Cybersecurity
FCC Proposes to Strengthen Cybersecurity of Emergency Alert Systems
The notice of proposed rulemaking would require emergency alert system participants to disclose cyber breaches within 72 hours of discovery.
Cybersecurity
NDAA Negotiations Will Determine Success of Several Cyber Solarium Goals
Influence from major industry threatens once again to thwart lawmakers’ attempts to realize their policymaking goals through the annual defense authorization bill.
Cybersecurity
Energy official urges CISA to develop storehouse for software bills of materials
A senior cybersecurity advisor for the Department of Energy said a central repository of widely used Software Bills of Material would significantly reduce the burden on federal agencies.
Cybersecurity
Experts Weigh in on Strengths and Vulnerabilities of Election Cybersecurity
Both voting systems and the voters themselves could be targets of malign influence.
Cybersecurity
CDM team helped define cyber directives
Governmentwide cyber hygiene orders are increasingly taking into account the capabilities of Continuous Diagnostics and Mitigation tools.
Cybersecurity
CISA promises bespoke cyber advice for agencies
A new engagement arm of the Cybersecurity and Infrastructure Security Agency is designed to help agencies navigate the crush of cybersecurity requirements.
Cybersecurity
Russia Linked to Nearly 75% of Late 2021 Ransomware Attacks, Per Analysis
The analyzed ransomware variants—from July to December 2021—amounted to millions of dollars in damages.
Cybersecurity
CISA director 'very concerned' about election influence from foreign adversaries
Jen Easterly, director of the nation's cyber defense agency, said foreign adversaries could potentially weaponize disinformation and misinformation to incite violence and undermine the public's confidence in the upcoming elections.
Cybersecurity
CISA Director: Big Tech Shouldn’t Charge Extra for Event Logging
The agency has promised to measure the success of efforts to steer major software providers toward the inclusion of logging and other basic security features in their products “by default,” but has said little about how it actually intends to do that.
Emerging Tech
VA Needs Better Data on Employment Outcomes of ‘Promising’ Tech Training Pilot, Watchdog Says
A Government Accountability Office report found that the Department of Veterans Affairs lacks sufficient data on its VET TEC pilot to “assess the effectiveness of the program at getting veterans into jobs.”
Cybersecurity
Agencies Shouldn’t 'Just Trust' Software Vendors' Security Assurances, IG Warns
NIST advisors debating the merits of OMB’s policy on software vendors’ “self-attestation” to secure development practices found common ground on a need for audits and testing.
Cybersecurity
CISA sets voluntary cyber performance targets for critical infrastructure
A new set of documents and resources from the agency is designed to help critical infrastructure operators manage the basics of cybersecurity.
Cybersecurity
OPM's Ahuja Gets an Earful From Agencies Over Enhanced Pay for Cyber Talent
The Director of the Office of Personnel Management is navigating the intense competition among federal agencies for in-demand cybersecurity workers.
Cybersecurity
Public Entities in Nearly Every State Use Federally-Banned Foreign Tech, Report Says
A new report from Georgetown University’s Center for Security and Emerging Technology found that at least 1,681 state and local governments purchased equipment from five Chinese companies that were banned by the federal government between 2015 and 2021.
Cybersecurity
FTC's Data Security Complaint Against Drizly Sets New Leadership Responsibility
The consequences of Drizly’s lax security measures could echo past the beverage delivery company.
Cybersecurity
CISA Seeks Feedback on Baseline Measures to Secure Cloud Configuration
Initial baselines address Microsoft services, and baselines for configuring rival services from Google are up next.
Cybersecurity
NDAA Amendment Would Establish Veteran-Focused Cyber Training Program
A provision included in House and Senate legislation authorizing Defense Department spending for fiscal year 2023 would allow veterans and military spouses to receive cyber training “at no cost.”
Cybersecurity
TSA Opens Registration for Public Meeting on Cybersecurity Regulations
The agency’s advisory committee typically meets behind closed doors, but they are required to hold at least one public meeting per year.
Cybersecurity
Global Cyber Workforce Needs 3.4 Million Professionals to Fill Gaps, Study Finds
The survey also found that government cyber workers reported the least confidence in their ability to mitigate security threats over the next couple years “based on their current staff and tools.”
Cybersecurity