As the cyber threat landscape continues to morph for entities at the Federal level, so too does it change for governments at the state, local, and tribal level. For the state of Illinois, adding cyber into emergency management and working closely with counties has helped to better prepare the state for cyber threats. […]

When implementing a successful zero trust architecture, Federal chief information officers (CIOs) and chief information security officers (CISOs) encourage agencies to look towards modernization and to think of zero trust as an “integration architecture.” […]

The Biden-Harris Administration is taking steps this week to gin up international support to fight ransomware as the White House National Security Council (NSC) hosts a two-day virtual assembly with 30 foreign partners to discuss joint efforts to counter the attacks. […]

Cybersecurity is the ultimate team sport, Jim Richberg says in a new MeriTV interview. It requires greater public-private cyber information sharing – called for in the May Executive Order on Improving the Nation’s Cybersecurity (EO) and backed up by several new pieces of legislation – but the conditions for it must be established over time, he advised. […]

Sens. Shelley Moore Capito, R-W.Va., and John Hickenlooper, D-Colo., introduced legislation that would revamp the National Telecommunications and Information Administration’s (NTIA) Office for Policy Analysis and Development to have a stronger focus on cybersecurity efforts. […]

Microsoft’s new Digital Defense Report finds that Federal agencies and organizations have been the most targeted sector by cyber threat actors since the middle of last year, and that attacks emanating from Russia have been the most frequent. […]

Sen. Elizabeth Warren, D-Mass., and Rep. Deborah Ross, D-N.C., introduced a bicameral bill this week that would require ransomware victims to report to the government when they have paid a ransom, with an aim of bolstering the flow of critical cybersecurity data. […]

In light of this year’s cyberattack on Colonial Pipeline and other critical infrastructure targets in the United States, the Department of Homeland Security’s Transportation Security Administration (TSA) component is prepping a new cybersecurity directive covering “high-risk” railroad operations, according to DHS Secretary Alejandro Mayorkas.  […]

Reps. John Katko, R-N.Y., and Abigail Spanberger, D-Va., introduced a bipartisan bill in the House this week that aims to protect systemically important critical infrastructure (SICI) from cyberattacks. […]

The COVID-19 pandemic has driven home the importance of international collaboration in science to solve global problems, and witnesses at a House Space, Science, and Technology Committee hearing on October 5 emphasized the importance of balancing the benefits of open collaboration in science with the pressing need for information security in the research enterprise. […]

Deputy Attorney General Lisa Monaco said today the Department of Justice (DoJ) is launching two new initiatives to combat cyber threats, including the creation of a National Cryptocurrency Enforcement Team, and a civil cyber fraud initiative that will fine Federal contractors who don’t follow required cybersecurity standards. […]

The Democratic and Republican leaders of the Senate Homeland Security and Governmental Affairs Committee have unveiled their long-awaited legislation to update the 2014 Federal Information Security Modernization Act that provides cybersecurity marching orders to Federal civilian agencies. […]

The Democratic leaders of the House and Senate made official over the weekend what had become obvious by late last week: the hoped-for late September votes on two big Federal infrastructure funding bills were sliding into October. […]

The National Security Agency (NSA) and Cybersecurity and Infrastructure Security Agency (CISA) released a joint Cybersecurity Information Sheet that helps detail factors for choosing a virtual private network (VPN) and secure deployment. […]

The House of Representatives passed the Federal Rotational Cyber Workforce Program Act Sept. 29 by an overwhelming 410-15 margin. If approved by the Senate and enacted, the bill would create a cybersecurity personnel rotation program for Federal employees. […]

The Cybersecurity and Infrastructure Security Agency (CISA) has partnered with Girls Who Code (GWC) to develop pathways for young women to pursue careers in cybersecurity and technology, the agency announced Sept. 30. […]

The National Institute for Standards and Technology (NIST) is in the process of doing research and working on an update to its special publication (SP) 800-82, a guide to Industrial Control Systems (ICS), by early 2022, NIST officials said today. […]

The Cybersecurity and Infrastructure Security Agency (CISA) is in the process of building out its Joint Cyber Defense Collaborative (JCDC) office, and CISA Director Jen Easterly today said that while the office is being established based on the Cyberspace Solarium Commission recommendation of creating a joint collaborative planning office, the JCDC will be about more than just planning. […]

The fiscal year (FY) 2022 National Defense Authorization Act (NDAA) passed the House of Representatives late Sept. 23 with a bipartisan 316-113 vote. Among the amendments are a number of tech provisions focusing heavily on cybersecurity, along with some focusing on the digital workforce, cloud, and AI. […]

Closer integration between cybersecurity teams and enterprise risk management staff could help Federal agencies avert catastrophic cyber breaches more effectively, according to a new study published on September 23 by the Partnership for Public Service and Deloitte. […]

The U.S. Army Corps of Engineers is looking to enhance its cybersecurity efforts with zero trust security concepts, according to the Corps’ Chief Information Officer (CIO), Dovarius Peoples. […]

With a growing number of advanced threats across the Federal landscape, Small Business Administration (SBA) Chief Technology Officer Sanjay Gupta, encouraged agencies to view cybersecurity as a “team sport” and a proactive sport to gain a better cyber posture. […]

As part of a government-wide effort to counter ransomware, the U.S. Department of the Treasury is taking robust actions to disrupt criminal networks and virtual currency exchanges responsible for laundering ransoms, encourage best cyber practices, and increase efficient and timely incident reporting to agencies. […]

After a two-day meeting that included deciding which amendments to the fiscal year (FY) 2022 National Defense Authorization Act (NDAA) will receive votes, the House Rules Committee ruled several cybersecurity provisions to see floor votes when the measure comes up. […]

At the highest levels of the Federal government and the private sector, officials have recognized that cybersecurity is a national security issue. A series of policy and technical documents and high-level meetings this year have reinforced this notion. Chief among them is President Biden’s cybersecurity executive order (EO), which outlines a wide-ranging and ambitious series of actions Federal agencies must take to better secure government operations. MeriTalk recently talked with Jim Richberg, field chief information security officer at cybersecurity firm Fortinet, who is uniquely qualified to assess the potential impact of the cybersecurity EO and the actions that agencies must take to realize its promise. Prior to joining Fortinet, Richberg was the senior federal executive focused on cyber intelligence within the U.S. intelligence community. He helped build the discipline of cyber threat intelligence analysis and is an innovator in measuring cyber performance, risk, and return on investment.  […]

The American Federation of Government Employees (AFGE) now supports Rep. Jimmy Panetta’s, D-Ca., National Defense Authorization Act (NDAA) amendment that would create a Civilian Cyber Reserve at the Department of Homeland Security (DHS), AFGE announced in a follow-up letter on Sept. 18. […]

The American Federation of Government Employees (AFGE) wrote the leaders of the House Rules Committee Sept. 15 to express their opposition to amendments to the fiscal year (FY) 2022 National Defense Authorization Act (NDAA) that would create a civilian cyber reserve program. […]

As we approach the home stretch for the two trillion-dollar-plus infrastructure bills that have consumed an extraordinary amount of legislative energy over the past few months, it’s easy to become confused. […]

With attacks on critical infrastructure increasing, Rep. Jim Langevin, D-R.I., chairman of the House Armed Services Subcommittee on Cyber, Innovative Technologies, and Information Systems, is calling for improved security of critical systems and increased cybersecurity collaboration among the private and public sector. […]

With fiscal year (FY) 2021 ending September 30, the House Rules Committee will be meeting on September 20 to decide which of the over 800 amendments filed for the FY2022 National Defense Authorization Act (NDAA) will get a floor vote. […]