Former chief of the U.S. Fleet Cyber Command said today that the Federal government and industry must be prepared to work together in the face of adversarial attacks against U.S. critical infrastructure like the electric grid. […]

The Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) published its long-awaited cyber incident reporting rule today for the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA), requesting public input on the forthcoming regulations. […]

Sen. Mark Warner, D-Va. – co-chair of the Senate Cybersecurity Caucus – introduced legislation that would provide financial incentives for healthcare providers to boost their cyber defense by requiring them to meet minimum cybersecurity standards in order to receive accelerated payment in the event of a cyberattack. […]

Following the discovery of a Chinese-based hacking group compromising U.S. critical infrastructure, the White House – in collaboration with the Environmental Protection Agency (EPA) – announced plans this week to form a Water Sector Cybersecurity Task Force. […]

Two of the Federal government’s top cybersecurity officials praised a new White House report this week that offers four recommendations to fortify the resilience of the nation’s critical infrastructure – including establishing performance goals and ramping up funding for agencies that oversee the sectors. […]

Tech policy experts on Capitol Hill said Thursday that the recent AT&T outage across the nation showed the importance of the resiliency of America’s critical infrastructure. […]

Federal agencies called on all organizations today to urgently implement a series of cybersecurity actions after discovering that a Chinese-based hacking group has compromised the IT environments of multiple U.S. critical infrastructure organizations – with the end goal of a future cyberattack. […]

Top cybersecurity and critical infrastructure experts voiced concerns to lawmakers today at a House Homeland Security Subcommittee hearing that neither the government nor the private sector are doing enough to secure operational technology (OT) networks of critical infrastructure organizations. […]

In joint guidance released on Jan. 17, the Cybersecurity and Infrastructure Security Agency (CISA) – alongside the FBI – is warning critical infrastructure and state, local, tribal, and territorial partners of  cybersecurity threats posed by Chinese-manufactured unmanned aircraft systems (UAS), more commonly known as drones. […]

The Department of Energy’s (DoE) Office of Cybersecurity, Energy Security, and Emergency Response (CESER) has announced up to $70 million in funding to support research into technologies designed to increase resilience and reduce risks to energy delivery infrastructure from a variety of hazards, including cyber threats.  […]

The Cybersecurity and Infrastructure Security Agency (CISA) and the FBI cautioned today that the LockBit ransomware gang is exploiting the Citrix Bleed security flaw in exploits against critical infrastructure sectors, according to a joint cybersecurity advisory (CSA) issued with the Multi-State Information Sharing and Analysis Center and the Australian Cyber Security Center.  […]

The Environmental Protection Agency (EPA) withdrew its memo this week that required states to include cybersecurity audits of U.S. water utilities through sanitary surveys. […]

The Executive Director of the Cybersecurity and Infrastructure Security Agency (CISA) said today that the threat posed by China within the cyber realm is evolving and much more serious today than it was a decade ago ­– particularly when it comes to potentially targeting the United States’ critical infrastructure. […]

Although the Federal government has made progress in protecting U.S. critical infrastructure through a largely voluntary approach, Federal Chief Information Security Officer (CISO) Chris DeRusha today called for minimum cybersecurity requirements for critical infrastructure. […]

The President’s National Infrastructure Advisory Council (NIAC) made a broad call Monday for the creation of a National Water Strategy to ensure the nation can deliver sustainable critical infrastructure systems that are responsive to cyber threats. […]

The Cybersecurity and Infrastructure Security Agency (CISA) is launching a new program that will collect information to provide tailored technical assistance, services, and resources to critical infrastructure (CI) organizations and state, local, Tribal, and territorial (SLTT) governments. […]

The Cybersecurity and Infrastructure Security Agency (CISA) is looking to add a “select number” of critical infrastructure (CI) partnerships with industry to its CyberSentry program, CISA Associate Director for Threat Hunting Jermaine Roebuck wrote in a June 29 blog post. […]

The Intelligence and National Security Alliance (INSA) released a new white paper last week that outlines the importance of public-private collaboration in cybersecurity.  […]

The Transportation Security Administration (TSA) has issued a new cyber amendment to the security programs of TSA-regulated airport and aircraft operators, on the tail of Biden-Harris administration’s release of its national cyber strategy. […]

Democratic members of the House Homeland Security Committee are calling on Federal domestic security agencies to provide them with more information on “racially- or ethnically-motivated violent” cyberattacks to the nation’s critical infrastructure. […]

A new report from the Government Accountability Office (GAO) is calling on Federal agencies to better protect critical infrastructure sectors by conducting Internet of Things (IoT) and operational technology (OT) risk assessments, as well as developing better metrics to assess their existing IoT and OT efforts. […]

The Transportation Security Administration (TSA) is seeking input on ways to strengthen cybersecurity and resiliency in the pipeline and rail sectors, according to the agency’s advance notice of proposed rulemaking (ANPRM) published on Nov. 30. […]

The Biden administration plans to launch a process to review and revise U.S. critical infrastructure protection policy, including providing guidance to agencies on designating certain critical infrastructure (CI) as “systemically important.” […]

The National Institute of Standards and Technology (NIST) plans to create a cybersecurity practice guide for the water and wastewater utilities sector, according to an announcement published last week. […]

Improving the cybersecurity of the water critical infrastructure sector, K-12 schools, and healthcare sector are among the top priorities for the Cybersecurity and Infrastructure Security Agency (CISA), agency Director Jen Easterly said today during Mandiant’s mWISE conference in Washington. […]

A Federal advisory committee this week approved a set of recommendations to help the Cybersecurity and Infrastructure Security Agency (CISA) protect critical infrastructure, even as the panel criticized some of the government’s current efforts to do so as unfocused and lacking clear national goals. […]

As the Russian invasion of Ukraine continues through its second month with no let-up in sight, Federal cybersecurity and law enforcement officials are warning that they still see indications of potential Russian cyberattacks on United States critical infrastructure, and are reiterating their “Shields Up” warning to meet those potential threats. […]

As the Russian government explores its options for potential cyberattacks on United States critical infrastructure, witnesses today urged members of the House Committee on Homeland Security to increase collaboration and information sharing efforts with industry stakeholders. […]

The late-day warning on Monday from President Biden and White House national security officials that the Russian government is exploring options for potential cyberattacks against U.S. critical infrastructure targets appeared to turn many heads in the Federal cybersecurity community that is by now long-used to receiving and generating cybersecurity advisories. […]

The White House issued a call to action today to critical infrastructure (CI) companies to strengthen their cyber defenses, based on evolving threat intelligence that the Russian government is exploring options for potential cyberattacks on U.S. critical infrastructure. […]