The Cloud Safe Task Force (CSTF) – comprised of four nonprofits: MITRE, the Cloud Security Alliance (CSA), the Advanced Technology Academic Research Center (ATARC), and the IT Acquisition Advisory Council (IT-AAC) – published a new set of recommendations today to establish a National Cyber Feed (NCF). […]
Incorporating artificial intelligence technologies into defense systems is critical to staying ahead of threat actors as the AI landscape rapidly changes and new cyber-threat trends emerge, according to a new Microsoft Digital Defense Report. […]
During its quarterly meeting on Friday, the Cybersecurity and Infrastructure Security Agency’s (CISA) Cybersecurity Advisory Committee (CSAC) approved recommendations in four reports delivered to Director Jen Easterly aimed at bolstering resilience for critical infrastructure and open source security, as well as ensuring adoption of the agency’s secure by design initiative and increasing the agency’s public outreach. […]
As artificial intelligence-assisted cyberattacks grow and deepfakes, data breaches, and other cybersecurity risks loom, AI will continue to be an asset to cyber defenders in the future but will also increase the capabilities of threat actors, according to a new report on the future of AI tech. […]
Members of Congress are looking for answers from both Federal agencies and U.S. telecommunications service providers following a report from the Wall Street Journal last week that says Chinese government hackers may have breached major U.S. phone and broadband companies’ wiretapping systems. […]
Government agencies and critical infrastructure entities are not prepared for a cyber conflict with China, according to a new draft report from a subcommittee of the Cybersecurity and Infrastructure Security Agency’s (CISA) Cybersecurity Advisory Committee (CSAC). […]
As the Federal government progresses in implementing cybersecurity frameworks to safeguard its networks, private sector leaders underscore that continuous adaptation of data backup and recovery plans are essential components of these frameworks. […]
A Government Accountability Office (GAO) director of cybersecurity and IT advised Federal agencies today to get ready and stay ready for when cyberattacks are inevitably going to take place. […]
A top official within the Office of the Director of National Intelligence’s (ODNI) Cyber Threat Intelligence Integration Center (CTIIC) painted a vivid picture today of the modern cyber landscape, and how the threat has evolved over the past decade to include both nation-state and non-aligned adversaries. […]
Wireless service provider T-Mobile has agreed to move to a “modern zero trust” security architecture, take steps to segment its networks, and implement some basic cyber hygiene practices under terms of a data breach settlement with the Federal Communications Commission (FCC). […]
The Federal Energy Regulatory Commission (FERC) proposed a new rule this month that aims to address the growing risks posed by malicious actors seeking to compromise the bulk-power system and related supply chains. […]
With nation-state and criminal adversaries in attack mode and putting an ever-higher premium on cyber resilience, some of the best practitioners on the Federal cybersecurity landscape are gathering online at the Rubrik Public Sector Summit on Oct. 8 from 1 p.m. to 4 p.m. Eastern time to explore the next steps toward stronger resilience, and you are invited to join. […]
The Department of Health and Human Services (HHS) would be required to develop and implement “tough” minimum cybersecurity standards for the healthcare sector under legislation introduced to the Senate on Thursday. […]
Amid a rapidly evolving digital landscape that has made data security a top concern for Federal agencies and industry, holistic and continuous approaches to cybersecurity are important for safeguarding data and applications which depend on secure data, the chief information security officer of the Consumer Financial Protection Bureau (CFPB) said today. […]
While a senior CrowdStrike official issued blanket apologies to House lawmakers at a Sept. 24 subcommittee hearing for the widespread Windows outages sparked on July 19 by a faulty software update from the company, leaders of the House Homeland Security Cybersecurity and Infrastructure Protection Subcommittee positioned the CrowdStrike outage – and process improvements the company is undertaking to avoid any repeat performance – also as a teachable moment for all concerned. […]
After what feels like an eternity in regulatory limbo, the Department of Defense’s (DoD) long-awaited cybersecurity compliance policy cleared the regulatory review process, moving toward Congressional review before it becomes law. […]
The Office of Personnel Management (OPM) has extended the direct hiring authority for STEM and cybersecurity positions through 2028, the agency announced in a memo on Monday. […]
A new report from MeriTalk – issued in partnership with Rep. Gerry Connolly, D-Va. – reveals that cybersecurity is the top priority for Federal chief information officers (CIOs) in fiscal year (FY) 2025. […]
Transportation Department (DoT) CIO Cordell Schachter emphasized top findings of the “Digital Dozen” Federal chief information officers whose thinking underpins MeriTalk’s “Tech Tonic: FY25 Federal CIO Forecast” report in remarks at Tech Tonic on Sept. 19, and how important it is for the Federal government to modernize IT systems to address many of those priorities. […]
The Government Accountability Office (GAO) is issuing more than a dozen recommendations to the Department of Health and Human Services (HHS) after it discovered that HHS has failed to implement all the key privacy safeguards for its pandemic IT systems that collect and store personally identifiable information (PII). […]
What are government agencies’ top tech priorities for 2025? We skipped the speculation and went straight to the real experts – the Federal agency chief information officers (CIO) – for those answers. […]
Eighteen of the 24 largest Federal agencies have failed to establish guidance on service level agreements for their cloud providers – ignoring one of the five key requirements put in place by the White House. […]
CSC 2.0 – the private sector successor to the government’s Cyberspace Solarium Commission – is teeing up a series of cybersecurity-related legislative and policy actions that it says the next administration and Congress still needs to pursue. […]
How did 18 of the 24 largest Federal agencies improve their overall grades on the 18th edition of the FITARA Scorecard issued today? […]
The head of the FBI said today that the bureau has successfully taken offline a Chinese hacking group known as “Flax Typhoon.” […]
The Cybersecurity and Infrastructure Security Agency (CISA) unveiled a new plan Monday to align collective operational defense capabilities across the Federal government and drive down cybersecurity risks to more than 100 Federal Civilian Executive Branch (FCEB) agencies. […]
House Committee on Oversight and Accountability leaders from both sides of the aisle introduced new legislation today to expand and strengthen the Federal Acquisition Security Council (FASC) and give it more authority to keep adversarial technology out of Federal government tech supply chains. […]
The events of 9/11 – and more recently, the SolarWinds cyber incident – have illuminated a vital lesson: seamless collaboration across the intelligence community, Federal agencies, industries, academia, and international partners is essential for a comprehensive understanding of national security threats, a senior intelligence official said this week. […]
With 40 out of 60 planned sites slated for fiscal year (FY) 2024 now operational, the Defense Information Systems Agency (DISA) is aiming for full deployment of its Thunderdome zero trust network initiative by FY 2027, according to a senior agency official. […]
The National Telecommunications and Information Administration (NTIA) wants more information on the challenges surrounding data center growth, resilience, and security “amidst a surge of computing power demand due to the development of critical and emerging technologies.” […]