The Cybersecurity and Infrastructure Security Agency (CISA) issued a formal request for information (RFI) in the Federal Register today looking for feedback on its secure-by-design software practices. […]
By Jeff Stewart, Vice President, Product, SolarWinds The exponential growth of digital government has led to unprecedented security breaches across the supply chain. To address these threats, in 2021 the Biden administration enacted Executive Order 14028 intensifying scrutiny over vendors’ software supply chain. Subsequently, in 2023 the National Cybersecurity Strategy was introduced, urging software vendors […]
The Cybersecurity and Infrastructure Security Agency (CISA) said that it will begin a two-year strategic effort to modernize its approach to enterprise cyber threat information sharing in 2024 “to maximize value to our partners and keep pace with a changing threat environment.” […]
Microsoft announced this week that the company has taken down websites and other online assets used by the Storm-1152 cybercrime group, which the company said is the “number one seller and creator of fraudulent Microsoft accounts.” […]
The Cybersecurity and Infrastructure Security Agency (CISA), as part of its Secure Cloud Business Applications (SCuBA) program, released a series of nine security configuration baselines for Google Workspace today, including applications like Gmail, Google Drive, and Google Meet. […]
The Department of Health and Human Services (HHS) has released a concept paper that outlines the department’s cybersecurity strategy for the healthcare sector, detailing four key actions it will take to advance cyber resiliency in the sector. […]
The U.S. Air Force laid out a list of steps it is taking to better protect and regulate access to classified data in the wake of last summer’s “Discord” breach that exposed to the public hundreds of classified military and intelligence agency documents, according to a Dec. 11 report that details the service branch’s responses to the breach. […]
A top White House cybersecurity official said Thursday that the administration’s “U.S. Cyber Trust Mark” program is on track to be released by the end of 2024. […]
The White House is calling on Federal agencies to prioritize creating internet of things (IoT) asset inventories by the end of fiscal year (FY) 2024 as a way to better gauge cybersecurity risks. […]
Twenty of the 23 civilian Chief Financial Officers (CFO) Act of 1990 agencies have failed to meet the White House’s cyber incident logging requirements by an August 2023 deadline, and according to a Dec. 4 watchdog report, 17 of these agencies were found to be at the lowest level of maturity – tier 0 – in that category. […]
The Cybersecurity and Infrastructure Security Agency (CISA) – along with the National Security Agency (NSA), Environmental Protection Agency (EPA), and the Israel National Cyber Directorate (INCD) – have released a new cybersecurity advisory warning of continued Iranian-backed cybersecurity attacks aimed towards American and Israeli water and wastewater systems (WWS). […]
The Federal Cybersecurity Workforce Expansion Act has been reintroduced in the House as part of a bipartisan, bicameral effort to strengthen the nation’s cyber defenses and cybersecurity workforce by creating two new training programs within the Federal government. […]
The Office of Personnel Management (OPM) has announced the launch of advertisements for its government-wide Federal Rotational Cyber Workforce Program, meaning Federal cybersecurity employees can now apply to rotational assignments at agencies outside of their own. […]
Lawmakers and expert witnesses discussed ways the U.S. can better ensure Federal software systems are protected against cyberattacks from hostile foreign nations like China during a House Oversight Cybersecurity, Information Technology, and Government Innovation Subcommittee hearing on Wednesday. […]
While every Federal agency is now required to identify network assets and vulnerabilities and provide data to the Cybersecurity and Infrastructure Security Agency (CISA) regularly under CISA’s Binding Operational Directive (BOD), Improving Asset Visibility and Vulnerability Detection on Federal Networks, gaps persist. Bad actors continue to exploit known vulnerabilities, some of which are the consequence of highly interconnected systems and data sharing between the public and private sectors. […]
The Intelligence Advanced Research Projects Activity (IARPA) is seeking to provide novel technologies to improve the response of both law enforcement and the intelligence community (IC) in attributing the sources of malicious cyberattacks. […]
The Department of Navy on Tuesday released its inaugural Department of the Navy Cyber Strategy, which identifies seven distinct lines of effort to enhance the naval services’ cybersecurity posture and emphasizes cyber as a warfighting domain. […]
The Cybersecurity and Infrastructure Security Agency (CISA) said today it is aiming to responsibly use artificial intelligence (AI) technologies in its missions to protect Federal civilian agencies and critical infrastructure sectors, while also assisting government and private sector organizations in making sure that the AI-enabled software they use is secure by design. […]
The Department of Homeland Security (DHS) on Thursday unveiled its new Office of Homeland Security Statistics (OHSS), which aims to advance DHS’s statistical reporting and analysis capabilities. […]
General Dynamics Information Technology (GDIT), in partnership with Splunk, has released a new research study on Federal agencies’ defensive cyber operations, revealing the vital role of AI in preemptively identifying and mitigating cyber threats. […]
Microsoft announced new security upgrades late last week to better protect its customers against cyber threats, including improved security protections for identity signing keys. […]
With cybersecurity becoming ever more important to organizational success, a new report from ISC2 finds that the workforce gap in the cybersecurity sector across the globe has grown by 13 percent on a year-over-year basis since 2022, indicating the need to fill an additional four million more needed cybersecurity jobs. […]
With the 2024 presidential election quickly approaching, local election officials on Wednesday called on Congress for increased cybersecurity funding to update outdated IT infrastructure and help protect democracy. […]
As government agencies look to modernize their missions through digital innovation, please join SAIC and MeriTalk on Nov. 2 at the OutFront: Continuous Agility forum in Arlington, Va., to learn agile and innovative solutions that are helping agencies to succeed amid escalating cyber threats. […]
Sen. Eric Schmitt, R-Mo., is urging the Pentagon’s Cyber Command (CYBERCOM) unit to take an offensive stance against the Chinese hacking group who breached the State Department, Commerce Department, and House of Representatives emails earlier this year. […]
A top Cybersecurity and Infrastructure Security Agency (CISA) official said this week that the House Republicans’ proposed 25 percent budget cut to the cyber agency would have “catastrophic” effects on CISA’s programs – like the Continuous Diagnostics and Mitigation (CDM) Program. […]
A new report out this week from Zscaler ThreatLabz finds a 400 percent increase in internet of things (IoT) and operational technology (OT) malware attacks since 2022, underscoring the need for better zero trust security to protect critical infrastructures. […]
Dell Technologies Global Chief Technology Officer John Roese mapped out the company’s approach to five key technology and innovation hot spots – including AI tech, edge computing, and cybersecurity – during a keynote address at the Dell Technologies Forum in Washington, D.C., on Oct. 24. […]
The Cybersecurity and Infrastructure Security Agency (CISA) is leading an effort to update the National Cyber Incident Response Plan (NCIRP) by the end of 2024, as directed in the Biden administration’s National Cybersecurity Strategy released earlier this year. CISA, in close coordination with the Office of the National Cyber Director (ONCD), is embarking on a […]
A new report out today from the Center for Strategic and International Studies (CSIS) focuses on the Cybersecurity Infrastructure Security Agency’s (CISA) growth and mission needs, and offers a range of findings and recommendations that go beyond basic funding needs to bolster CISA’s ability to defend the nation’s cyberspace and the security of Federal Civilian Executive Branch agencies (FCEB). […]