Cybersecurity
Cyber exec: 50 orgs 'genuinely impacted' by SolarWinds hack
FireEye's chief executive officer said he's seen evidence suggesting hackers changed code in SolarWinds software as early as October 2019.
Cybersecurity
Massive Hack Roundup: Microsoft Says Breach 'Not Espionage as Usual'
Here are the news and updates you may have missed.
Digital Government
Tech Industry Group Recommends Biden Admin Reimagine How Government Does IT
The Alliance for Digital Innovation unveiled a series of legislative and policy proposals for President-elect Joe Biden to consider.
Cybersecurity
Lawmakers press Trump to sign NDAA in the wake of massive hack
The annual defense bill includes a section on cybersecurity based on recommendations from the Solarium Commission.
Ideas
The Invisible Impact of the Pandemic on Data Security: Why 2021 Will Be Different
The tough reality is that attackers usually move faster than we do.
Cybersecurity
Amid Massive Hack, Lawmakers Urge Trump to Sign Defense Bill with New Cybersecurity Legislation
As the government scrambles to understand the widening compromise, legislation to shore up the nation’s cyber defenses sits unsigned on the President’s desk.
Cybersecurity
DIU, CISA Team Up to Coordinate Cybersecurity Tech Investments
The Defense and Homeland Security departments agreed to develop cybersecurity technologies for national security applications together.
Cybersecurity
House Committees Launch Investigation into Alleged Russian Hack of Federal Agencies
President-elect Joe Biden also promised to elevate cybersecurity “as an imperative” across government.
Cybersecurity
CISA: SolarWinds Is Not the Only Way Hackers Got Into Networks
The agency also warned that getting attackers out of networks will be complex—especially because they are monitoring IT and cybersecurity employees’ emails.
Cybersecurity
CISA: SolarWinds' Orion may not be only entry point for hackers
CISA's latest alert suggests hackers may have found other entry points into the federal government's networks than just the IT management software suite.
Cybersecurity
GAO Issues ‘Wake-Up Call’ Report on Agencies’ Lax Supply Chain Security Management
The bottom line is that none of the 23 agencies audited fully implemented foundational risk management practices.
Cybersecurity
DOD announces first CMMC pilot contract nominees
The Dec. 15 announcement calls out seven pilot contracts across the Air Force, Navy and Missile Defense Agency.
Cybersecurity
After Solar Winds, it's time for a National Software Security Act
The time has come for Congress to regulate security in the software industry by mandating minimal best practices for software companies selling software products or services in America.
Cybersecurity
Pentagon Preps for First CMMC Pilots in 2021
The Pentagon’s Cybersecurity Maturity Model Certification program will begin including security requirements in select solicitations starting next year.
Cybersecurity
Lawmakers seek details on damage done by the SolarWinds hack
As information trickles out about which federal agencies have been compromised by a sophisticated hacking operation, lawmakers have begun seeking an extensive accounting of what damage has been done.
Cybersecurity
What We Know About the SolarWinds Breach
The White House invoked Presidential Policy Directive-41 to coordinate a "whole of government" response.
Cybersecurity
Senate Bill Targets Government’s Response to Agency-Involved Cyber Incidents
Agencies would see new reporting requirements to keep Congress and impacted individuals more informed about security breaches.
Cybersecurity
NSC invokes 2016 directive to respond to SolarWinds hack
The National Security Council's announcement to create a special group for coordinating the federal government's response to the SolarWinds hack comes as the list of affected agencies grows.
Cybersecurity
CISA Orders Federal Agencies to Turn Off SolarWinds Products
A critical flaw in software used throughout government was reportedly used to breach a major security company and at least two federal agencies.
Cybersecurity