The head of the National Security Agency’s (NSA) data science and artificial intelligence (AI) efforts said that government agencies should consider how to apply AI to cybersecurity operations but warned that they also need to heavily focus on how adversaries will leverage the emerging tool against them. […]
Federal Chief Information Security Officer (CISO) Chris DeRusha said late Thursday that new cybersecurity metrics are helping the Federal government to better measure its success in moving towards an improved risk posture. […]
President Biden on Sept. 7 extended a national emergency order dating back to 2018 and warning of the potential for overseas meddling in U.S. elections. […]
The Justice Department (DoJ) said this week that Verizon Business Network Services agreed to pay a fine of $4.09 million to the government after failing to “completely satisfy certain cybersecurity controls in connection with an information technology service provided to federal agencies.” […]
In order to create a more robust cybersecurity workforce, security experts explained on Wednesday that cybersecurity education needs to start at the K-12 level. […]
Top defense and intelligence officials shared this week the trends that worry them the most when it comes to the constantly evolving cyber threat landscape and what their top priorities are on the horizon given current world events and emerging cyber threat trends. […]
Just six months after the White House released its National Cybersecurity Strategy (NCS), Acting National Cyber Director (NCD) Kemba Walden said that her office is looking forward to publishing a posture report. […]
Rep. Ted Lieu, D-Calif., on Aug. 29 reintroduced his Improving Contractor Cybersecurity Act, which aims to require vendors that wish to do business with the United States government to maintain vulnerability disclosure policies (VDP) and programs. […]
The Transportation Security Administration (TSA) is adopting an automated capability that will ensure inactive accounts on one of its critical IT systems are shut down within 45 days. […]
Although the Federal government has made progress in protecting U.S. critical infrastructure through a largely voluntary approach, Federal Chief Information Security Officer (CISO) Chris DeRusha today called for minimum cybersecurity requirements for critical infrastructure. […]
Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly called on Congress today to reauthorize the Chemical Facility Anti-Terrorism Standards (CFATS) program – which the cybersecurity chief said has resulted in improving the security posture of high-risk facilities by 60 percent. […]
The recently established Advanced Research Projects Agency for Health (ARPA-H), which is housed within the Department of Health and Human Services (HHS), has launched a new project to better protect the U.S. healthcare system’s IT infrastructure. […]
The President’s National Infrastructure Advisory Council (NIAC) made a broad call Monday for the creation of a National Water Strategy to ensure the nation can deliver sustainable critical infrastructure systems that are responsive to cyber threats. […]
In light of rising software supply chain security attacks, Rep. Nancy Mace, R-S.C., introduced new legislation today that aims to help Federal contractors identify and fix software vulnerabilities before adversaries can exploit them. […]
As part of its broad efforts to foster a secure-by-design and -default technology ecosystem, the Cybersecurity and Infrastructure Security Agency (CISA) called on AI software makers last week to build security into systems from the outset. […]
The White House has extended the deadline to submit comments for its request for information (RFI) on cybersecurity regulatory harmonization and regulatory reciprocity to Oct. 31. […]
The Cybersecurity and Infrastructure Security Agency (CISA) – alongside the National Security Agency (NSA) and National Institute of Standards and Technology (NIST) – released a joint factsheet today encouraging early planning for migration to post-quantum cryptographic standards by developing a Quantum-Readiness Roadmap. “Quantum-Readiness: Migration to Post-Quantum Cryptography” is urging organizations – especially those that support critical infrastructure […]
Federal Chief Information Security Officer (CISO) Chris DeRusha explained today how the National Cybersecurity Strategy (NCS) and implementation plan released by the Office of the National Cyber Director (ONCD) earlier this year lines up nicely with the goals of improving Federal government cybersecurity, but also warned that the prevalence of legacy IT systems still being used by many Federal agencies continues to stand in the way of security improvements. […]
The Cybersecurity and Infrastructure Security Agency (CISA) has led a handful of identity security initiatives over the past year, and, according to a CISA official, is closing in on finalized guidance on recommended cybersecurity configuration baselines for select cloud products – like Microsoft 365 and Google Workspace. […]
The Internal Revenue Service (IRS) failed to review nearly 75 percent of IT security weaknesses within a timely manner in recent years due to staffing shortfalls, among other reasons, the Treasury Inspector General for Tax Administration (TIGTA) found in a recent report. […]
The Federal Communications Commission (FCC) is seeking public comment on a proposal to create a voluntary cybersecurity labeling program that would provide consumers with clear information about the security of their smart devices. […]
The head of the Cybersecurity and Infrastructure Security Agency (CISA) said this week that the United States needs to take a page out of Ukraine’s cyber playbook and build more resiliency into its critical infrastructure now. […]
The Office of the National Cyber Director (ONCD) announced a request for information (RFI) today seeking public comment on open-source software security and memory safe programming languages. […]
The Biden-Harris administration is launching a two-year competition that will leverage AI to protect the United States’ most important software – such as code that helps run the internet and critical infrastructure – senior White House officials announced at the opening of the Black Hat USA Conference in Las Vegas today. […]
The National Institute of Standards and Technology (NIST) is asking for public feedback on the draft version of a major update to its voluntary Cybersecurity Framework, which has become something close to a de facto baseline standard for security efforts in government and the private sector since it was launched in 2014 as a guide for critical infrastructure sectors. […]
By Jim Richberg, Fortinet Public Sector Field CISO With an estimated 3.4 million people needed to fill the global cybersecurity workforce gap, it’s time for organizations to start turning to new ways to recruit and keep talented cyber professionals. The federal situation mirrors what’s happening globally, but the stakes are even higher with civilian, defense and IC […]
“Ensuring cybersecurity” remains at the top of the Internal Revenue Service’s (IRS) list of priorities issued annually by the Government Accountability Office (GAO) for the fifth year in a row. […]
Cybersecurity technology provider CrowdStrike said in a report issued today that its Falcon OverWatch managed threat hunting unit saw a 40 percent year-over-year jump in “observed interaction intrusion volumes” for the year ended June 30. […]
A new report from tech security provider BlackBerry finds a 40 percent in cyberattacks targeting government agencies and public services organizations during the three months ended in May 2023. […]
The Cybersecurity and Infrastructure Security Agency (CISA) today debuted its cyber plan for the next three years, noting that the agency’s planning document builds on the White House’s National Cybersecurity Strategy released earlier this year. […]