Cybersecurity
New bill would give CISA greater cyber outreach responsibilities
The Cybersecurity Awareness Act would direct the agency to launch a new public-private campaign promoting cyber best practices across small businesses and underserved communities.
Cybersecurity
Lawmaker advocates 'all-of-the-above' approach to fix cyber worker shortage
The chairman of the House Homeland Security Committee’s cybersecurity panel said a greater focus on cyber education in K-12 schools could help fill the roughly 700,000 vacant cyber jobs across the country.
Cybersecurity
House cyber panel’s NDAA draft prioritizes commercial tech, expert engagement
Tech- and cyber-focused legislative proposals for the fiscal year 2024 National Defense Authorization Act would restructure the Pentagon’s internal leadership to emphasize greater engagement with the commercial tech sector.
Cybersecurity
Industry calls for clarity after White House extends software security form deadline
Software vendors praised a decision from the Office of Management and Budget to extend a deadline for agencies to collect self-attestation forms, though questions remain about what comes next.
Cybersecurity
Interior faces 'disturbing' cyber risks due to cracked passwords and vulnerable assets
Recent reports reveal the Department of Interior is not enforcing multifactor authentication for its high-value assets and has a range of other significant cybersecurity risks.
Cybersecurity
White House cyber strategy can help mitigate AI dangers, official says
Acting National Cyber Director Kemba Walden noted that the underpinnings of the National Cyber Strategy can offer guardrails for emerging AI systems.
Cybersecurity
Ransomware gang exploits critical vulnerability in popular file transfer software
A cybersecurity advisory issued Wednesday said that a major ransomware group had successfully exploited a previously unknown vulnerability in Progress Software’s MOVEit software.
Cybersecurity
Public sector apps face widespread security challenges, report reveals
A new study found alarming security vulnerabilities across the vast majority of public applications over the last year.
Cybersecurity
Lawmakers want to expand USDA's Circuit Rider program to cover cyber
A new bill would allow small water utilities to obtain funds for cybersecurity consults.
Cybersecurity
Experts call for overhaul of 'outdated' critical infrastructure cyber policy
A new report analyzes the federal government’s approach to infrastructure cybersecurity as a key strategy document is getting a rewrite.
Cybersecurity
U.S., South Korean agencies warn of state-sponsored spearphishing
The North Korea-affiliated group Kimsuky’s email attacks targeted research and media organizations.
Cybersecurity
Federal vision to streamline cyber incident reporting expected this summer
The Cyber Incident Reporting Council will issue a report to Congress "in the next month or two" with recommendations on ways to achieve harmony across a complex network of federal cyber mandates.
Cybersecurity
Unmonitored networks put US nuclear arsenal at risk, GAO finds
A Government Accountability Office report found that the Energy Department cannot effectively monitor potential insider threats to U.S. nuclear security because department staff “have not identified the total number of DOE’s stand-alone classified networks.”
Cybersecurity
GAO identifies new infosec deficiencies in IRS system controls
The watchdog's annual audit of the agency turned up new recommendations on system access controls and security configurations, alongside a limited release report and previous recommendations.
Cybersecurity
DOD Submits Classified Cyber Strategy to Congress
An unclassified fact sheet released by the Pentagon said the new strategy will continue efforts to conduct “hunt forward operations”’ with U.S. allies and “defend forward” activities meant to disrupt threat actors on their own turf.
Cybersecurity
Agencies Warn of State-Sponsored Volt Typhoon’s Hacking Tactics
In collaboration with international and private sector partners, CISA released a new advisory warning network defenders of PRC-linked Volt Typhoon’s infiltration tactics.
Cybersecurity
DHS' cyber agency seeks small biz support for strategic planning
The Cybersecurity and Infrastructure Security Agency has set a date to explain its changes to a management consulting services contract.
Cybersecurity
Securing U.S. Intellectual Property ‘Top Priority’ for Federal Law Enforcement
The FBI and Homeland Security are emphasizing the need to digitally safeguard tech R&D in the U.S. from state-sponsored adversaries.
Cybersecurity
Cyber Agencies Unveil Updated Ransomware Guide
The 2023 version offers more detailed, step-by-step guidance and associated recommendations to fortify public and private networks against sophisticated ransomware.
Cybersecurity