Sens. Mark Warner, D-Va., and John Thune, R-S.D., introduced a new bill on Feb. 7 that would direct the National Institute of Standards and Technology (NIST) to develop cybersecurity guidelines for the Federal government’s use of drone vehicles. […]
Federal agencies called on all organizations today to urgently implement a series of cybersecurity actions after discovering that a Chinese-based hacking group has compromised the IT environments of multiple U.S. critical infrastructure organizations – with the end goal of a future cyberattack. […]
During his first public address in Washington, D.C., today, the White House’s newly confirmed National Cyber Director (NCD) Harry Coker keyed on several initiatives ONCD has in the works to further implement President Biden’s National Cybersecurity Strategy (NCS). […]
Top IT experts at the Departments of Treasury and Veterans Affairs (VA) said that the Cybersecurity and Infrastructure Security Agency’s (CISA) Joint Cyber Defense Collaborative (JCDC) program holds a lot of promise, but is “still in its infancy” with program kinks to be worked out. […]
Top cybersecurity and critical infrastructure experts voiced concerns to lawmakers today at a House Homeland Security Subcommittee hearing that neither the government nor the private sector are doing enough to secure operational technology (OT) networks of critical infrastructure organizations. […]
Federal agencies have until the end of the day to shut down two widely used software products due to major cybersecurity vulnerabilities. […]
The Senate Homeland Security and Governmental Affairs Committee (HSGAC) today approved two bills related to cybersecurity and software – the Industrial Control Systems Cybersecurity Competition Act and the Source Code Harmonization And Reuse in Information Technology (SHARE IT) Act. […]
Chinese state-sponsored hackers are positioning themselves to be able to take down vital U.S. resources at a moment’s notice and the U.S. must be prepared to deal with that threat, top Federal government officials told lawmakers today during a House Select Committee on the Chinese Communist Party (CCP) hearing. […]
A new white paper advocates for improved information sharing among private sector firms, stressing the need for timely, relevant, and detailed threat information to mitigate cyberattacks, aid in system recovery, and enhance the resilience of commercial networks. […]
Sens. Gary Peters, D-Mich., chairman of the Senate Homeland Security and Governmental Affairs Committee, and Mike Braun, R-Ind., introduced bipartisan legislation this week to broaden the scope of the President’s Cup Cybersecurity Competition. […]
Federal agency officials are looking for more collaboration across agencies to combat cybersecurity threats fueled by relentless adversaries who are employing the latest technologies in their attacks. […]
In joint guidance released on Jan. 17, the Cybersecurity and Infrastructure Security Agency (CISA) – alongside the FBI – is warning critical infrastructure and state, local, tribal, and territorial partners of cybersecurity threats posed by Chinese-manufactured unmanned aircraft systems (UAS), more commonly known as drones. […]
The Cybersecurity and Infrastructure Security Agency (CISA) issued an emergency directive today requiring agencies to mitigate “widespread and active exploitation” of vulnerabilities in Ivanti Connect Secure VPN and Policy Secure network access control appliances. […]
The government’s latest Federal Cybersecurity Research and Development (R&D) Strategic Plan is placing human-centered cybersecurity at the forefront of the nation’s cyber research and development activities and investments for the next four years. […]
The Department of Energy’s (DoE) Office of Cybersecurity, Energy Security, and Emergency Response (CESER) today announced a $30 million funding opportunity to support the research, development, and demonstration (RD&D) of next generation tools to protect clean energy delivery infrastructure from cyberattacks. […]
Witnesses told members of Congress today that the Department of Homeland Security’s (DHS) Cyber Safety Review Board (CSRB) should be an independent entity with a clear and transparent process for how it selects its board members and the incidents it investigates. […]
By creating the Bureau of Cyberspace and Digital Policy (CDP), the State Department is better positioned to achieve its cyber diplomacy goals, a new report from the Government Accountability Office (GAO) says. […]
The Aspen Institute’s US and Global Cybersecurity Groups released a new report on Tuesday that offers up recommendations on how to safely use AI in cybersecurity and steers organizations toward a “good place” where AI predominantly helps defenders. […]
Federal agencies have improved their cybersecurity information sharing in recent years but barriers remain, according to a recent joint report released by the Office of the Inspector General (OIG) of the Intelligence Community (IC). […]
The Department of Energy’s (DoE) Office of Cybersecurity, Energy Security, and Emergency Response (CESER) has announced up to $70 million in funding to support research into technologies designed to increase resilience and reduce risks to energy delivery infrastructure from a variety of hazards, including cyber threats. […]
The White House’s former National Cyber Director (NCD) Kemba Walden has been tapped to lead Paladin Capital Group’s new Global Institute, the investment firm announced today. […]
The Defense Department (DoD) on Dec. 26 published its latest proposed overhaul of the agency’s Cybersecurity Maturity Model Certification (CMMC) 2.0 program that would set three levels of cybersecurity compliance for defense industrial base (DIB) contractors, and allow for contractors to perform security self-assessments at some of the lower requirement levels. […]
From implementing the National Cybersecurity Strategy to issuing broad-sweeping software security guidelines, boosting the nation’s cyber posture was top of mind for the Biden administration in 2023. […]
The National Security Agency (NSA) published its 2023 Cybersecurity Year in Review this week to share its recent cybersecurity successes, including the agency’s work to enhance national security through artificial intelligence, strategic competition, and more. […]
The Cybersecurity and Infrastructure Security Agency (CISA) issued a formal request for information (RFI) in the Federal Register today looking for feedback on its secure-by-design software practices. […]
The Department of Defense’s (DoD) Defense Digital Service (DDS) has announced that its Hack the Pentagon program has launched a continuous bug bounty program that will expand to the Chief Digital and Artificial Intelligence Office (CDAO) assets and beyond. […]
The Cybersecurity and Infrastructure Security Agency (CISA) said that it will begin a two-year strategic effort to modernize its approach to enterprise cyber threat information sharing in 2024 “to maximize value to our partners and keep pace with a changing threat environment.” […]
Microsoft announced this week that the company has taken down websites and other online assets used by the Storm-1152 cybercrime group, which the company said is the “number one seller and creator of fraudulent Microsoft accounts.” […]
The Cybersecurity and Infrastructure Security Agency (CISA), as part of its Secure Cloud Business Applications (SCuBA) program, released a series of nine security configuration baselines for Google Workspace today, including applications like Gmail, Google Drive, and Google Meet. […]
The Department of Health and Human Services (HHS) has released a concept paper that outlines the department’s cybersecurity strategy for the healthcare sector, detailing four key actions it will take to advance cyber resiliency in the sector. […]