Cybersecurity

VA Has a Plan to Attract Workers Displaced by Widespread Tech Industry Layoffs

Amid a recent wave of layoffs across the technology sector, the VA is working to position itself as an enticing destination for unemployed tech workers.

Trade Org Urges OMB to ‘Harmonize’ Secure Software Development Practices

The Information Technology Industry Council asked OMB to clarify a memorandum that was creating challenges for software producers.

CISA Seeks Information for Potential Cyber Threat Intelligence Platform

The request will help the agency develop the platform to address current challenges related to cyber threat intelligence.

Offshore Drilling Operations Vulnerable to Cyberattacks, Watchdog Warns

The Government Accountability Office made a new case for improving the cybersecurity safeguards within offshore drilling and natural gas facilities. 

Latest Guidance Outlines Customer Responsibilities for Software Security

The guide provides recommendations throughout the product lifecycle, from procurement to deployment.

White House Begins to Push Federal Post-Quantum Cryptography Migration

The Office of Management and Budget released new guidance to begin the governmentwide effort to safeguard digital infrastructure from quantum attacks.

Agencies Push Deadline to Comment on Would-Be Federal Cyber Insurance Program

Insurance companies are pushing for taxpayer assistance to provide coverage in the event of catastrophic incidents.

Secret Service’s Zero Trust Plan Must Account for OMB Guidance, Watchdog Says

The Secret Service’s plan for adopting a zero trust architecture model across the agency’s systems has not been updated since the Office of Management and Budget released new guidance in January.

Big Tech Tells CISA to Exempt Third-Party Providers from Incident Reporting Rule

Major industry groups clashed on how CISA should define key terms in its rulemaking process to implement the federal incident reporting law.

Iranian Hackers Compromised a Federal Agency’s Network, CISA and FBI Say

Actors linked with the Iranian government were able to exploit an unpatched Log4Shell vulnerability—which the Cybersecurity and Infrastructure Security Agency asked agencies to address by the end of 2021—in an unnamed agency’s network.

CISA Highlights Space, Bioeconomy as Possible New Critical Infrastructure Sectors

The agency also suggested existing sectors be consolidated and that there is a need for some agencies to exercise greater authority over private-sector entities.

DOD Must Enhance Cyber Incident Reporting and Sharing, Watchdog Says

The Government Accountability Office found that the Pentagon “lacks an accountable organization and consistent guidance” for documenting and sharing details about reported cyber incidents.

White House Sprint Ends With Nearly 200 New Cyber Apprenticeship Programs

The 120-day sprint saw more than 7,000 apprentices get hired from the initiative.

DHS Chief Appears to Back Status Quo Approach for Securing Critical Infrastructure

The Biden administration is looking to Congress for help with ‘filling gaps in statutory authorities’ for improving U.S. cybersecurity.

China’s Cyber Capabilities ‘Pose a Serious Threat’ to US, Advisory Panel Warns

The panel’s report also called for the Biden administration to consider revoking China’s status as a favored trading partner if a congressional review finds that Beijing is not complying with its commitments.

CISA Issues Vulnerability-Management Tools Dependent on Industry Action

Federal agencies are under a binding operational directive to address exploitable security vulnerabilities in their software, but the success of CISA’s effort relies on the cooperation of software vendors.

NATO Allies Double Down on Cybersecurity in Warfighting Ops

U.S. and Italian officials convened the 2022 Cyber Defence Pledge Conference, focused on supporting Ukraine and investing in new technology for all member nations.