Cybersecurity
Critical cyber threats persist on federal networks despite recent directives
Hundreds of devices on federal networks remain in apparent violation of a recent Binding Operational Directive from the Cybersecurity and Infrastructure Security Agency, according to a new report.
Cybersecurity
White House unveils fiscal 2025 cybersecurity investment priorities
The administration is urging agencies to align their fiscal 2025 budget requests with recent guidance that prioritizes strengthening federal networks and systems against cyber intrusions.
Cybersecurity
CISA to launch new cyber supply chain resource hub
The new resource center will allow federal agencies and industry stakeholders to get their hands on practical tools to help meet new cyber supply chain risk management.
Cybersecurity
Congress needs ‘private sector buy-in’ to address cyber workforce shortage
Organizations are working to educate and train the next generation of professionals to fill critical cybersecurity vacancies, but private sector firms need to change their hiring practices to integrate this pool of talent into the workforce.
Cybersecurity
US ‘can’t PSA our way out’ of cyber vulnerability, CISA director says
Speaking during a Cybersecurity Advisory Committee meeting, CISA Director Jen Easterly noted that corporate responsibility for cyber must stand “as a matter of good governance.”
Cybersecurity
NIST wants to help prevent a major cyberattack on the water sector
The National Institute of Standards and Technology aims to provide a practical guide to address unique cyber challenges impacting America’s complex water systems.
Cybersecurity
Justice Department launches new unit to combat cyber threats
The National Security Cyber Section will work to "increase the scale and speed of disruption campaigns and prosecutions” against cybercriminals, an official said this week.
Cybersecurity
Vacant White House cyber post draws concern amid global software breach
In the aftermath of a global cyberattack exposing personal data on millions of Americans, calls are growing for the White House to fill the top slot at the Office of the National Cyber Director.
Cybersecurity
Lawmakers propose shoring up nuclear cyber standards ahead of NDAA markup
The bipartisan proposal, which could be added to the FY2024 defense policy bill, would establish a federal working group to help address gaps in the cyber practices securing the nation’s nuclear weapons stockpile.
Cybersecurity
No 'systemic risk' to government networks from latest breach, CISA says
The nation’s cyber defense agency confirmed it was providing assistance to several federal agencies that have been impacted in an apparent global cyberattack.
Cybersecurity
Lawmakers suggest ‘radical transparency’ as key to shoring up US cyber posture
The lessons of Ukraine argue for increased openness about public and private sector cyber attacks, two congressmen said on Monday.
Cybersecurity
CISA's new directive targets devices that can be configured over public internet
The nation’s cyber defense agency is requiring all federal civilian agencies to remove such devices from their networks.
Cybersecurity
New bill would give CISA greater cyber outreach responsibilities
The Cybersecurity Awareness Act would direct the agency to launch a new public-private campaign promoting cyber best practices across small businesses and underserved communities.
Cybersecurity
Lawmaker advocates 'all-of-the-above' approach to fix cyber worker shortage
The chairman of the House Homeland Security Committee’s cybersecurity panel said a greater focus on cyber education in K-12 schools could help fill the roughly 700,000 vacant cyber jobs across the country.
Cybersecurity
House cyber panel’s NDAA draft prioritizes commercial tech, expert engagement
Tech- and cyber-focused legislative proposals for the fiscal year 2024 National Defense Authorization Act would restructure the Pentagon’s internal leadership to emphasize greater engagement with the commercial tech sector.
Cybersecurity
Industry calls for clarity after White House extends software security form deadline
Software vendors praised a decision from the Office of Management and Budget to extend a deadline for agencies to collect self-attestation forms, though questions remain about what comes next.
Cybersecurity
Interior faces 'disturbing' cyber risks due to cracked passwords and vulnerable assets
Recent reports reveal the Department of Interior is not enforcing multifactor authentication for its high-value assets and has a range of other significant cybersecurity risks.
Cybersecurity
White House cyber strategy can help mitigate AI dangers, official says
Acting National Cyber Director Kemba Walden noted that the underpinnings of the National Cyber Strategy can offer guardrails for emerging AI systems.
Cybersecurity
Ransomware gang exploits critical vulnerability in popular file transfer software
A cybersecurity advisory issued Wednesday said that a major ransomware group had successfully exploited a previously unknown vulnerability in Progress Software’s MOVEit software.
Cybersecurity