Anne Neuberger, the White House’s deputy national security advisor for cyber and emerging technologies, released a statement today requiring all Federal agencies to apply Microsoft’s new set of Exchange patches “immediately.” […]

President Biden is proposing $2.1 billion of funding for the Cybersecurity and Infrastructure Security Agency (CISA), along with large scoops of cyber funding for other Federal agencies, according to the White House’s FY 2022 request for discretionary funding released today. […]

As telework and cyber threats are both ever-increasing, the move to zero trust security concepts is needed as a generational shift in security strategy for Federal agencies to stay one step ahead of adversaries, cybersecurity experts said April 7 during FCW’s Zero Trust Workshop. […]

Reps. Nancy Mace, R-S.C., and Mike Bost, R-Ill., introduced legislation that would direct the Department of Veterans Affairs (VA) to lead a communications and outreach program aimed to educate veterans on cyber risks. […]

The National Institute of Standards and Technology (NIST) is seeking information on a contractor that can provide cybersecurity research, development, and implementation support services and subject matter expertise on task areas of various priority levels. […]

The Federal government needs to both understand and work with the private sector when it comes to cybersecurity and innovation, Director of National Intelligence Avril Haines said today. […]

MeriTalk recently spoke with Bobby McLernon, vice president of Federal sales at Axonius, on how Federal agencies can ensure employees will transition smoothly back to in-person working environments, while maintaining proper cybersecurity practices. […]

Brandon Wales, acting director of the Cybersecurity and Information Security Agency (CISA) today defended the value of CISA’s EINSTEIN cyber defense program against criticism leveled by the ranking member of the Senate Homeland Security and Governmental Affairs Committee and suggested that the program be improved rather than scrapped. […]

The Department of Labor (DOL) must clarify whether plan administrators are responsible for mitigating cybersecurity risks and set minimum expectations for protecting personally identifiable information (PII), a report by the Government Accountability Office (GAO) said. […]

The nine Federal agencies whose networks were compromised in the Russia-backed hack via SolarWinds Orion products are close to finishing their remediation reviews, and the government is planning new deployments of unspecified security and IT modernization technologies to avoid a repeat of the intrusions, a senior Biden administration official said during a background briefing on March 12. […]

President Biden announced today he will nominate Christopher Fonzone – who brings expertise in IT and cybersecurity legal issues – to serve as general counsel of the Office of the Director of National Intelligence (ODNI). […]

The Cybersecurity and Infrastructure Security Agency (CISA) needs to update its milestones and fully implement its plans related to CISA Act of 2018 in order to provide more effective cybersecurity for the United States, the Federal government’s chief watchdog agency said. […]

The Department of Defense (DoD) has improved its cybersecurity efforts since 2018, but still lacks clear cybersecurity guidelines in acquisition program contracts, a recent Government Accountability Office (GAO) report said. […]

The House Homeland Security and Oversight and Reform committees held a joint public hearing today to discuss the Russia-based hack of government and private sector networks via SolarWinds Orion products. During the hearing, both the private sector witnesses and members of Congress called for better cybersecurity practices, legislation, and increased information sharing. […]

Department of Homeland Security (DHS) Secretary Alejandro Mayorkas on Feb. 22 announced several steps to help meet President Biden’s goal to advance cybersecurity in the Federal government, including increasing spending to improve cybersecurity in some areas. […]

Two influential House committees said they will hold a public hearing into the Russia-based hack of government and private sector networks via SolarWinds Orion products, along with other recent attacks, on Feb. 26 at 9 a.m. […]

The General Services Administration’s (GSA) insider threat program (ITP) is failing to adequately protect GSA personnel, facilities, and systems from insider threats, according to a recent report from the agency’s Office of Inspector General. […]

The Election Infrastructure Government Coordinating Council – whose leadership spans Federal, state, and local government election officials – applauded inter-government cooperation on implementing cybersecurity safeguards in the 2020 election cycle, and pledged to use lessons learned going forward to improve election security and resiliency. […]

Officials from the Defense Department (DoD) and the Cybersecurity and Infrastructure Security Agency (CISA) said today that creating more effective defenses against sophisticated cyberattacks of the type used in the SolarWinds Orion hack may require further adoption of zero trust security concepts. […]

It has been nearly a year since the Federal workforce had to shift to telework practically overnight. While the Federal government was already working to increase telework capabilities, COVID-19 forced agencies to modernize at warp speed. After making sure employees had the devices they need, agencies had to ensure that cybersecurity capabilities remained strong even though employees were now working on their home networks. […]

The leader of the Federal government’s investigation of the Russia-backed hack of government and private sector networks via SolarWinds Orion products said Feb. 17 that the attack “compromised” nine Federal government networks – matching with earlier estimates from Federal law enforcement and intelligence agencies that “follow-on” activity by the hackers after initial breaches via software downloads were seen in “fewer than 10” Federal agencies. […]

Sen. Mark Warner, D-Va., chairman of the Senate Intelligence Committee, is asking the FBI and the Environmental Protection Agency (EPA) to provide more information on the recent attempt by cyber criminals to poison the water supply at an Oldsmar, Fla. water treatment facility. […]

In an audit of the Defense Department’s (DoD) cybersecurity requirements for weapon systems in the operations and support (O&S) phase of the DoD acquisition lifecycle, the DoD Inspector General (IG) highlighted five weapon systems that have been successfully updating cybersecurity requirements and meeting Risk Management Framework requirements. […]

After Sens. Mark Warner, D-Va., chairman of the Senate Intelligence Committee, and Marco Rubio, R-Fla., the committee’s ranking member, called for the designation of a single official to lead the U.S. response to the Russia-backed hack of thousands of government and private-sector networks via SolarWinds Orion products, the White House confirmed to the senators that Deputy National Security Advisor Anne Neuberger is leading the effort. […]

Anne Neuberger, deputy national security advisor for cyber and emerging technology on President Biden’s National Security Council (NSC), said this week that the administration is working on a new national cybersecurity strategy and that it will likely feature some of the recommendations that have already been made by the President’s National Security Telecommunications Advisory Committee (NSTAC) but not yet implemented. […]

As agencies are scrambling to recover and build up their cybersecurity from the Russia-backed hack of thousands of government and private-sector networks via SolarWinds Orion products, Federal agency leaders say it will not be easy. […]

The Federal Energy Regulatory Commission (FERC) is proposing a rule change that would provide rate incentives for electric companies that go “above and beyond” current regulations in their cybersecurity investments. […]

The 117th Congress is finalizing its lineup of new leadership for House committees and subcommittees. Although some committee leadership remains the same, here are the names to pay attention to in the Federal IT world. […]

The National Institute of Standards and Technology (NIST) has issued a Special Publication (SP) to help organizations protect sensitive information on different electronic systems from state-sponsored hacking. […]

The Department of Defense’s (DoD) Defense Innovation Unit (DIU) has invested in a cybersecurity platform to upgrade their “cyber threat detection and intelligence-gathering capabilities,” according to a Jan. 25 press release. […]