The Department of Homeland Security’s (DHS) Cyber Safety Review Board (CSRB) released findings late Tuesday following its independent review of the summer 2023 Microsoft Exchange Online intrusion that attributed the success of the China-based hack to “a cascade of security failures at Microsoft” and an “inadequate” security culture at the company. […]

The Defense Department, General Services Administration, and NASA have issued a final rule amending the Federal Acquisition Regulation (FAR) to add the framework for a new FAR part 40 covering information security and supply chain security. […]

The Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) published its long-awaited cyber incident reporting rule today for the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA), requesting public input on the forthcoming regulations. […]

Sen. Gary Peters, D-Mich., chairman of the Senate Homeland Security and Governmental Affairs Committee, is calling on the Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Health and Human Services (HHS) to prioritize cybersecurity efforts in the healthcare sector. […]

The Department of Justice (DoJ) announced today that it has charged seven hackers associated with the People’s Republic of China (PRC) for “malicious” cyberattacks that targeted U.S. government officials, politicians, and companies. […]

Sen. Mark Warner, D-Va. – co-chair of the Senate Cybersecurity Caucus – introduced legislation that would provide financial incentives for healthcare providers to boost their cyber defense by requiring them to meet minimum cybersecurity standards in order to receive accelerated payment in the event of a cyberattack. […]

Following the discovery of a Chinese-based hacking group compromising U.S. critical infrastructure, the White House – in collaboration with the Environmental Protection Agency (EPA) – announced plans this week to form a Water Sector Cybersecurity Task Force. […]

The National Security Agency’s (NSA) Cybersecurity Collaboration Center (CCC) has been “game-changing” for the NSA in terms of gaining unique insights from partners on specific adversaries, according to Morgan Adamski, the chief of the CCC. […]

In response to the evolving threat environment, the Cybersecurity and Infrastructure Security Agency (CISA) is looking to better coordinate cybersecurity operations across the Federal government through a newly released Federal Operational Cyber Alignment Plan, or FOCAL. […]

The Federal Communications Commission (FCC) voted on March 14 to create a voluntary cybersecurity labeling program for wireless internet of things (IoT) devices including home security cameras, internet-connected appliances, fitness trackers, garage door openers, and baby monitors. […]

The Department of Defense (DoD) has issued a final rule with revisions to the eligibility criteria for the voluntary Defense Industrial Base (DIB) Cybersecurity (CS) Program, greatly expanding the number of DIB companies that can participate in the program. […]

The Biden-Harris administration approved a secure software development attestation form on Monday, taking a crucial step towards ensuring Federal contractors provide secure products to the Federal government. […]

The Federal government should provide economic incentives such as tax deductions or Federal grants to critical infrastructure providers and other organizations that adopt cybersecurity best practices, the National Security Telecommunications Advisory Committee (NSTAC) said in a March 7 report. […]

When FITARA was first launched in November 2015, the Department of Education received a big fat “F” on its scorecard – denoting that the agency was failing across its IT and cyber categories. […]

Following a nine-month pilot effort, the Pentagon today officially launched a new model for measuring the cyber readiness of its main network defense command — marking a shift from compliance to operational readiness. […]

Tech policy experts on Capitol Hill said Thursday that the recent AT&T outage across the nation showed the importance of the resiliency of America’s critical infrastructure. […]

The Department of Energy’s (DoE) Office of Cybersecurity, Energy Security, and Emergency Response (CESER) announced this week the allocation of $45 million for 16 projects aimed at developing new technologies to prevent cyberattacks and reduce energy disruptions from cyber incidents. […]

The White House Office of the National Cyber Director (ONCD) released a report today calling on the technical community to proactively reduce the attack surface in cyberspace by adopting memory safe programming languages and developing better cyber diagnostics. […]

The Cybersecurity and Infrastructure Security Agency (CISA), Environmental Protection Agency (EPA), and FBI published a joint fact sheet on Feb. 21 outlining the top cybersecurity actions water and wastewater systems sector (WWS) entities can take to improve their cyber resiliency. […]

Cybersecurity services provider CrowdStrike is taking a look into 2024 and seeing plenty of work to be done defending against sophisticated attacks driven by artificial intelligence technologies, along with defending the integrity of elections.  […]

President Biden signed a new executive order (EO) today that looks to strengthen the cybersecurity of our nation’s ports, as well as bolster maritime cybersecurity and supply chains more generally. […]

The Department of Justice (DoJ) and FBI, along with the U.K. National Crime Agency’s (NCA) Cyber Division and other international law enforcement partners, announced today that they have disrupted the LockBit ransomware group – one of the most active ransomware groups in the world. […]

Department of Defense (DoD) Chief Information Officer (CIO) John Sherman has released new cybersecurity guidance on information sharing, best practices, and training for international partners looking to develop their cybersecurity standards and procedures. […]

Who are your favorite Cyber Defenders – the security leaders both in the Federal government and tech industry who are going above and beyond in advancing the mission, leading cybersecurity modernization, and defending against threats? […]

Sens. Mark Warner, D-Va., and John Thune, R-S.D., introduced a new bill on Feb. 7 that would direct the National Institute of Standards and Technology (NIST) to develop cybersecurity guidelines for the Federal government’s use of drone vehicles. […]

Federal agencies called on all organizations today to urgently implement a series of cybersecurity actions after discovering that a Chinese-based hacking group has compromised the IT environments of multiple U.S. critical infrastructure organizations – with the end goal of a future cyberattack. […]

During his first public address in Washington, D.C., today, the White House’s newly confirmed National Cyber Director (NCD) Harry Coker keyed on several initiatives ONCD has in the works to further implement President Biden’s National Cybersecurity Strategy (NCS). […]

Top IT experts at the Departments of Treasury and Veterans Affairs (VA) said that the Cybersecurity and Infrastructure Security Agency’s (CISA) Joint Cyber Defense Collaborative (JCDC) program holds a lot of promise, but is “still in its infancy” with program kinks to be worked out. […]

Top cybersecurity and critical infrastructure experts voiced concerns to lawmakers today at a House Homeland Security Subcommittee hearing that neither the government nor the private sector are doing enough to secure operational technology (OT) networks of critical infrastructure organizations. […]

Federal agencies have until the end of the day to shut down two widely used software products due to major cybersecurity vulnerabilities. […]