A newly released advisory from the Cybersecurity and Infrastructure Security Agency (CISA), in partnership with the National Security Agency (NSA), highlights the most common cybersecurity misconfigurations in large organizations.  […]

New guidance from the Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) highlighted significant ongoing challenges Federal agencies and industry face in implementing security controls like multifactor authentication (MFA) to manage identity security. […]

The Transportation Security Administration (TSA) is finalizing permanent cybersecurity rules for critical pipeline operators.  […]

The Advanced Research Projects Agency for Health (ARPA-H) is investing millions into projects that make advancements in technologies that protect the security of health data, the agency announced last week.  […]

According to a new report out from the Government Accountability Office (GAO) on Thursday, the State Department has failed to fully implement its cybersecurity risk program and needs to take a number of steps to better protect its IT network and systems. […]

The Department of Defense (DoD) Inspector General (IG) announced last week that it plans to conduct an audit into the Cybersecurity Maturity Model Certification (CMMC) program – the Pentagon’s high-profile contractor cybersecurity program. […]

A new report from the Government Accountability Office (GAO) finds that Federal agencies and critical infrastructure owners must do a better job at sharing information to tackle increasingly complex cyber threats. […]

The Department of Homeland Security (DHS) – the Cybersecurity and Infrastructure Security Agency’s (CISA) parent agency – said yesterday that only 571 of CISA’s 3,117 employees would continue to work through a government shutdown – meaning that 79 percent of the agency’s staff would be staying home until government funding is restored. […]

Senate Intelligence Committee Chairman Mark Warner, D-Va., is calling on the White House’s Office of Management and Budget (OMB) to review all Federal agencies’ cybersecurity policies for internet of things (IoT) devices to ensure they meet National Institute of Standards and Technology (NIST) guidelines, as required by law. […]

Tech leaders from six prominent government agencies offered suggestions Tuesday for how they want to see the FITARA Scorecard categories improve, particularly when it comes to cybersecurity metrics. […]

The number two official at the Justice Department (DoJ) warned today that the pending government shutdown is “quite dangerous and quite irresponsible” in terms of the effect it would have on the nation’s ability to defend against cyber threats. […]

Today, the Cybersecurity and Infrastructure Security Agency (CISA) released the new Hardware Bill of Materials (HBOM) Framework for Supply Chain Risk Management product from the Information and Communications Technology (ICT) Supply Chain Risk Management (SCRM) Task Force.   […]

The U.S. Air Force has abruptly canceled a highly competitive cybersecurity tech solicitation worth at least $5 billion just before crossing the finish line due to an overwhelming number of proposals from the private sector. […]

The Council of the Inspectors General on Integrity and Efficiency (CIGIE) issued a summary today of the top challenges facing Federal agencies, as identified by those agencies’ respective Offices of the Inspector General (OIG) – and once again IT issues headed up the list. […]

Reps. Mike Gallagher, R-Wis., and Abigail Spanberger, D-Va., introduced new legislation this week that looks to strengthen U.S. defenses against potential cyberattacks by calling on the secretary of Homeland Security to establish a National Risk Management Cycle. […]

A report released by the Foundation for Defense of Democracies (FDD) on Sept. 19 argues that Congress should take another look at legislative recommendations published by the Cyberspace Solarium Commission to shore up U.S. cyber defenses and decide whether to enact them. […]

As AI technologies are increasingly used to create deceptive content, Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly said on Tuesday that Americans can remain confident in U.S. election infrastructure, but also warned that the information environment is at risk. […]

Cybersecurity experts across the private sector expressed concerns today that a Federal government shutdown would have major negative impacts on the Cybersecurity and Infrastructure Security Agency’s (CISA) ability to defend Federal networks and keep its critical cyber programs running. […]

The Office of the National Cyber Director (ONCD) is creating a playbook that aims to clarify, facilitate, and encourage incorporation of cybersecurity into the Federal grant process. […]

The Cybersecurity and Infrastructure Security Agency’s (CISA) new Cyber Supply Chain Risk Management (C-SCRM) Office is in the process of developing training and maturity models for Federal agencies, with an eye of releasing these resources in the new fiscal year (FY) to begin on Oct. 1.   […]

The Cybersecurity and Infrastructure Security Agency (CISA) held its third quarter Cybersecurity Advisory Committee (CSAC) meeting on Sept. 13, where members voted to approve a number of recommendations offered by each subcommittee to the agency, including one that could result in the creation of a national cyber alert system. […]

The Department of Defense (DoD) is pledging to use offensive cyber capabilities to defend the U.S. and its allies against adversaries – particularly the Peoples Republic of China (PRC) – as part of its latest cybersecurity strategy. […]

The Cybersecurity and Infrastructure Security Agency (CISA) released its new Open Source Software Security Roadmap today that lays out the agency’s path forward to help ensure a secure open source software ecosystem within the Federal government. […]

Federal Chief Information Security Officer (CISO) Chris DeRusha said late Thursday that new cybersecurity metrics are helping the Federal government to better measure its success in moving towards an improved risk posture. […]

The Justice Department (DoJ) said this week that Verizon Business Network Services agreed to pay a fine of $4.09 million to the government after failing to “completely satisfy certain cybersecurity controls in connection with an information technology service provided to federal agencies.” […]

The State Department is currently working on a new comprehensive version of an international cyber strategy that it will be circulating around the agency and government this fall. […]

A recently disclosed Chinese hack of Commerce and State Department officials’ emails was found to be linked to a Microsoft engineer’s compromised corporate account, the tech giant announced in a blog post this week. […]

In order to create a more robust cybersecurity workforce, security experts explained on Wednesday that cybersecurity education needs to start at the K-12 level. […]

As the Cybersecurity and Infrastructure Security Agency (CISA) finishes up the rulemaking process for the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA), CISA Director Jen Easterly said today that trusted partnerships are vital to sharing threat information in the meantime. […]

Just six months after the White House released its National Cybersecurity Strategy (NCS), Acting National Cyber Director (NCD) Kemba Walden said that her office is looking forward to publishing a posture report. […]