The Department of the Interior – which is responsible for overseeing the infrastructure of offshore domestic oil and gas facilities – must immediately develop and implement a cybersecurity strategy to protect these facilities against growing threats, the Government Accountability Office (GAO) said in a new report.
Defense contractors are not required to disclose their cybersecurity effort and waiting on them to voluntarily do so has left gaps in security, a top defense cyber official said on Nov. 16 at Politico’s Defense Summit.
While the United States faces a diverse array of threats to national security, Federal officials warned on Nov. 17 that China poses the “greatest long-term threat,” especially when it comes to cyber threats.
Iranian nation-state threat actors breached a Federal agency’s network before deploying malware, including a credential harvester and a cryptocurrency miner, according to a joint advisory released on Nov. 16, by the Federal Bureau of Investigations (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA).
The Government Accountability Office (GAO) released a new report on Nov.14 that indicates that the Department of Defense (DoD) and Defense Industrial Base (DIB) need to enhance their work on sharing reports on cybersecurity incidents.
The Cybersecurity and Infrastructure Agency (CISA) has outlined critical steps for the prioritization of software vulnerability remediation by Federal agencies and the private sector. However, the success of these steps relies on software vendors providing the necessary information for this process.
New research from Lookout finds that mobile threats affecting Federal, state, and local governments are on the rise. Lookout, a provider of endpoint-to-cloud security, said that mobile phishing and device vulnerability risks within government agencies has increased since 2021.
Federal agencies have until December to implement cybersecurity requirements for Internet of Things (IoT) deceives, Katerina Megas, program manager for the National Institute of Standards and Technology’s (NIST) IoT cybersecurity program, said on Nov 8.
As Federal agencies work through the second year of implementing the Biden administration’s cybersecurity executive order issued in May 2021, one benefit not enumerated in the order is coming into view: chief information officers (CIO) and security officials are getting a bigger seat at the table with agency leadership.
As President Biden’s cybersecurity executive order (EO) reaches its year-and-a-half milestone, Federal officials today agreed that the cyber EO is different from the rest as it “has legs” and will produce long-lasting results for the government.
Senate Intelligence Committee Chairman Mark Warner, D-Va., is calling on the Department of Health and Human Services (HHS) to improve its collaboration with the Cybersecurity and Infrastructure Security Agency (CISA) to better protect the health care sector from cyberattacks – and designate a senior leader to lead the agency’s cyber efforts.
New Federal cybersecurity guidance for critical infrastructure providers is providing a necessary view at security baselines for those organizations, a senior General Dynamics Information Technology executive told MeriTalk.
A bipartisan bill aimed at creating a pilot program within the Department of Education to strengthen cybersecurity education has been reintroduced in the House of Representatives.
The Federal government’s push to improve the nation’s cybersecurity posture across the board has taken shape through numerous policies and actions, but none are more important than the ongoing goal of creating more responsive operational collaboration with the private sector, Federal cybersecurity leaders said on Oct. 28.
Republican leaders on the House Energy and Commerce Committee introduced three pieces of new legislation last week that would direct Federal agencies with expertise over discrete industry sectors to take on larger roles in expanding cyber protections for those sectors.
The Federal Communications Commission on Oct. 27 voted to approve a notice of proposed rulemaking that aims to shore up the cybersecurity and operational readiness of the Emergency Alert System (EAS) and Wireless Emergency Alerts.
The Federal government is increasingly pushing for cyber resilience in the face of unrelenting attacks as a mission-critical capability. But getting there is no easy task.
The Cybersecurity and Infrastructure Security Agency (CISA) today unveiled its long-anticipated cybersecurity performance goals (CPG) to help critical infrastructure owners and operators prioritize and set a foundation for key security measures.
Kemba Walden, principal deputy national cyber director in the Office of the National Cyber Director (ONCD), today laid out what to expect from her office over time as it puts into place a national cybersecurity plan, what ONCD expects of the private sector, and what both can expect from each other.
The White House announced on Oct. 26 that it will expand the Industrial Control Systems (ICS) Cybersecurity Initiative to the chemical sector, as part of a larger effort to set cybersecurity baselines for critical infrastructure and protect infrastructure from cyber threats.
Reps. Elise Stefanik, R-N.Y., and Mike Gallagher, R-Wis., have introduced new legislation that aims to counter the influence of foreign adversaries on the United States telecommunications infrastructure – and beyond the current sanctions on China-based equipment makers including Huawei and ZTE.
Earlier this month, U.S. Cyber Command (CYBERCOM) conducted a wide-ranging defensive cyberspace operation focused on sweeping for known malware, and intended to “highlight and enhance CYBERCOM’s interoperability with partners.”
The Surface Transportation Security Advisory Committee (STSAC) – which acts as an advisor to the Transportation Security Administration (TSA) – has opened registrations for the public to attend its annual public meeting on Nov. 17 where the agenda features a variety of cybersecurity-related issues.
New research from (ISC)² sheds light on what it would take to close the longstanding cyber workforce shortage, and the answer is a big number. According to new research from the nonprofit, the cybersecurity profession needs to grow by 3.4 million people to close the global workforce gap.
The Department of Education and the Cybersecurity and Infrastructure Security Agency (CISA) need to do better in coordinating efforts to aid K-12 schools in cybersecurity, according to a recent report by the Government Accountability Office (GAO).
Will Hurd, the Texas Republican who served in the House from 2015 to 2021 and became a leading voice in Congress on IT and security issues, said this week that he sees ongoing foreign-influence operations as a lasting concern for next month’s midterm elections in the United States.
The Biden administration is targeting the spring of 2023 to roll out a proposed new national cybersecurity labeling program for internet-of-things (IoT) devices, a National Security Council spokesperson confirmed today.
Improving the cybersecurity of the water critical infrastructure sector, K-12 schools, and healthcare sector are among the top priorities for the Cybersecurity and Infrastructure Security Agency (CISA), agency Director Jen Easterly said today during Mandiant’s mWISE conference in Washington.
After more than eight years of trying, Russia has yet to realize its strategic cyber war-fighting goals in Ukraine, a top Ukrainian government technology official said on Oct. 19 at Mandiant’s Worldwide Information Security Exchange event in Washington.
National Cyber Director (NCD) Chris Inglis today previewed some themes from the national cybersecurity strategy that he’s working on – and said the long-awaited strategy should be publishing within the next couple of months.