Cybersecurity

CISA Releases Finalized IPv6 Guidance for Agencies

The network guidance document is years in the making.

  • By Frank Konkel

Biden Official Endorses Effort to Move Pipeline Cybersecurity Regulation to DOE

An emergency directive from the Transportation Security Administration following the Colonial Pipeline attack faced opposition from Senate Republicans after the industry complained they weren’t sufficiently consulted beforehand.

  • By Mariam Baksh

Big Tech Anxious About Commerce Plan to Secure Supply Chains from Foreign Influence

Comments an association of industry giants made on a notice of proposed rulemaking from the Commerce Department come amid multiple government efforts to reduce cybersecurity risks in globally produced information and communications technology.

  • By Mariam Baksh

Biden Official Credits Diplomacy With Russia for Arrest of Colonial Pipeline Hacker

A senior administration official disassociated the move from tensions between the U.S. and Russia amid a build-up of Russian troops near Ukraine and an unattributed cyberattack on the country’s government websites.

  • By Mariam Baksh

3 Strategies for Securing the Supply Chain, Security’s Weakest Link 

Today, no vendor or agency is safe—and just as importantly, no single organization can address all these threats independently.

  • By Brandon Shopp

FBI Officials Clarify What the Bureau Wants in Cyber Incident Reporting Bill

However the legislation is eventually passed, CISA plans to share reports with the FBI and other agencies, a Homeland Security official said.

  • By Mariam Baksh

FCC Chair Proposes Updating Data Breach Reporting Requirements

The Commission is still waiting for an empty chair to be filled as observers call for a vote on Biden nominee Gigi Sohn.

  • By Mariam Baksh

Pentagon Moves to Improve its Cybersecurity-Centered Engagement with Universities

A new consortium aims to enable deeper collaboration on digital challenges.

  • By Brandi Vincent

House FISMA Reform Would Empower Federal CISO With Budgeting Authority

Corresponding Senate legislation doesn’t mention the federal chief information security officer but shares other key elements—including a shorter incident reporting window—with a discussion draft issued by the House Oversight and Reform Committee.

  • By Mariam Baksh

NSA, CISA, FBI Issue Joint Advisory Against Russian Hackers Amid Growing Tensions

The warning comes as a military build-up occurs at the Russian-Ukrainian border.

  • By Alexandra Kelley

Newly Uncovered Emails Intensify Republican Senator's Unease About DOD’s Cloud Contracts

A senior senator continued a back-and-forth with auditors over the Defense Department's now-canceled JEDI contract.

  • By Brandi Vincent

NIST Updates Cybersecurity Engineering Guidelines

Amid constant cybersecurity threats, NIST added more insight for engineers and programmers on how to mitigate system vulnerabilities.

  • By Alexandra Kelley

How the Log4j Vulnerability is Forcing Change in Federal Cybersecurity Policy

Officials say agencies have demonstrated more dedication than ever in addressing a bug with astronomical reach, but organizations are at the mercy of product vendors to issue the patches they need to implement.

  • By Mariam Baksh

GSA Seeks Comments on Transfer of .Gov Domain to Cybersecurity Agency

The government’s site for managing government websites—dotgov.gov— may temporarily go down for maintenance as officials make the switch.

  • By Mariam Baksh
Featured eBooks
The State of the Federal Cloud
Read Now

Addressing the Tech Talent Gap

Read Now

Health Technology in Action

Read Now

Tech Policy Trends

Read Now

How Cybercriminals Turn Paper Checks Stolen from Mailboxes into Bitcoin

Mailboxes are increasingly becoming the scene of a crime.

  • By David Maimon, The Conversation

FTC warns of legal risks of failing on Log4j mitigation

The Federal Trade Commission issued a warning this week urging companies to take "reasonable steps" to mitigate known software vulnerabilities or face potential legal consequences, recalling the $700 million settlement Equifax paid for a major breach in 2017.

  • By Chris Riotta

New CMMC Training to Align with Certification Changes

Look for trainers working on the Cybersecurity Maturity Model Certification program to realign their efforts to support recent changes to the certification process in 2022.

  • By Lauren C. Williams

AI-Powered Automation Can Be Both a Part of the Problem and Part of the Solution

There are real security concerns that should be addressed ahead of further government adoption of a truly automated future.

  • By Jim Richberg

Corrected: FedRAMP Bill Includes Transparency Provisions for New Advisory Council

The legislation would create a public-private advisory council that would be subject to most of the provisions of the Federal Advisory Committee Act.

  • By Mariam Baksh

Feds Step Up Cybersecurity Support for State Governments

Forty-two advisers have been appointed or are in the process, with eight states still needing federal-level coordinators.

  • By Patience Wait

The legacy of the Cyberspace Solarium Commission

The Cyberspace Solarium Commission is officially sunsetting after more than two years, dozens of recommendations and a slew of legislative changes. But since there’s more to be done, the panel is rebooting its efforts as a non-profit.

  • By Lauren C. Williams