Cybersecurity
Offshore Drilling Operations Vulnerable to Cyberattacks, Watchdog Warns
The Government Accountability Office made a new case for improving the cybersecurity safeguards within offshore drilling and natural gas facilities.
Cybersecurity
Latest Guidance Outlines Customer Responsibilities for Software Security
The guide provides recommendations throughout the product lifecycle, from procurement to deployment.
Cybersecurity
White House Begins to Push Federal Post-Quantum Cryptography Migration
The Office of Management and Budget released new guidance to begin the governmentwide effort to safeguard digital infrastructure from quantum attacks.
Cybersecurity
Agencies Push Deadline to Comment on Would-Be Federal Cyber Insurance Program
Insurance companies are pushing for taxpayer assistance to provide coverage in the event of catastrophic incidents.
Cybersecurity
TSA administrator says new cyber requirements in the works for aviation industry
The administrator of the Transportation Security Administration said the White House is following a similar approach to how it crafted cyber requirements for the oil and gas pipeline industry following the 2021 Colonial Pipeline attack in crafting guidelines for the aviation sector.
Cybersecurity
Secret Service’s Zero Trust Plan Must Account for OMB Guidance, Watchdog Says
The Secret Service’s plan for adopting a zero trust architecture model across the agency’s systems has not been updated since the Office of Management and Budget released new guidance in January.
Cybersecurity
Big Tech Tells CISA to Exempt Third-Party Providers from Incident Reporting Rule
Major industry groups clashed on how CISA should define key terms in its rulemaking process to implement the federal incident reporting law.
Cybersecurity
Iranian Hackers Compromised a Federal Agency’s Network, CISA and FBI Say
Actors linked with the Iranian government were able to exploit an unpatched Log4Shell vulnerability—which the Cybersecurity and Infrastructure Security Agency asked agencies to address by the end of 2021—in an unnamed agency’s network.
Cybersecurity
CISA Highlights Space, Bioeconomy as Possible New Critical Infrastructure Sectors
The agency also suggested existing sectors be consolidated and that there is a need for some agencies to exercise greater authority over private-sector entities.
Cybersecurity
DOD Must Enhance Cyber Incident Reporting and Sharing, Watchdog Says
The Government Accountability Office found that the Pentagon “lacks an accountable organization and consistent guidance” for documenting and sharing details about reported cyber incidents.
Cybersecurity
White House Sprint Ends With Nearly 200 New Cyber Apprenticeship Programs
The 120-day sprint saw more than 7,000 apprentices get hired from the initiative.
Cybersecurity
Deadline looms for plan to restart economy in case of major cyberattack
Lawmakers have been urging the Biden administration to develop a strategy first mandated in the Fiscal 2021 NDAA.
Cybersecurity
DHS Chief Appears to Back Status Quo Approach for Securing Critical Infrastructure
The Biden administration is looking to Congress for help with ‘filling gaps in statutory authorities’ for improving U.S. cybersecurity.
Cybersecurity
China’s Cyber Capabilities ‘Pose a Serious Threat’ to US, Advisory Panel Warns
The panel’s report also called for the Biden administration to consider revoking China’s status as a favored trading partner if a congressional review finds that Beijing is not complying with its commitments.
Cybersecurity
Breaches of personal data at DOD have doubled since 2015
A recent oversight report detailed that the Defense Department experienced nearly 1,900 breaches of personally identifiable information in 2021 and may need a better system for informing affected individuals.
Cybersecurity
CISA Issues Vulnerability-Management Tools Dependent on Industry Action
Federal agencies are under a binding operational directive to address exploitable security vulnerabilities in their software, but the success of CISA’s effort relies on the cooperation of software vendors.
Cybersecurity
NATO Allies Double Down on Cybersecurity in Warfighting Ops
U.S. and Italian officials convened the 2022 Cyber Defence Pledge Conference, focused on supporting Ukraine and investing in new technology for all member nations.
Cybersecurity
How Federal Agencies are Using Innovative Tech to Protect Critical Infrastructure Cybersecurity
Officials from CISA and DARPA spoke about their initiatives to support cybersecurity operations across critical infrastructure networks.
Cybersecurity
NIST Official Warns Against Device-only Approach to Securing IoT
Federal agencies’ implementation of NIST’s guidelines on the issue—under direction from Congress—is coinciding with industry resistance to the comprehensive approach stakeholders agree is necessary.
Cybersecurity