The National Cybersecurity Strategy released on Thursday by the White House is drawing strong initial reviews from across government and the private sector on a number of fronts, including its spur to modernizing technology, harnessing the full power of the Federal government to promote better security, and wrapping private sector interests more fully into the effort. […]
The Environmental Protection Agency (EPA) released a new memo today that calls on states to bolster their cybersecurity practices in order to mitigate the risk of cyberattacks and protect U.S. public drinking water. […]
The Biden administration released its much-anticipated National Cybersecurity Strategy today, with multiple focus points including continuing efforts to improve security in already-regulated critical infrastructure sectors, a high-level goal of shifting more security responsibility onto providers of tech products and services, and a robust focus on using “all tools of national power” to go after attackers. […]
The Office of the National Cyber Director’s (ONCD) long-awaited national cybersecurity strategy (NCS) – widely expected to be released publicly by the White House on March 2 – has one U.S. Cyber Command official looking forward to working toward an era of expanded international partnerships in the global cybersecurity fight. […]
Cybersecurity services provider CrowdStrike said today in its new 2023 Global Threat Report that the firm saw a sharp rise in cyberattacks on cloud environments, and upticks in China-nexus related attacks in 2022. […]
The Cybersecurity and Infrastructure Security Agency (CISA) has launched a brand new website, making tools easier to find for users and incorporating the former US-CERT website. […]
The director of the Cybersecurity and Infrastructure Security Agency (CISA) is calling out technology manufacturers for failing to create tech products that put the safety of customers first, and is calling for a new secure-by-design, secure-by-default cybersecurity model. […]
The National Institute of Standards and Technology (NIST) is making updates to key controlled unclassified information (CUI) cybersecurity standards for government contractors. […]
President Biden’s nominee to serve as the commissioner of the Internal Revenue Service (IRS), Daniel Werfel, pledged his commitment today to members of Congress that cybersecurity will be a “top priority” of his if confirmed. […]
A new report by the Bipartisan Policy Center (BPC) finds that the nation’s top cyber risks for 2023 range from a patchwork of conflicting cybersecurity regulations to a shortage of trained cyber professionals. […]
The Department of Defense (DoD) plans to release a cyber workforce strategy and implementation plan in the near future that will outline several initiatives for recruitment and retention of high-skilled cyber talent, said a Pentagon official during a Billington Cybersecurity virtual roundtable on Feb. 9. […]
ChatGPT, the chatbot technology launched by OpenAI late last year to much fanfare for its ability to create highly realistic narratives, may also end up delivering advantages to hackers who need to upgrade their phishing email pitches, according to new research released by BlackBerry. […]
The NATO Cooperative Cyber Defense Centre of Excellence (CCDCOE) has selected the Pentagon’s Defense Information Systems Agency (DISA) to lead the U.S. team in an annual cybersecurity challenge to enhance the skills of cybersecurity and IT experts. DISA has held this role for three consecutive years. […]
House Republicans this week requested more information from the Department of Energy (DoE) on a recent series of cyberattacks aimed at three DoE national laboratories to gauge the scope of the attacks, and the agency’s current cybersecurity posture. […]
As cybercriminals increasingly targeted specific people within organizations in hopes of breaking into networks, onboarding new information technology (IT) solutions to solve or mitigate cyber risks will not be enough to defend against sophisticated probing for weak links in the human capital chain. […]
Successfully implementing a zero trust architecture can oftentimes be a challenge for organizations, especially when there is a lack of buy-in at the executive level. To help clear that kind of hurdle, Federal officials say the secret sauce is developing a zero trust business case. […]
The Cybersecurity and Infrastructure Security Agency’s (CISA) Joint Cyber Defense Collaborative (JCDC) said this week it will focus on three main priority areas in 2023: systemic risk, collective cyber response, and high-risk communities, according to its 2023 Planning Agenda released on Jan 26. […]
Robert Osmond, chief information officer (CIO) at the Virginia Information Technologies Agency (VITA), outlined this week how “agile everything” is the direction he wants the state tech agency to take with digital workflows. […]
The National Oceanic and Atmospheric Administration’s (NOAA) Cyber Security Division is seeking insight from industry on how to support the agency’s cybersecurity efforts. […]
The National Security Agency (NSA) on Jan. 18 published guidance to help the Department of Defense (DoD) and other system administrators identify and mitigate security issues associated with the transition to Internet Protocol version 6 (IPv6). […]
The National Institute of Standards and Technology (NIST) has put together a concept paper with proposed revisions to its Cybersecurity Framework (CSF) and is looking for input on the changes before it crafts a draft of CSF 2.0. […]
Federal Communications Commission (FCC) Chairwoman Jessica Rosenworcel warned in a Jan. 17 speech that the deployment of fifth-generation (5G) wireless communications networks involves big security and privacy challenges. […]
The U.S. Department of Health & Human Services (HHS) plans to release updated cybersecurity guidance for the healthcare industry along with an agency-wide data strategy in the upcoming weeks, according to Karl Mathias, chief information officer (CIO) at HHS. […]
The Cybersecurity and Infrastructure Security Agency (CISA) released its 2022 Year in Review report this week, highlighting the agency’s increased collaboration with industry partners. […]
The National Archives and Records Administration (NARA) today published an update to the government’s records retention rules, which provides Federal agencies with new instructions on how long to hang on to cybersecurity logs. […]
Three Senate Democrats outlined their tech priorities for this year at the CES 2023 technology conference in Las Vegas on Jan. 6, with cybersecurity and investments in tech advancements topping that list. […]
The U.S. Patent and Trademark Office (USPTO) is looking for a contractor to perform red team penetration testing on USPTO systems as the organization looks to continue improving its cybersecurity posture and protect its data, according to a Jan. 4 request for information (RFI). […]
The nation’s path to sustainable cybersecurity improvement lies in improving technology security by design, and achieving better communication between industry and government, said Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency (CISA), during an address today at the CES 2023 technology conference in Las Vegas. […]
President Biden signed into law on Dec. 27 the Strengthening VA Cybersecurity Act of 2022, which requires the Department of Veterans Affairs (VA) to obtain an independent cybersecurity assessment of its most critical information systems, as well as its cyber posture as a whole. […]
President Biden on Dec. 27, 2022, signed into law the Small Business Cyber Training Act, which requires the Small Business Administration (SBA) to boost its ability to provide cyber planning training, and be more proactive in protecting data and requiring greater transparency of threats and breaches that occur. […]