The Department of Defense (DoD) has improved its cybersecurity efforts since 2018, but still lacks clear cybersecurity guidelines in acquisition program contracts, a recent Government Accountability Office (GAO) report said. […]

The House Homeland Security and Oversight and Reform committees held a joint public hearing today to discuss the Russia-based hack of government and private sector networks via SolarWinds Orion products. During the hearing, both the private sector witnesses and members of Congress called for better cybersecurity practices, legislation, and increased information sharing. […]

Department of Homeland Security (DHS) Secretary Alejandro Mayorkas on Feb. 22 announced several steps to help meet President Biden’s goal to advance cybersecurity in the Federal government, including increasing spending to improve cybersecurity in some areas. […]

Two influential House committees said they will hold a public hearing into the Russia-based hack of government and private sector networks via SolarWinds Orion products, along with other recent attacks, on Feb. 26 at 9 a.m. […]

The General Services Administration’s (GSA) insider threat program (ITP) is failing to adequately protect GSA personnel, facilities, and systems from insider threats, according to a recent report from the agency’s Office of Inspector General. […]

The Election Infrastructure Government Coordinating Council – whose leadership spans Federal, state, and local government election officials – applauded inter-government cooperation on implementing cybersecurity safeguards in the 2020 election cycle, and pledged to use lessons learned going forward to improve election security and resiliency. […]

Officials from the Defense Department (DoD) and the Cybersecurity and Infrastructure Security Agency (CISA) said today that creating more effective defenses against sophisticated cyberattacks of the type used in the SolarWinds Orion hack may require further adoption of zero trust security concepts. […]

It has been nearly a year since the Federal workforce had to shift to telework practically overnight. While the Federal government was already working to increase telework capabilities, COVID-19 forced agencies to modernize at warp speed. After making sure employees had the devices they need, agencies had to ensure that cybersecurity capabilities remained strong even though employees were now working on their home networks. […]

The leader of the Federal government’s investigation of the Russia-backed hack of government and private sector networks via SolarWinds Orion products said Feb. 17 that the attack “compromised” nine Federal government networks – matching with earlier estimates from Federal law enforcement and intelligence agencies that “follow-on” activity by the hackers after initial breaches via software downloads were seen in “fewer than 10” Federal agencies. […]

Sen. Mark Warner, D-Va., chairman of the Senate Intelligence Committee, is asking the FBI and the Environmental Protection Agency (EPA) to provide more information on the recent attempt by cyber criminals to poison the water supply at an Oldsmar, Fla. water treatment facility. […]

In an audit of the Defense Department’s (DoD) cybersecurity requirements for weapon systems in the operations and support (O&S) phase of the DoD acquisition lifecycle, the DoD Inspector General (IG) highlighted five weapon systems that have been successfully updating cybersecurity requirements and meeting Risk Management Framework requirements. […]

After Sens. Mark Warner, D-Va., chairman of the Senate Intelligence Committee, and Marco Rubio, R-Fla., the committee’s ranking member, called for the designation of a single official to lead the U.S. response to the Russia-backed hack of thousands of government and private-sector networks via SolarWinds Orion products, the White House confirmed to the senators that Deputy National Security Advisor Anne Neuberger is leading the effort. […]

Anne Neuberger, deputy national security advisor for cyber and emerging technology on President Biden’s National Security Council (NSC), said this week that the administration is working on a new national cybersecurity strategy and that it will likely feature some of the recommendations that have already been made by the President’s National Security Telecommunications Advisory Committee (NSTAC) but not yet implemented. […]

As agencies are scrambling to recover and build up their cybersecurity from the Russia-backed hack of thousands of government and private-sector networks via SolarWinds Orion products, Federal agency leaders say it will not be easy. […]

The Federal Energy Regulatory Commission (FERC) is proposing a rule change that would provide rate incentives for electric companies that go “above and beyond” current regulations in their cybersecurity investments. […]

The 117th Congress is finalizing its lineup of new leadership for House committees and subcommittees. Although some committee leadership remains the same, here are the names to pay attention to in the Federal IT world. […]

The National Institute of Standards and Technology (NIST) has issued a Special Publication (SP) to help organizations protect sensitive information on different electronic systems from state-sponsored hacking. […]

The Department of Defense’s (DoD) Defense Innovation Unit (DIU) has invested in a cybersecurity platform to upgrade their “cyber threat detection and intelligence-gathering capabilities,” according to a Jan. 25 press release. […]

Sens. Maggie Hassan, D-N.H., and John Cornyn, R-Texas, reintroduced a bill that would support the National Guard in helping state and local governments improve their cybersecurity, citing “the SolarWinds attack and continued cyberattacks connected to the COVID-19 pandemic.”  […]

Denis McDonough, President Biden’s nominee for secretary of the Department of Veterans Affairs (VA), plans to make cybersecurity “a key priority” if confirmed, along with IT modernization efforts and expansion of broadband services. […]

Four lawmakers are criticizing Secretary of State Mike Pompeo’s approval of a new cybersecurity and emerging technologies bureau and calling for President-elect Joe Biden to hit pause when he is sworn in and takes office. […]

The National Security Agency (NSA) announced Rob Joyce will take over as the agency’s Director of Cybersecurity, replacing Anne Neuberger. […]

President-elect Joe Biden has officially nominated Anne Neuberger as Deputy National Security Advisor for Cyber and Emerging Technology on the President’s National Security Council (NSC). […]

The National Security Agency (NSA) issued its first Cybersecurity Year In Review report, highlighting key achievements from 2020 – including encryption work for the Pentagon – and looking ahead to threats for 2021. […]

Secretary of State Mike Pompeo approved the establishment of the Bureau of Cyberspace Security and Emerging Technologies (CSET) within the Department of State on Thursday to lead diplomatic efforts to deflect cyberattacks from foreign countries.  […]

President-elect Joe Biden has chosen cybersecurity veteran Lisa Monaco as his nominee for Deputy Attorney General at the Justice Department (DoJ), and according to a Politico report, is getting ready to name Anne Neuberger deputy national security adviser for cybersecurity on the President’s National Security Council (NSC). […]

The Cybersecurity and Infrastructure Security Agency (CISA) warned today that threats to government networks caused by previously reported breaches of SolarWinds Orion products pose a “grave risk” to Federal government, state, tribal and territorial governments, critical infrastructure entities, and other private-sector organizations. […]

The Cybersecurity and Infrastructure Security Agency (CISA) is requiring all Federal civilian agencies to disconnect or turn off any SolarWinds Orion products by noon today, as a nation-state hack of the tools pose a significant cybersecurity threat and is linked to a hack at the Treasury and Commerce Departments. […]