Cybersecurity
Combating Foreign Malign Influence Requires Enhanced Information Sharing
Experts advised the intelligence community to have “more holistic conversations” with the public about the threat landscape.
Cybersecurity
CISA Plans to Measure the Effect of Coming Standards on Industry’s Cybersecurity
But big companies want to avoid agencies’ use of related performance goals in new regulation.
Modernization
Federal IT Modernization Fund’s Financial Needs Draw Lawmaker Scrutiny
Federal CIO Clare Martorana said that the government should be operating on the “most modern technology available.”
Cybersecurity
White House Announces $1B in Cyber Funding for State and Local Governments
The four-year grant program, included in last year’s infrastructure law, will help states and local communities “strengthen their cyber resilience.”
Cybersecurity
Defense, Justice Call for FCC Rulemaking to Secure Internet Routing, Opposing NTIA
The departments cited comments from the Cybersecurity and Infrastructure Security Agency and said a regulatory approach would have a greater impact “industry-wide” than dealing with entities case-by-case.
Cybersecurity
Whole-of-Government Effort Targets Iranian Hackers
An unsealed indictment from the Department of Justice accompanied sanctions and an advisory with international allies warning against government-linked Iranian hackers.
Cybersecurity
Biden adds cyber, data, supply chain risks to CFIUS reviews
The Committee on Foreign Investment in the United States will be required to consider five new sets of national security concerns – including cybersecurity – when reviewing foreign investments in the U.S. as part of a new executive order.
Cybersecurity
Social Media’s National Security Implications Draw Lawmaker Scrutiny
Senate Homeland Security Committee members grilled social media executives about their content moderation practices and ties to foreign adversaries.
Cybersecurity
Industry cautions on software security regs in the defense bill
Trade groups want Congress to remove a provision in the House-passed defense policy bill mandating software bills of materials in some federal acquisition.
Breaking News
Cybersecurity
OMB: New Acquisition Rule Coming for Vendors to Vouch for Their Software Security
Agencies are also allowed to accept to-do lists from vendors who need to keep working up to a point where they can self-attest their compliance with NIST guidance.
Cybersecurity
Whistleblower Explains How Twitter Easily Skirted FTC’s Data Security Enforcement
The former public official—and legendary hacker’s—decision to expose what he described as a disastrous security environment at the company has prompted an unlikely alliance in Congress.
Cybersecurity
Cyber criminals increasingly relying on ransomware-as-a-service, report says
A new report reveals threat actors are using the same ransomware as in previous years – but relying on new malware-free intrusion methods and ransomware-as-a-service offerings to evade popular mitigation techniques.
Cybersecurity
A Cyber Workforce Strategy is Coming From the White House, Along with an Implementation Body to Make Sure it Works
The Office of the National Cyber Director has a workforce plan in development that looks to address public sector and private sector gaps in the cybersecurity profession.
Cybersecurity
CISA Requests Input on Terms Already Defined by Incident Reporting Law
The agency is embarking on a rulemaking process to implement the law, which requires those who make ransomware payments to report them to the government.
Cybersecurity
Maritime cybersecurity is front and center in Coast Guard reauthorization bill
A new Coast Guard reauthorization bill would provide some of the first cybersecurity protections and data management requirements for the U.S. Marine Transportation System in federal law.
Cybersecurity
Sharing secrets has been ‘effective’ against Russia, but the tactic has limits, CIA chief says
It’s just one of the new areas for a spy agency grappling with tech-driven changes.
Cybersecurity
U.S. Sanctions Iran—Under New Treasury Rules—for Attack on Albania
The new rules elaborate on what kinds of cyber activities warrant sanctions designation.
Cybersecurity
How Simple Claims of Election Interference Can be Enough to Prompt Real-World Threats
Federal officials remain on guard against foreign meddling in U.S. elections, as CISA and other agencies work to strengthen partnerships and intelligence sharing efforts with state and local election administrators.
Cybersecurity
CISA seeks public input on cybersecurity incident reporting rules
The nation’s cyber defense agency will embark on a cross-country listening tour to better understand what key stakeholders are hoping to see in new mandatory cyber incident reporting requirements featured in the recently-passed Cyber Incident Reporting for Critical Infrastructure Act of 2022.
Cybersecurity