As the Russian government explores its options for potential cyberattacks on United States critical infrastructure, witnesses today urged members of the House Committee on Homeland Security to increase collaboration and information sharing efforts with industry stakeholders. […]

The General Services Administration’s five-year strategic plan published on March 31 weaves the developing issues of telework, cybersecurity, IT-driven citizen service improvements, and adoption of further acquisition technologies throughout much of the agency’s wide-ranging work plans for fiscal years 2022 through 2026. […]

Rep. August Pfluger, R-Texas., has introduced a bill that aims to protect critical U.S. infrastructure – including the energy sector – from cyberattacks from foreign nation-states. […]

Today every Federal agency is working to implement zero trust. Each will begin in a unique place that is dictated by its current cybersecurity posture, cybersecurity investments, and agency missions. Still, many questions must be answered as agencies plot their zero-trust journey. Which pillar in the Zero Trust Maturity Model is most urgent? Which data is more vulnerable to attacks? How do you find and classify the most sensitive information? […]

While the zero trust security model has been widely recognized as an effective approach to preventing and mitigating data breaches, an official with the Cybersecurity and Infrastructure Security Agency (CISA) said this week there are several misconceptions Federal agencies have which make them skeptical about adopting the framework. […]

The House of Representatives passed the Better Cybercrime Metrics Act March 29, which aims to give the Federal government increased visibility into cybercrime data, sending the bill to the President’s desk for his signature. […]

Reps. Frank Mrvan, D-Ind., Nancy Mace, R-S.C., Susie Lee, D-Nev., and Andrew Garbarino, R-N.Y., have introduced legislation that aims to strengthen cybersecurity at the Department of Veterans Affairs (VA) and better protect information technology systems and devices used at the agency. […]

The White House released President Biden’s fiscal year (FY) 2023 budget request today, with a top-line number of $5.8 trillion and featuring proposals to spend $10.9 billion for civilian cybersecurity measures – marking an 11 percent increase in civilian agency cyber spending from reported FY2022 levels. […]

Senate Homeland Security and Governmental Affairs Committee Chairman Gary Peters, D-Mich., said today he has found the lack of Russian cyberattacks thus far “surprising,” and warned the United States and other countries “to expect more to happen.” […]

The late-day warning on Monday from President Biden and White House national security officials that the Russian government is exploring options for potential cyberattacks against U.S. critical infrastructure targets appeared to turn many heads in the Federal cybersecurity community that is by now long-used to receiving and generating cybersecurity advisories. […]

We sat down in recent days with Amy Gilliland, who has run General Dynamics Information Technology as president for going on five years, to talk mostly about how the company is helping Federal agencies cybersecurity and zero trust policy mandates, but in the course of a wide-ranging conversation came away with a whole lot more. […]

The White House issued a call to action today to critical infrastructure (CI) companies to strengthen their cyber defenses, based on evolving threat intelligence that the Russian government is exploring options for potential cyberattacks on U.S. critical infrastructure. […]

Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly has set what she called an “ambitious goal” to fill talent gaps in the cybersecurity industry by targeting a 50 percent share of that workforce for women by 2030. […]

Puesh Kumar, director of the Energy Department’s Office of Cybersecurity Energy Security and Emergency Response (CESER), detailed several steps that the agency is taking to implement executive branch and DoE supply chain security policies during a virtual event hosted by FCW on March 16. […]

Federal chief information security officers (CISOs) today recommended that as Federal agencies implement zero trust security architectures they also put in place continuous training programs for their workforce to keep employees up to date on the technology and best practices. […]

The Government Accountability Office (GAO) said its strategic plan for 2022-2027 features significant emphasis on cybersecurity issues including the government’s capabilities to boost cyber defenses against foreign government influence campaigns, and the Defense Department’s ability to meet cyber threats across multiple domains. […]

A bipartisan group of 22 senators is asking the Department of Homeland Security (DHS), the Cybersecurity and Infrastructure Security Agency (CISA) and other Federal cybersecurity agencies for an update on what steps the government is taking to safeguard the United States and its critical infrastructure sectors against Russia-backed cyber and disinformation threats. […]

While Russia’s war in Ukraine continues, the cyberattacks coming from the invading country have, surprisingly, been rather mild and contained, Senator Mark Warner, D-Va., said today. […]

President Biden was poised late Friday to sign a full-year appropriations bill for fiscal year (FY) 2022 ending Sept. 30, after the Senate passed the spending bill late March 10. […]

The House of Representatives late on March 9 passed the long-awaited full-year appropriations bill for fiscal year (FY) 2022 ending Sept. 30, along with a four-day continuing resolution (CR) to give the Senate a few more days to shepherd the full-year omnibus spending bill to passage. […]

House and Senate Appropriations Committees today unveiled a full-year omnibus spending bill covering Federal government operations for the rest of fiscal year (FY) 2022 that ends on Sept. 30. […]

The White House’s Office of Management and Budget (OMB) is urging agencies to “immediately” implement the National Institute of Standards and Technology (NIST) guidance on software supply chain security. […]

Google said today it agreed to buy cybersecurity defense and response services provider Mandiant for $5.4 billion in cash. After the acquisition closes, Google will wrap Mandiant into its Google Cloud business. […]

While President Biden’s 2021 cybersecurity executive order (EO) doesn’t address all of the Federal government’s cybersecurity needs, a security expert from the Cybersecurity and Infrastructure Security Agency (CISA) said the EO’s goal drives toward prioritization of the government’s most pressing needs – rather than a fix-all approach. […]

The Federal Communications Commission (FCC) has launched a Notice of Inquiry (NOI) to seek comments on cyber risks to the Border Gateway Protocol (BGP) – the routing protocol for the Internet – in response to increasing cyber threats following Russia’s invasion of Ukraine. […]

A group of nonprofits focusing on cybersecurity and implementation have formed a coalition to develop, share, deploy, and increase awareness of best cybersecurity practices, tools, standards, and services across the public and private sectors. […]

With tensions mounting between Russia and Ukraine, the Cybersecurity and Infrastructure Security Agency (CISA) is warning critical infrastructure (CI) owners and operators – as well as any other United States-based organizations – to keep their guard up. To help organizations do that, the cybersecurity agency released insights for the CI sector, as well as a new webpage Feb. 18 to help organizations better steel themselves against a potential Russian cyber threat. […]

The Cybersecurity and Infrastructure Security Agency (CISA) has launched a new webpage featuring a catalog of free cybersecurity tools and resources that the agency hopes will serve as a “one-stop resource where organizations of all sizes can find free public and private sector resources to reduce their cybersecurity risk.” […]

The White House’s top cybersecurity advisor today blamed Russia for cyberattacks earlier this week against the Ukrainian government and banking sectors and said that the U.S. is actively helping Ukraine to fend off cyber assaults in the run-up to a possible Russian military invasion of that country. […]

Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly made a strong pitch on Feb. 17 for the agency’s push to create an underlying culture of organizational success that she said is critical to creating optimal performance at the nation’s cyber defense agency. […]