The need to move away from the use of passwords as a primary mode of authentication and security remains one of the most important steps that government and private sector organizations can take to improve security and move toward zero trust security, according to Kenny Harrison, Division Chief of the Telecommunications Office at the U.S. Census Bureau.
Office of Personnel Management (OPM) Chief Information Officer Guy Cavallo said today that his agency’s work with the General Services Administration’s (GSA) login.gov technology for authentication and identity proofing is paying off in OPM’s continuing efforts to make enterprise-wide technology improvements.
Microsoft has disrupted a Russian cybercriminal group named SEABORGIUM from conducting further cyberattacks that have heavily aligned with Russian state interest.
Sen. Angus King, I-Maine; and Rep. Mike Gallagher, R-Wis., are asking Health and Human Services Secretary Xavier Becerra for a briefing on what HHS is doing to help share cyber threat data with members of the healthcare and public health (HPH) sector – particularly in light of ramped-up ransomware attacks against the sector in recent years.
Federal agencies need to adjust their cyber threat scanning protocols to ensure they are getting a full-scope analysis of possible risk factors within their networks, and are not just scratching the surface on risks, officials from the State Department said on August 11 at an event organized by Federal News Network.
Leading technology and security companies are banding together to share tools and products to better guard against cyberattacks, saying their security teams are spending more time correlating a blitz of unintegrated data than detecting and responding to threats.
The Cybersecurity and Infrastructure Security Agency (CISA) on Aug. 10 released a new cyber toolkit to help state and local election officials improve the cybersecurity and resilience of their infrastructure ahead of the midterm elections in November.
House Energy and Commerce Committee Chairman Frank Pallone, D-N.J., Ranking Member Cathy McMorris Rodgers, R-Wash., and subcommittee leaders sent letters on August 10 to five agencies inquiring about their progress in addressing the Apache Log4j vulnerability.
A new report from BlackBerry and Corvus Insurance finds that many businesses will struggle to bear the financial costs of ransomware attacks that are not already covered by their insurance companies, and that most of the businesses surveyed believe government should help victims recover from attacks that are linked to nation-states.
Chris Krebs, who led the Cybersecurity and Information Security Agency (CISA) from 2018 to 2020, said today that his vision for the Federal government’s next leap forward on the technology front involves creating a new “U.S. Digital Agency” that would combine elements of CISA and several other existing agencies to create an organization “focused on empowering better digital risk management services.”
A new report from the Department of Veterans Affairs (VA) Office of Inspector General (OIG) found that the agency is not effectively managing or coordinating its identity, credential, and access management (ICAM) program, and because of that is leaving information vulnerable to cyber intrusions.
Sen. Maggie Hassan, D-N.H., introduced legislation on August 4 that aims to strengthen the cybersecurity posture of small businesses by providing funding to Small Business Development Centers that will help businesses with security.
Nate Fick, President Biden’s nominee to serve as the ambassador at large to lead the State Department’s Bureau of Cyberspace and Digital Policy (CDP), laid out his initial priorities for the newly established bureau during an August 3 Senate Foreign Relations Committee hearing on his nomination.
The Environmental Protection Agency will be issuing a rule to extend its sanitary reviews of critical water systems to include cybersecurity, according to Anne Neuberger, the White House’s deputy national security advisor for cybersecurity and emerging technology.
Two Federal experts explained a range of cybersecurity risks faced by commercial satellite systems – and customers who rely on them – at a July 28 hearing of the House Science, Space, and Technology Committee’s subcommittee on Space and Aeronautics.
The Office of Management and Budget (OMB) and the Office of the National Cyber Director (ONCD) have issued marching orders to Federal civilian agencies to plan their cybersecurity investments for fiscal year 2024 around several priority goals.
The Office of the National Cyber Director (ONCD) has appointed Camille Stewart Gloster as the new deputy national cyber director (NCD) for Technology and Ecosystem Security.
Rep. Stephanie Bice, R-Okla., called for members of Congress as a whole to boost their own technology-related credentials so that the Federal government can achieve greater success in tech-related innovation and efficiency.
The Department of Homeland Security’s (DHS) Transportation Security Administration (TSA) has issued a new Security Directive, developed with input from industry, for pipeline owners and operators to implement cybersecurity measures.
To help healthcare organizations protect patients’ personal health information, the National Institute of Standards and Technology (NIST) has updated its cybersecurity guidance for the healthcare industry.
The Department of Justice (DoJ) has released the final report for its Comprehensive Cyber Review conducted over the last year, highlighting DoJ’s need for stronger collaboration with its partners and allies, as well as the need to prioritize prevention efforts.
The White House, along with the Departments of Labor and Commerce, are kicking off a 120-day “sprint” aimed at promoting registered apprenticeships in cybersecurity as a way to begin tackling the persistent cyber workforce shortage in the U.S.
New legislation introduced on July 15 by Rep. Eric Swalwell, D-Calif., aims to mandate penetration testing and other proactive cyber defense measures for some Federal agency networks, and to give the National Cyber Director (NCD) the authority to weed out risk conflicts between agencies that have overlapping cybersecurity missions.
The Cyber Safety Review Board (CSRB) – in its inaugural report released today – praised the Cybersecurity and Infrastructure Security Agency (CISA) for its response to the ongoing Log4j software vulnerability, and found that to date there have not been any significant Log4J-based attacks on U.S. critical infrastructure.
Federal agencies with central roles in executing on President Biden’s May 2021 cybersecurity executive order are taking steps to standardize DevSecOps software development disciplines across government, agency officials said on July 12.
Rep. Jim Langevin, D-R.I., one of the leading voices on cybersecurity in Congress, is pushing for an amendment to the FY2023 National Defense Authorization Act (NDAA) to include two items he has long advocated – the creation of a class of a “systemically important” critical infrastructure providers, and the formation of a government Bureau of Cyber Statistics.
The Office of Management and Budget (OMB) is working to develop a system that generates trust scores before allowing access to its network or applications, according to the chief information security officer (CISO) of the agency’s Management and Operations Division.