The National Security Agency (NSA) published its 2023 Cybersecurity Year in Review this week to share its recent cybersecurity successes, including the agency’s work to enhance national security through artificial intelligence, strategic competition, and more. […]
The Cybersecurity and Infrastructure Security Agency (CISA) issued a formal request for information (RFI) in the Federal Register today looking for feedback on its secure-by-design software practices. […]
The Department of Defense’s (DoD) Defense Digital Service (DDS) has announced that its Hack the Pentagon program has launched a continuous bug bounty program that will expand to the Chief Digital and Artificial Intelligence Office (CDAO) assets and beyond. […]
The Cybersecurity and Infrastructure Security Agency (CISA) said that it will begin a two-year strategic effort to modernize its approach to enterprise cyber threat information sharing in 2024 “to maximize value to our partners and keep pace with a changing threat environment.” […]
Microsoft announced this week that the company has taken down websites and other online assets used by the Storm-1152 cybercrime group, which the company said is the “number one seller and creator of fraudulent Microsoft accounts.” […]
The Cybersecurity and Infrastructure Security Agency (CISA), as part of its Secure Cloud Business Applications (SCuBA) program, released a series of nine security configuration baselines for Google Workspace today, including applications like Gmail, Google Drive, and Google Meet. […]
The Department of Health and Human Services (HHS) has released a concept paper that outlines the department’s cybersecurity strategy for the healthcare sector, detailing four key actions it will take to advance cyber resiliency in the sector. […]
Gen. Paul Nakasone, who heads both the National Security Agency (NSA) and the U.S. Cyber Command (CYBERCOM), today called for a revamped “CYBERCOM 2.0,” aligning with similar calls from Congress for an independent U.S. Cyber Force. […]
A top White House cybersecurity official said Thursday that the administration’s “U.S. Cyber Trust Mark” program is on track to be released by the end of 2024. […]
The White House is calling on Federal agencies to prioritize creating internet of things (IoT) asset inventories by the end of fiscal year (FY) 2024 as a way to better gauge cybersecurity risks. […]
Twenty of the 23 civilian Chief Financial Officers (CFO) Act of 1990 agencies have failed to meet the White House’s cyber incident logging requirements by an August 2023 deadline, and according to a Dec. 4 watchdog report, 17 of these agencies were found to be at the lowest level of maturity – tier 0 – in that category. […]
The Cybersecurity and Infrastructure Security Agency (CISA) – along with the National Security Agency (NSA), Environmental Protection Agency (EPA), and the Israel National Cyber Directorate (INCD) – have released a new cybersecurity advisory warning of continued Iranian-backed cybersecurity attacks aimed towards American and Israeli water and wastewater systems (WWS). […]
The Federal Cybersecurity Workforce Expansion Act has been reintroduced in the House as part of a bipartisan, bicameral effort to strengthen the nation’s cyber defenses and cybersecurity workforce by creating two new training programs within the Federal government. […]
The Office of Personnel Management (OPM) has announced the launch of advertisements for its government-wide Federal Rotational Cyber Workforce Program, meaning Federal cybersecurity employees can now apply to rotational assignments at agencies outside of their own. […]
Lawmakers and expert witnesses discussed ways the U.S. can better ensure Federal software systems are protected against cyberattacks from hostile foreign nations like China during a House Oversight Cybersecurity, Information Technology, and Government Innovation Subcommittee hearing on Wednesday. […]
Identity solutions provider Okta said this week that the hack of its customer support management system disclosed in October impacted many more of its customers than previously thought, but did not impact its FedRAMP High and Defense Department IL4 environments used by the Federal government. […]
The Intelligence Advanced Research Projects Activity (IARPA) is seeking to provide novel technologies to improve the response of both law enforcement and the intelligence community (IC) in attributing the sources of malicious cyberattacks. […]
The Cybersecurity and Infrastructure Security Agency (CISA) – in partnership with the United Kingdom’s National Cyber Security Centre (NCSC) – has released guidelines to help AI developers make informed cybersecurity decisions. […]
The Department of Navy on Tuesday released its inaugural Department of the Navy Cyber Strategy, which identifies seven distinct lines of effort to enhance the naval services’ cybersecurity posture and emphasizes cyber as a warfighting domain. […]
The Department of Energy’s Idaho National Laboratory (INL) has suffered a significant data breach that exposed the data of employees including included addresses, Social Security numbers, and bank account information. […]
The Cybersecurity and Infrastructure Security Agency (CISA) has announced it will relaunch its Cybersecurity Insurance and Data Analysis Working Group (CIDAWG) to help combat ransomware, evaluate the effectiveness of security controls, and drive down cyber risk. […]
The Cybersecurity and Infrastructure Security Agency (CISA) has announced the launch of its new Cybersecurity Shared Services Pilot Program, which is designed to deliver cutting-edge cybersecurity shared services on a voluntary basis to critical infrastructure entities such as the healthcare, water, and K-12 education sectors. […]
The White House is working closely with Congress to develop legislation that would establish a Cyber Workforce Development Institute, as directed by the Biden administration’s National Cyber Workforce and Education Strategy. […]
The National Institute of Standards and Technology (NIST) on Nov. 9 released new draft guidance of revised cybersecurity requirements for protecting sensitive unclassified information housed by non-Federal systems and organizations including government contractors. […]
General Dynamics Information Technology (GDIT), in partnership with Splunk, has released a new research study on Federal agencies’ defensive cyber operations, revealing the vital role of AI in preemptively identifying and mitigating cyber threats. […]
Microsoft announced new security upgrades late last week to better protect its customers against cyber threats, including improved security protections for identity signing keys. […]
An alliance of nearly 50 countries has joined together to sign a policy statement pledging that their governments will not pay ransom demands to cybercriminals, a senior White House official said today. […]
The Department of Homeland Security (DHS) unveiled new cybersecurity evaluation metrics it will use to evaluate the cyber defenses of contractors before awarding contracts, the department announced in a notice published to Sam.gov on November 1. […]
With cybersecurity becoming ever more important to organizational success, a new report from ISC2 finds that the workforce gap in the cybersecurity sector across the globe has grown by 13 percent on a year-over-year basis since 2022, indicating the need to fill an additional four million more needed cybersecurity jobs. […]
With the 2024 presidential election quickly approaching, local election officials on Wednesday called on Congress for increased cybersecurity funding to update outdated IT infrastructure and help protect democracy. […]