Digital Government
What a Divided Government Could Mean for Tech Policy
Here’s what a split Congress might mean for tech, cybersecurity and governance.
Cybersecurity
Former CISA Head Calls for Renewed Action to Combat Election Lies
Inaugural CISA director Chris Krebs expressed concern about the spread of election misinformation as Twitter changes up its user verification process.
Cybersecurity
CISA, NSA and Industry Outline Security Responsibilities of Software Suppliers
New guidance from the federal agencies—and major companies serving the government—tries to distinguish between the security duties of software developers, suppliers and consumers.
Cybersecurity
Voting Machine Myths Likely to Increase During and After Midterms, Report Finds
Cybersecurity firm Recorded Future identified mis- and disinformation campaigns suggesting that voting machines from three major companies “will be used to falsify the results of the midterms.”
Cybersecurity
Former CISA chief warns of ‘very chaotic environment’ ahead of midterms
Chris Krebs said those hoping to undermine confidence in U.S. elections may have their best shot yet during this week’s midterm vote.
Cybersecurity
Almost half of phishing attacks target gov employees, research says
Traditionally aimed at stealing credentials, phishing attacks are growing increasingly sophisticated.
Cybersecurity
NIST on tap to improve cybersecurity of water systems
The National Institute of Standards and Technology (NIST) hopes a new project will create a set of best practices to help the nation’s complex water and wastewater systems bolster their cybersecurity posture.
Cybersecurity
CISA Leaning Toward Lower Threshold for Mandatory Cyber Incident Reporting
The agency has started to receive feedback from some key stakeholders for its rulemaking process on the issue.
Cybersecurity
FCC Proposes to Strengthen Cybersecurity of Emergency Alert Systems
The notice of proposed rulemaking would require emergency alert system participants to disclose cyber breaches within 72 hours of discovery.
Cybersecurity
NDAA Negotiations Will Determine Success of Several Cyber Solarium Goals
Influence from major industry threatens once again to thwart lawmakers’ attempts to realize their policymaking goals through the annual defense authorization bill.
Cybersecurity
Energy official urges CISA to develop storehouse for software bills of materials
A senior cybersecurity advisor for the Department of Energy said a central repository of widely used Software Bills of Material would significantly reduce the burden on federal agencies.
Cybersecurity
Experts Weigh in on Strengths and Vulnerabilities of Election Cybersecurity
Both voting systems and the voters themselves could be targets of malign influence.
Cybersecurity
CDM team helped define cyber directives
Governmentwide cyber hygiene orders are increasingly taking into account the capabilities of Continuous Diagnostics and Mitigation tools.
Cybersecurity
CISA promises bespoke cyber advice for agencies
A new engagement arm of the Cybersecurity and Infrastructure Security Agency is designed to help agencies navigate the crush of cybersecurity requirements.
Cybersecurity
Russia Linked to Nearly 75% of Late 2021 Ransomware Attacks, Per Analysis
The analyzed ransomware variants—from July to December 2021—amounted to millions of dollars in damages.
Cybersecurity
CISA director 'very concerned' about election influence from foreign adversaries
Jen Easterly, director of the nation's cyber defense agency, said foreign adversaries could potentially weaponize disinformation and misinformation to incite violence and undermine the public's confidence in the upcoming elections.
Cybersecurity
CISA Director: Big Tech Shouldn’t Charge Extra for Event Logging
The agency has promised to measure the success of efforts to steer major software providers toward the inclusion of logging and other basic security features in their products “by default,” but has said little about how it actually intends to do that.
Emerging Tech
VA Needs Better Data on Employment Outcomes of ‘Promising’ Tech Training Pilot, Watchdog Says
A Government Accountability Office report found that the Department of Veterans Affairs lacks sufficient data on its VET TEC pilot to “assess the effectiveness of the program at getting veterans into jobs.”
Cybersecurity
Agencies Shouldn’t 'Just Trust' Software Vendors' Security Assurances, IG Warns
NIST advisors debating the merits of OMB’s policy on software vendors’ “self-attestation” to secure development practices found common ground on a need for audits and testing.
Cybersecurity