Americans.
The need to move away from the use of passwords as a primary mode of authentication and security remains one of the most important steps that government and private sector organizations can take to improve security and move toward zero trust security, according to Kenny Harrison, Division Chief of the Telecommunications Office at the U.S. Census Bureau.
Office of Personnel Management (OPM) Chief Information Officer Guy Cavallo said today that his agency’s work with the General Services Administration’s (GSA) login.gov technology for authentication and identity proofing is paying off in OPM’s continuing efforts to make enterprise-wide technology improvements.