More than 80 percent of the most severe tech-related vulnerabilities to critical infrastructure originate from the same 20 software components, a new report out this week from Fortress Information Security finds. […]

A report out this month by the Environmental Protection Agency’s (EPA) Inspector General (IG) finds that drinking water systems serving approximately 26.6 million people have critical or high-risk cybersecurity vulnerabilities. […]

Former Acting National Cyber Director (NCD) Kemba Walden said on Thursday that the current sector-by-sector assignment of critical infrastructure areas by U.S. regulators is handicapping the Federal government and hindering nationwide cyber resilience. […]

Aging critical infrastructure is impacting how Federal officials are preparing to respond to cyberattacks and damage to that infrastructure from environmental disasters, with collaborate approaches and response plans key to that preparedness effort.   […]

In response to a probe from the Government Accountability Office (GAO), the Environmental Protection Agency (EPA) says it plans to release a national cybersecurity strategy for the water sector in January 2025. […]

The Department of Homeland Security (DHS) released guidance on Thursday aimed at helping Federal agencies, critical infrastructure owners and operators, and other government and private sector stakeholders with their critical infrastructure security and resilience efforts. […]

Pro-Russia hacktivists are targeting and compromising small-scale operational technology (OT) systems in North American and European critical infrastructure sectors – including water and wastewater systems (WWS), dams, energy, and food and agriculture – according to a joint fact sheet released today by leading Federal cyber agencies. […]

Former chief of the U.S. Fleet Cyber Command said today that the Federal government and industry must be prepared to work together in the face of adversarial attacks against U.S. critical infrastructure like the electric grid. […]

Two of the Federal government’s top cybersecurity officials praised a new White House report this week that offers four recommendations to fortify the resilience of the nation’s critical infrastructure – including establishing performance goals and ramping up funding for agencies that oversee the sectors. […]

After gunfire damaged two electrical substations in Moore County, N.C., leaving 45,000 people without power in early December, a team of Federal energy sector regulators has taken action to conduct a review of electric grid security protocols. […]

The Biden administration plans to launch a process to review and revise U.S. critical infrastructure protection policy, including providing guidance to agencies on designating certain critical infrastructure (CI) as “systemically important.” […]

The National Institute of Standards and Technology (NIST) plans to create a cybersecurity practice guide for the water and wastewater utilities sector, according to an announcement published last week. […]

The much-anticipated $1 trillion Senate bipartisan infrastructure bill unveiled on August 1 shows big cybersecurity funding wins for state and local governments with a $1 billion for a cybersecurity grant program, and electric utilities that will be receiving $1.25 billion through a cybersecurity grant program to protect the electric grid. […]

Senate negotiators have reached a deal on the legislative language for the $1.2 trillion Bipartisan Infrastructure package, the White House announced today, and a vote could come as soon as tonight. […]

The House of Representatives passed the Department of Homeland Security (DHS) Industrial Control Systems (ICS) Capabilities Enhancement Act on July 20, and the bill now has bipartisan companion legislation in the Senate. […]

A group of House lawmakers that has been studying Defense Department (DoD) supply chain concerns has given the Pentagon a list of high-level recommendations to address supply chain risks going forward. […]

Recent hacks on localities’ water supply have shown the importance of cybersecurity in the water infrastructure. Witnesses sounded the alarm about water infrastructure cybersecurity and called for training and funding investments at a July 21 Senate Environment and Public Works Committee hearing. […]

The Senate Budget Committee’s agreement reached late July 13 on a $3.5 trillion “soft” infrastructure funding package will help pave the way for Congress to consider the $1.2 trillion bipartisan compromise infrastructure agreement reached last month between the White House and a group of ten senators from both parties. […]

President Biden said today he was “optimistic” after speaking with Russian President Vladimir Putin about the United States government’s expectations for cooperation from Russia in the event of ransomware attacks that emanate from Russian territory. […]

President Biden on June 26 pledged his support for a separate voting track in Congress for legislation containing a $1.2 trillion compromise infrastructure agreement that the White House reached last week with a bipartisan group of senators. […]

An infrastructure deal reached today by the White House and a bipartisan group of senators features a potentially huge Federal funding bump for cybersecurity as part of a larger “resiliency” section of the agreement, although details of the scope of the cybersecurity portion remain murky until further information about the plan becomes public. […]

With the focus turning to securing critical infrastructure and a backdrop of an increased number of cyberattacks, a survey of the cybersecurity in the water and waste management sector shows a number of facilities with incomplete cybersecurity programs, the Water Information Sharing and Analysis Center (ISAC) found in an April 2021 study. […]

After a Senate committee hearing yesterday, Colonial Pipeline’s president and CEO was back in front of Congress today, appearing before the House Committee on Homeland Security for a hearing about last month’s ransomware attack. There he expressed a need from private industry for the Federal government to pressure the hosts of these ransomware actors. […]

Congressman Ted W. Lieu, D-Ca., and Congressman Ken Calvert, R-Ca., introduced the Space Infrastructure Act on June 4. This bill directs the Secretary of the Department of Homeland Security (DHS) to designate space systems, services, and technology as a critical infrastructure sector. […]

The Biden administration is pushing hard to help fight the rise of ransomware attacks on private industry, and the White House is taking steps on multiple fronts to work with the private sector to combat the issue. […]

The continued flurry of high-profile ransomware attacks on critical infrastructure targets in the United States is climbing the ladder of presidential priorities – with President Biden saying it’s on the agenda for his summit with Russian President Vladimir Putin later this month, and White House officials confirming that cryptocurrency will be part of a new examination of global corruption. […]

The Biden administration is publicly demonstrating its willingness to lend Federal help to respond to a variety of ransomware assaults against critical infrastructure sectors – the latest involving a cyberattack against JBS USA, the world’s largest meatpacker, that forced the company reportedly to shut down nine of its plants. […]

Action on the Biden administration’s $1.7 trillion infrastructure spending proposal that debuted in late March as the $2.3 trillion American Jobs Plan is sliding well into June as the White House and Republican senators have traded offers and counteroffers on the legislation, but still remain deeply divided on the scope of the bill and its price tag. […]

Department of Homeland Security (DHS) Secretary Alejandro Mayorkas on March 31 previewed six “sprints” planned by DHS and its Cybersecurity and Infrastructure Security Agency (CISA) component throughout 2021 to bolster Federal cybersecurity across a range of areas including ransomware, industrial control system (ICS) security, and workforce development. […]

The Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) has released supplemental directions to help agencies root out and mitigate vulnerabilities in their Microsoft Exchange on-premises products. […]