The Government Accountability Office (GAO) is acknowledging strides that the Biden administration has taken this year to broadly improve cybersecurity, but is still encouraging the Federal government to take more steps to strengthen the cybersecurity of the nation’s critical infrastructure in light of several high-profile cyber incidents over the course of the past year. […]

Army DoD military Defense AI

The U.S. Army has awarded Cole Engineering Services a $957.7 million contract to develop, integrate and maintain the service’s enterprise Persistent Cyber Training Environment (PCTE). […]

Top cybersecurity officials from the Defense Department (DoD), Federal civilian agencies, and the private sector laid out their developing strategies for zero trust security migration, cloud adoption, and meeting requirements of the Biden administration’s Cybersecurity Executive Order at an October meeting of the Foundation for American Science and Technology (FAST). […]

With K-12 educational institutions increasingly targeted by ransomware and other cyber attacks during the coronavirus pandemic, the Government Accountability Office (GAO) is pushing the Department of Education to update its plans – which currently date from 2010 – for addressing cyber risks faced by schools. […]

The Pentagon is a very large building that houses a lot of the authorities for the U.S. Military. It's big. This photo doesn't do it justice, but they're kinda rightly concerned about people flying drones around there.

John Sherman, who has served as Acting CIO for the Department of Defense (DoD) and is the nominee to move into the position permanently, told members of the Senate Armed Services Committee at a confirmation hearing on October 28 that he wants to put in place a new strategy to develop DoD cyber talent, among other steps if his nomination is confirmed. […]

Cyber

The transition to zero trust security architectures is integral to the U.S. Department of the Army’s modernization efforts, said Army CIO Raj Iyer during an FCW virtual roundtable on October 27 where he explained security challenges that the service branch is facing and how the move to zero trust security concepts will help. […]

cybersecurity
War Fighter Cloud Military, headset, goggles

Nickolas Guertin, who President Biden nominated to be the Department of Defense’s (DoD) next director of Operational Test and Evaluation (DOT&E), sees testing for cyber threats and building cyber testing into the test and evaluation process a priority for the next DOT&E. […]

CISA

The Senate Appropriations Committee released nine appropriations bills for fiscal year (FY) 2022 on October 18 including a Homeland Security funding bill that would give the Cybersecurity and Infrastructure Security Agency (CISA) a 30 percent budget increase over FY2021 levels, to $2.638 billion. […]

On Oct. 8, President Joe Biden signed the bipartisan K-12 Cybersecurity Act of 2021 into law to provide school districts with resources to combat and protect themselves against cyberattacks. […]

capitol washington dc senate house congress-min

In a recent letter to the Department of Justice (DoJ), the Department of the Treasury (Treasury), the Department of State (State Department), and the Department of Homeland Security (DHS) lawmakers urge the agencies to pursue all options available to protect American communities and infrastructure from the growing threat of ransomware. They emphasized the need for stronger coordination between departments, primarily to address the role of cryptocurrency in ransomware attacks. […]

Paul Cunningham, chief information security officer (CISO) at the Department of Veterans (VA), explained this week how the agency is addressing cybersecurity vulnerabilities to protect its users and their health care and financial data as the agency has turned increasingly to providing telehealth services for veterans. […]

cybersecurity

Sen. Gary Peters, D-Mich., chairman of the Senate Committee on Homeland Security and Governmental Affairs, and Sen. Rob Portman, R-Ohio, the committee’s ranking member, have introduced legislation to require critical infrastructure entities to report cyberattacks to the Federal government, and to require most other entities to report to the government if they make a ransomware payment. […]

The Department of Commerce is seeking comment on questions related to the development of regulations to govern process and procedures the Commerce Secretary will use to deter foreign malicious cyber actors’ use of U.S. Infrastructure as a Service (IaaS) products and investigate foreign malicious cyber actors. […]

The hybrid work environment has created a previously unheard-of number of new endpoints that agencies need to protect. Federal officials examined the unique challenges that now exist as everything from computers to printers, mobile devices, and even sensors reside in and outside an agency’s walls during a September 1 GovLoop webinar. […]

cybersecurity

The House Committee on Energy and Commerce unanimously approved six cybersecurity and supply chain-related bills during a markup session on July 21. The committee’s vote sends these bills to the House floor for further consideration. […]

Federal agency chief information security officers (CISOs) talked about several aspects of the Biden administration’s cybersecurity executive order (EO) during a July 15 FedInsider webinar in which they flagged steps agencies should be taking to meet the order’s requirements. […]

cybersecurity

The Department of Defense’s (DoD) efforts to defend the cybersecurity of critical infrastructure in the U.S. require a stronger implementation strategy in its collaboration efforts with the Department of Homeland Security (DHS), according to an audit by the Office of the Inspector General (OIG). […]

Cybersecurity

According to a joint advisory from the National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and U.K.’s National Cyber Security Centre (NCSC), hackers from the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS) military unit – widely known as Fancy Bear or APT28 – utilized Kubernetes clusters to infiltrate targets in their global brute force campaign from mid-2019 through early 2021. […]

supply chain risk management process automation

Sens. Gary Peters, D-Mich., and Ron Johnson, R-Wis., introduced bipartisan legislation on July 1 that would create a cyber training program for Federal employees, aimed to help protect the Federal government against cyberattacks and supply chain security vulnerabilities. […]

Cybersecurity
security

The Cybersecurity and Infrastructure Security Agency (CISA) is developing a catalog of bad practices in cybersecurity to help critical infrastructure providers prioritize their cybersecurity responsibilities. The agency plans to keep updating the narrow list based on feedback from cybersecurity professionals. […]

cybersecurity

Organizations need a cybersecurity strategy to protect both infrastructure and customer data from growing cybersecurity threats. The Cybersecurity and Infrastructure Security Agency (CISA) developed the Cyber Essentials as a guide for small businesses and local government leaders to develop an actionable understanding of where to start implementing organizational cybersecurity practices. […]

capitol washington dc senate house congress-min

Senators Maggie Hassan D-N.H. and John Cornyn R-Texas, have introduced the  Federal Cybersecurity Workforce Expansion Act which aims to help strengthen U.S. cyber defenses and bolster the Federal government’s cyber workforce. […]

Categories