In light of rising software supply chain security attacks, Rep. Nancy Mace, R-S.C., introduced new legislation today that aims to help Federal contractors identify and fix software vulnerabilities before adversaries can exploit them. […]
The Department of Defense (DoD) is calling on private companies, academic organizations, and non-profits that can provide certification, training, courses, or formal education to apply to the Pentagon’s Cyber Workforce Qualification Program. […]
The Cybersecurity and Infrastructure Security Agency (CISA) – alongside the National Security Agency (NSA) and National Institute of Standards and Technology (NIST) – released a joint factsheet today encouraging early planning for migration to post-quantum cryptographic standards by developing a Quantum-Readiness Roadmap. “Quantum-Readiness: Migration to Post-Quantum Cryptography” is urging organizations – especially those that support critical infrastructure […]
The Cybersecurity and Infrastructure Security Agency (CISA) is looking to change the technology ecosystem through its secure-by-design and -default guidelines, and CISA officials explained the agency’s plan to foster this ecosystem at the Black Hat USA Conference in Las Vegas last week. […]
The Cybersecurity and Infrastructure Security Agency’s (CISA) Joint Cyber Defense Collaborative (JCDC) today published the Cyber Defense Plan for Remote Monitoring and Management (RMM), making it the first-ever plan developed by industry and government partners through the JCDC. […]
Federal Chief Information Security Officer (CISO) Chris DeRusha explained today how the National Cybersecurity Strategy (NCS) and implementation plan released by the Office of the National Cyber Director (ONCD) earlier this year lines up nicely with the goals of improving Federal government cybersecurity, but also warned that the prevalence of legacy IT systems still being used by many Federal agencies continues to stand in the way of security improvements. […]
The Cybersecurity and Infrastructure Security Agency (CISA) has led a handful of identity security initiatives over the past year, and, according to a CISA official, is closing in on finalized guidance on recommended cybersecurity configuration baselines for select cloud products – like Microsoft 365 and Google Workspace. […]
The Cybersecurity and Infrastructure Security Agency (CISA) is launching a new program that will collect information to provide tailored technical assistance, services, and resources to critical infrastructure (CI) organizations and state, local, Tribal, and territorial (SLTT) governments. […]
The Cyber Safety Review Board (CSRB) will assess the recent Microsoft Exchange Online intrusion and conduct a broader review of issues relating to cloud-based identity and authentication infrastructure, the Secretary of Homeland Security Alejandro Mayorkas announced today. […]
The Federal Communications Commission (FCC) is seeking public comment on a proposal to create a voluntary cybersecurity labeling program that would provide consumers with clear information about the security of their smart devices. […]
The head of the Cybersecurity and Infrastructure Security Agency (CISA) said this week that the United States needs to take a page out of Ukraine’s cyber playbook and build more resiliency into its critical infrastructure now. […]
The Cybersecurity and Infrastructure Security Agency (CISA) is looking to utilize AI capabilities to keep Americans safe from cyber threats and bolster the nation’s cyber defense, CISA Director Jen Easterly said this week. […]
“Ensuring cybersecurity” remains at the top of the Internal Revenue Service’s (IRS) list of priorities issued annually by the Government Accountability Office (GAO) for the fifth year in a row. […]
Cybersecurity technology provider CrowdStrike said in a report issued today that its Falcon OverWatch managed threat hunting unit saw a 40 percent year-over-year jump in “observed interaction intrusion volumes” for the year ended June 30. […]
Faced with increasing cyberattacks on K-12 schools, the Biden-Harris administration today unveiled several government actions to help bolster their cyber defenses, along with numerous commitments from private-sector organizations that aim for the same result. […]
A new report from tech security provider BlackBerry finds a 40 percent in cyberattacks targeting government agencies and public services organizations during the three months ended in May 2023. […]
The deadline for the final draft by the Federal Acquisition Regulations (FAR) Council on a ruling to consolidate cybersecurity supply chain risk management requirements is approaching soon. The final ruling is expected to further permeate cybersecurity regulations across Federal procurement circles. […]
The Cybersecurity and Infrastructure Security Agency (CISA) today debuted its cyber plan for the next three years, noting that the agency’s planning document builds on the White House’s National Cybersecurity Strategy released earlier this year. […]
The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), the FBI, and international cybersecurity agencies issued a joint cybersecurity advisory on August 3 warning organizations of common vulnerabilities and exposures (CVEs) that were frequently exploited by malicious actors in 2022. […]
The Department of Defense (DoD) has released its long-awaited cyber workforce implementation plan, which outlines a foundation for DoD to successfully execute the objectives and initiatives aligned with the Cyber Workforce Strategy, which was released back in March. […]
The U.S. National Science Foundation (NSF) CyberCorps Scholarship for Service program has renewed funding for seven academic institutions, providing more than $24 million over the next four years to support the development of a robust and resilient cybersecurity workforce. […]
The Biden-Harris administration’s newly released cybersecurity workforce strategy zeros in on the people part of the cyberspace ecosystem, identifying opportunities to build out the cyber workforce ecosystem and better educate Americans on landing cyber jobs. […]
The U.S. Army established a new program management office within its Program Executive Office for Intelligence, Electronic Warfare, and Sensors (PEO IEW&S) to support its expanding cyber, information warfare, and tactical space missions. […]
Sen. Ron Wyden, D-Ore., demanded that the Department of Justice (DoJ) and two civil regulators open separate probes into Microsoft’s cybersecurity practices after a high-level hack targeting the highest ranks of President Biden’s cabinet. […]
A bipartisan bill to establish an Office of Policy Development and Cybersecurity at the National Telecommunications and Information Administration (NTIA) passed the House on a voice vote this week. […]
The Department of Defense (DoD) on Monday submitted its proposed rule to implement the Cybersecurity Maturity Model Certification (CMMC) program to the Office of Management and Budget (OMB) for review. […]
The Department of Defense (DoD) has fallen behind in applying Agile software development principles to its software acquisition tools for some of its weapons programs, according to a Government Accountability Office (GAO) report released on July 20. […]
In an effort to act on the initiatives assigned to it in the Biden-Harris administration’s National Cybersecurity Strategy Implementation Plan (NCSIP), the Department of Justice (DoJ) announced today that it is “supercharging” its cybercrime division by merging it with the National Cryptocurrency Enforcement Team (NCET). […]
The Office of the National Cyber Director (ONCD) released its request for information (RFI) on cybersecurity regulatory harmonization and regulatory reciprocity today, seeking input from stakeholders to understand existing challenges with regulatory overlap and inconsistency. […]
Microsoft cloud service customers will now have access to expanded cloud logging capabilities at no additional cost, thanks to a new collaborative partnership announced today between the tech company and the Cybersecurity and Infrastructure Security Agency (CISA). […]