Cybersecurity

DOD’s Digital Threats Are Increasingly Interconnecting, Watchdog Warns

GAO identified six areas that require more oversight, as Defense warfighting operations and national security increasingly hinge on data security.

Industry Objections Spur Changes to Cybersecurity Provisions in Defense Bill  

Key members of the House and Senate are altering proposals for identifying systemically important critical infrastructure and securing the software supply chain.

Federal Cyber Mandates for Water Infrastructure Are Too Costly to Implement, Experts Say

A House hearing saw expert testimony emphasizing the need for steady funding to cybersecurity programs in water utility providers––especially in rural regions. 

FCC Adds China-linked Telecom Providers to List of National Security Threats

The departments of Defense and Justice want the agency to take a more comprehensive approach to preventing foreign adversaries from accessing Americans’ communications and data.

Combating Foreign Malign Influence Requires Enhanced Information Sharing

Experts advised the intelligence community to have “more holistic conversations” with the public about the threat landscape.

CISA Plans to Measure the Effect of Coming Standards on Industry’s Cybersecurity

But big companies want to avoid agencies’ use of related performance goals in new regulation.

Federal IT Modernization Fund’s Financial Needs Draw Lawmaker Scrutiny

Federal CIO Clare Martorana said that the government should be operating on the “most modern technology available.”

White House Announces $1B in Cyber Funding for State and Local Governments

The four-year grant program, included in last year’s infrastructure law, will help states and local communities “strengthen their cyber resilience.”

Defense, Justice Call for FCC Rulemaking to Secure Internet Routing, Opposing NTIA

The departments cited comments from the Cybersecurity and Infrastructure Security Agency and said a regulatory approach would have a greater impact “industry-wide” than dealing with entities case-by-case.

Whole-of-Government Effort Targets Iranian Hackers

An unsealed indictment from the Department of Justice accompanied  sanctions and an advisory with international allies warning against government-linked Iranian hackers.

Social Media’s National Security Implications Draw Lawmaker Scrutiny

Senate Homeland Security Committee members grilled social media executives about their content moderation practices and ties to foreign adversaries.

OMB: New Acquisition Rule Coming for Vendors to Vouch for Their Software Security

Agencies are also allowed to accept to-do lists from vendors who need to keep working up to a point where they can self-attest their compliance with NIST guidance.

Whistleblower Explains How Twitter Easily Skirted FTC’s Data Security Enforcement

The former public official—and legendary hacker’s—decision to expose what he described as a disastrous security environment at the company has prompted an unlikely alliance in Congress.

A Cyber Workforce Strategy is Coming From the White House, Along with an Implementation Body to Make Sure it Works

The Office of the National Cyber Director has a workforce plan in development that looks to address public sector and private sector gaps in the cybersecurity profession.

CISA Requests Input on Terms Already Defined by Incident Reporting Law

The agency is embarking on a rulemaking process to implement the law, which requires those who make ransomware payments to report them to the government. 

U.S. Sanctions Iran—Under New Treasury Rules—for Attack on Albania

The new rules elaborate on what kinds of cyber activities warrant sanctions designation.

How Simple Claims of Election Interference Can be Enough to Prompt Real-World Threats

Federal officials remain on guard against foreign meddling in U.S. elections, as CISA and other agencies work to strengthen partnerships and intelligence sharing efforts with state and local election administrators.