Cybersecurity
CISA Director Details Growing Threat to Maritime Transportation Sector
Cybersecurity professionals are noting the possibility of Russia reprising a watershed attack on the shipping industry to hit back against the U.S. economy.
Policy
Zoom's New Security Authorization Might Soon Mean Expanded Use by Defense Components
A large number of entities were awaiting this fresh approval, a senior official confirmed.
Cybersecurity
White House Warns of Potential Russian Cyberattack Based on New Intel
Officials, distressed by the continued lack of cybersecurity basics implemented in the private sector, issued “a call to action.”
Cybersecurity
Navy to Explore Land to Sea Cyber Defense Technology in Upcoming Exercise
Proposals are due later this month for the event, which will unfold starting September 6.
Cybersecurity
CISA, FBI Warn of Russian Threat to Satellite Networks
Organizations are asked to report incidents they might ordinarily consider inconsequential to the government.
Cybersecurity
Financial Regulator Says Use of Crypto Helps—not Hurts—Ransomware Investigations
Senators left and right are using the Colonial Pipeline hack and Russia’s invasion of Ukraine as reasons to both regulate and avoid regulating cryptocurrencies.
Cybersecurity
Cybersecurity Leader: Deterrence Policy for Hacks Can’t Mirror That for Nukes
The Cyberspace Solarium Commission emerged due to the late John McCain’s frustration with current U.S. doctrine on what should trigger a “use of force.”
Cybersecurity
NIST Releases Guidance for Assessing Compliance with Core Cybersecurity Publication
The document is targeted at auditors—internal and external to an organization—who are set to play a central role in cybersecurity policy under a May executive order and initiatives like the Pentagon’s Cybersecurity Maturity Model Certification program.
Cybersecurity
Senator Touts Liability Protections in Recently Passed Cyber Incident Reporting Bill
Agencies designated for managing risk in particular sectors have work ahead of them to hammer out details with the Cybersecurity and Infrastructure Security Agency.
Cybersecurity
FCC seeks comments on internet traffic routing risks
The Border Gateway Protocol traffic routing system dates back to an era of high trust between networks on the internet but now poses risks.
Cybersecurity
Senators Ask DHS for Strategy to Protect U.S. Critical Infrastructure from Russia
They also raised a series of questions about modern cyber and disinformation threats.
Cybersecurity
Army Sees Results as it Continues to Expand its Data-Driven Tools and Cloud Ecosystem
A senior official shed light on progress the branch is making in its modernization pursuits.
Emerging Tech
Smart Devices Spy on You—2 Computer Scientists Explain how the Internet of Things can Violate Your Privacy
From home appliances to your vehicle, something's always watching you.
Cybersecurity
Outgoing Official Pushes for CISA Shift from Risk Advisor to Risk Reducer
After almost a decade and a series of massive intrusion campaigns, government and industry may finally be ready to have the crucial talk about cybersecurity metrics they’ve been avoiding.
Cybersecurity
Education's CISO Anticipates FedRAMP Evolution for ‘Zero-Trust’ Alignment
The Education Department’s Chief Information Security Officer co–chairs the Federal CISO Council, a channel for the administration’s implementation of Executive Order 14028.
Cybersecurity
Federal Agencies Lean On Multifactor Authentication As Key Security Component
Public sector officials discussed how strong identity verification technology plays a key role in supporting agency collaboration and data protections.
Cybersecurity
Cyber-Incident Reporting Legislation Clears House in Bipartisan Spending Bill
The bill, attached to government funding legislation, now moves to the Senate, which recently passed the same incident reporting provisions separately by unanimous consent.
Cybersecurity
More Than 80% of Cyberattacks Worldwide Happening in Russia or Ukraine
Cyber activity is focused heavily on eastern Europe.
Cybersecurity
SEC proposes mandatory breach reporting for publicly traded companies
The Securities and Exchange Commission is proposing new rules requiring companies to disclose to investors material cybersecurity incidents within four business days.
Cybersecurity