Because adversaries like China and Russia increasingly have their hands in the information communication technology arena – whether directly or through subsidiaries – one of the keys to improving cybersecurity in an expanding threat landscape involves strong risk management, in addition to prevention, Federal experts said this week. […]

Kurt DelBene, chief information officer (CIO) at the Department of Veterans Affairs (VA), said today that his agency is not spending enough on cybersecurity, and would benefit from being able to pay higher salaries in order to recruit and retain cyber experts. […]

The Government Accountability Office (GAO) said in new report issued today that it has delivered another 18 recommendations to the Defense Department (DoD) to improve operations across a range of agency functions, and also provided an update showing some DoD progress on outstanding cybersecurity-related recommendations. […]

The U.S. Marine Corps (USMC) has awarded Sealing Technologies a $168.5 million task order to help the agency implement a suite of tools designed for executing defensive cyber operations (DCO). […]

The Cybersecurity and Infrastructure Security Agency (CISA) has made only limited progress in improving the overall quality of cyber threat data information it shares with third parties, and needs to do more to provide context for that shared information, the Department of Homeland Security (DHS) Office of Inspector General (IG) said in an oversight report. […]

The Department of Energy (DoE) announced $45 million of investments that aim to create, accelerate, and test next-generation technology to protect the electric grid from cyberattacks and ensure the seamless offering of clean and cheap energy to Americans. […]

The need to move away from the use of passwords as a primary mode of authentication and security remains one of the most important steps that government and private sector organizations can take to improve security and move toward zero trust security, according to Kenny Harrison, Division Chief of the Telecommunications Office at the U.S. Census Bureau. […]

Office of Personnel Management (OPM) Chief Information Officer Guy Cavallo said today that his agency’s work with the General Services Administration’s (GSA) login.gov technology for authentication and identity proofing is paying off in OPM’s continuing efforts to make enterprise-wide technology improvements. […]

Microsoft has disrupted a Russian cybercriminal group named SEABORGIUM from conducting further cyberattacks that have heavily aligned with Russian state interest. […]

Implementation of Site Reliability Engineering (SRE) practices – which involve applying software engineering to DevOps and operations problems – is working through a number of hurdles including training issues, government and private sector experts explained at an August 11 event organized by ATARC. […]

Sen. Angus King, I-Maine; and Rep. Mike Gallagher, R-Wis., are asking Health and Human Services Secretary Xavier Becerra for a briefing on what HHS is doing to help share cyber threat data with members of the healthcare and public health (HPH) sector – particularly in light of ramped-up ransomware attacks against the sector in recent years. […]

Federal agencies need to adjust their cyber threat scanning protocols to ensure they are getting a full-scope analysis of possible risk factors within their networks, and are not just scratching the surface on risks, officials from the State Department said on August 11 at an event organized by Federal News Network. […]

Leading technology and security companies are banding together to share tools and products to better guard against cyberattacks, saying their security teams are spending more time correlating a blitz of unintegrated data than detecting and responding to threats. […]

The Cybersecurity and Infrastructure Security Agency (CISA) on Aug. 10 released a new cyber toolkit to help state and local election officials improve the cybersecurity and resilience of their infrastructure ahead of the midterm elections in November. […]

House Energy and Commerce Committee Chairman Frank Pallone, D-N.J., Ranking Member Cathy McMorris Rodgers, R-Wash., and subcommittee leaders sent letters on August 10 to five agencies inquiring about their progress in addressing the Apache Log4j vulnerability. […]

A new report from BlackBerry and Corvus Insurance finds that many businesses will struggle to bear the financial costs of ransomware attacks that are not already covered by their insurance companies, and that most of the businesses surveyed believe government should help victims recover from attacks that are linked to nation-states. […]

Chris Krebs, who led the Cybersecurity and Information Security Agency (CISA) from 2018 to 2020, said today that his vision for the Federal government’s next leap forward on the technology front involves creating a new “U.S. Digital Agency” that would combine elements of CISA and several other existing agencies to create an organization “focused on empowering better digital risk management services.” […]

A new report from the Department of Veterans Affairs (VA) Office of Inspector General (OIG) found that the agency is not effectively managing or coordinating its identity, credential, and access management (ICAM) program, and because of that is leaving information vulnerable to cyber intrusions. […]

Sen. Maggie Hassan, D-N.H., introduced legislation on August 4 that aims to strengthen the cybersecurity posture of small businesses by providing funding to Small Business Development Centers that will help businesses with security. […]

Nate Fick, President Biden’s nominee to serve as the ambassador at large to lead the State Department’s Bureau of Cyberspace and Digital Policy (CDP), laid out his initial priorities for the newly established bureau during an August 3 Senate Foreign Relations Committee hearing on his nomination. […]

The Senate Homeland Security and Governmental Affairs Committee approved by voice vote on August 3 two cybersecurity bills whose next stop is consideration by the full Senate. […]

The Environmental Protection Agency will be issuing a rule to extend its sanitary reviews of critical water systems to include cybersecurity, according to Anne Neuberger, the White House’s deputy national security advisor for cybersecurity and emerging technology. […]

Two Federal experts explained a range of cybersecurity risks faced by commercial satellite systems – and customers who rely on them – at a July 28 hearing of the House Science, Space, and Technology Committee’s subcommittee on Space and Aeronautics. […]

The Office of Management and Budget (OMB) and the Office of the National Cyber Director (ONCD) have issued marching orders to Federal civilian agencies to plan their cybersecurity investments for fiscal year 2024 around several priority goals. […]

The Office of the National Cyber Director (ONCD) has appointed Camille Stewart Gloster as the new deputy national cyber director (NCD) for Technology and Ecosystem Security. […]

Rep. Stephanie Bice, R-Okla., called for members of Congress as a whole to boost their own technology-related credentials so that the Federal government can achieve greater success in tech-related innovation and efficiency. […]

The Department of Homeland Security’s (DHS) Transportation Security Administration (TSA) has issued a new Security Directive, developed with input from industry, for pipeline owners and operators to implement cybersecurity measures. […]

The House Committee on Oversight and Reform has voted to advance the Improving Digital Identity Act, which aims to modernize the United States’ digital identity infrastructure and protect Americans from having their personal information stolen. […]

The Office of Personnel Management (OPM), during a government operations subcommittee of the House Oversight and Reform Committee hearing, said that it wants to work with Congress on developing a cyber workforce plan to compete for cyber talent. […]

To help healthcare organizations protect patients’ personal health information, the National Institute of Standards and Technology (NIST) has updated its cybersecurity guidance for the healthcare industry. […]