An alliance of nearly 50 countries has joined together to sign a policy statement pledging that their governments will not pay ransom demands to cybercriminals, a senior White House official said today. […]
The Department of Homeland Security (DHS) unveiled new cybersecurity evaluation metrics it will use to evaluate the cyber defenses of contractors before awarding contracts, the department announced in a notice published to Sam.gov on November 1. […]
With cybersecurity becoming ever more important to organizational success, a new report from ISC2 finds that the workforce gap in the cybersecurity sector across the globe has grown by 13 percent on a year-over-year basis since 2022, indicating the need to fill an additional four million more needed cybersecurity jobs. […]
With the 2024 presidential election quickly approaching, local election officials on Wednesday called on Congress for increased cybersecurity funding to update outdated IT infrastructure and help protect democracy. […]
Harry Coker – President Biden’s pick to serve as the nation’s second-ever permanent National Cyber Director (NCD) – sailed through his first Senate nomination hearing today with little to no opposition from lawmakers. Coker pledged that the workforce would be his top priority if confirmed to the chief cyber position. […]
U.S. Cyber Command (CYBERCOM) said it is conducting a focused internal defensive cyberspace project to improve the internal defensive capabilities of the service and its allies during the month of October. […]
A new report out this week from Zscaler ThreatLabz finds a 400 percent increase in internet of things (IoT) and operational technology (OT) malware attacks since 2022, underscoring the need for better zero trust security to protect critical infrastructures. […]
The Cybersecurity and Infrastructure Security Agency (CISA) is leading an effort to update the National Cyber Incident Response Plan (NCIRP) by the end of 2024, as directed in the Biden administration’s National Cybersecurity Strategy released earlier this year. CISA, in close coordination with the Office of the National Cyber Director (ONCD), is embarking on a […]
The top Republican on the House Homeland Security Cybersecurity and Infrastructure Protection Subcommittee – the congressional arm that maintains oversight of the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) – said today that an insufficient workforce remains the top cyber threat to our nation. […]
Many Federal agencies are looking to use AI as a key cybersecurity tool, but before agencies get too far ahead of themselves, U.S. Air Force Deputy Chief Information Officer (DCIO) Winston Beauchamp said on Tuesday that the number one thing agencies can do to improve their cybersecurity posture is to modernize their IT architecture. […]
Federal Chief Information and Security Officer (CISO) Chris DeRusha said today that as the Federal government is making real progress on cybersecurity, his “cup is actually half empty” when it comes to the security of AI. […]
The General Services Administration (GSA) is creating a voluntary questionnaire to gather pertinent cybersecurity supply chain risk management (C-SCRM) information from vendors. […]
A recent survey found that organizations victimized by ransomware attacks are increasingly deciding to pay the ransom demand to regain access to their systems and data. Those same organizations also are concerned that generative AI could enhance future attacks. […]
The Environmental Protection Agency (EPA) withdrew its memo this week that required states to include cybersecurity audits of U.S. water utilities through sanitary surveys. […]
The Executive Director of the Cybersecurity and Infrastructure Security Agency (CISA) said today that the threat posed by China within the cyber realm is evolving and much more serious today than it was a decade ago – particularly when it comes to potentially targeting the United States’ critical infrastructure. […]
A new paper issued this week by trade group BSA | The Software Alliance is urging policymakers to promote the use of AI as a tool to improve cybersecurity and counter malicious cyber actors. […]
Many Federal government agencies are having a difficult time filling cybersecurity roles with skilled personnel, but going forward, the FBI is placing an emphasis on building a diverse workforce to support its mission. […]
The Cybersecurity and Infrastructure Security Agency (CISA) published new guidance today to improve security and risk management of open source software (OSS) use at operational technology (OT) vendors and critical infrastructure facilities. […]
A newly released advisory from the Cybersecurity and Infrastructure Security Agency (CISA), in partnership with the National Security Agency (NSA), highlights the most common cybersecurity misconfigurations in large organizations. […]
New guidance from the Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) highlighted significant ongoing challenges Federal agencies and industry face in implementing security controls like multifactor authentication (MFA) to manage identity security. […]
The Transportation Security Administration (TSA) is finalizing permanent cybersecurity rules for critical pipeline operators. […]
The Advanced Research Projects Agency for Health (ARPA-H) is investing millions into projects that make advancements in technologies that protect the security of health data, the agency announced last week. […]
According to a new report out from the Government Accountability Office (GAO) on Thursday, the State Department has failed to fully implement its cybersecurity risk program and needs to take a number of steps to better protect its IT network and systems. […]
The Department of Defense (DoD) Inspector General (IG) announced last week that it plans to conduct an audit into the Cybersecurity Maturity Model Certification (CMMC) program – the Pentagon’s high-profile contractor cybersecurity program. […]
A new report from the Government Accountability Office (GAO) finds that Federal agencies and critical infrastructure owners must do a better job at sharing information to tackle increasingly complex cyber threats. […]
The Department of Homeland Security (DHS) – the Cybersecurity and Infrastructure Security Agency’s (CISA) parent agency – said yesterday that only 571 of CISA’s 3,117 employees would continue to work through a government shutdown – meaning that 79 percent of the agency’s staff would be staying home until government funding is restored. […]
Senate Intelligence Committee Chairman Mark Warner, D-Va., is calling on the White House’s Office of Management and Budget (OMB) to review all Federal agencies’ cybersecurity policies for internet of things (IoT) devices to ensure they meet National Institute of Standards and Technology (NIST) guidelines, as required by law. […]
Tech leaders from six prominent government agencies offered suggestions Tuesday for how they want to see the FITARA Scorecard categories improve, particularly when it comes to cybersecurity metrics. […]
The number two official at the Justice Department (DoJ) warned today that the pending government shutdown is “quite dangerous and quite irresponsible” in terms of the effect it would have on the nation’s ability to defend against cyber threats. […]
Today, the Cybersecurity and Infrastructure Security Agency (CISA) released the new Hardware Bill of Materials (HBOM) Framework for Supply Chain Risk Management product from the Information and Communications Technology (ICT) Supply Chain Risk Management (SCRM) Task Force. […]