Cybersecurity
Feds Step Up Cybersecurity Support for State Governments
Forty-two advisers have been appointed or are in the process, with eight states still needing federal-level coordinators.
Cybersecurity
Watchdog Security Reviews Not Guaranteed in FedRAMP Revamp
Legislation recently clearing a key Senate committee stops short of requiring the Government Accountability Office to review vendors’ encryption practices and supply chains.
Ideas
The Top Challenges to Zero Trust Adoption Facing Government Agencies
Officials must overcome legacy tech and dated requirements.
Cybersecurity
US Still Lacks Federal Cyber Strategy After Decades of Attempts
The United Kingdom, meanwhile, recently updated its approach, crediting strong regulatory measures with significant cyber-risk reduction over recent years.
Cybersecurity
The legacy of the Cyberspace Solarium Commission
The Cyberspace Solarium Commission is officially sunsetting after more than two years, dozens of recommendations and a slew of legislative changes. But since there’s more to be done, the panel is rebooting its efforts as a non-profit.
Ideas
Modernizing Federal Cybersecurity Must Go Beyond Nation-State Defense
Insider risk can’t be overlooked.
Cybersecurity
Report: Legacy Equipment Puts Telehealth Consumers’ Data At Risk
Telehealth services have expanded exponentially over the course of the pandemic due in part to the Trump administration’s decision to relax enforcement of the industry’s privacy regulations.
Cybersecurity
What Is Log4J, How Bad It Is and What’s at Stake?
Log4Shell is the latest hacker exploit rocking the internet, and it’s arguably the worst yet. The vulnerability is in an obscure piece of software used on millions of computers.
Cybersecurity
Biden Signs NDAA Relying on Voluntary Private-Sector Cybersecurity Collaboration
Major breaches over the past year were a double-edged sword in efforts to pass a crucial mandatory reporting measure that didn’t make it into the ‘must-pass’ legislation despite bipartisan support, according to key lawmakers.
Ideas
The Implications of Publicly Disclosing Cyberattacks
Officials must weigh the benefits and risks on a case-by-case basis.
Cybersecurity
Federal CISO Clarifies Support for a Standard that Could Make Passwords History
The cryptographic protocol is at the heart of a ‘zero trust’ proposal pioneered by Google that has a fan base within the federal government.
Cybersecurity
CISA, FBI issue new guidance on addressing Log4j risks
The Cybersecurity and Infrastructure Security Agency and its partners are providing new ways to identify Log4j risks and mitigate possible exploitation.
Cybersecurity
SOC Leaders and Employees Aren’t on the Same Page
Lack of shared recognition of problems increases the pain, according to a new survey.
Cybersecurity
CMMC assessments could resume in January
The governing body responsible for implementing the Defense Department’s unified cybersecurity program for contractors expects security procedures for authorized third party assessors to start back up in early 2022. But DOD has the final say on the timeline.
Cybersecurity
Agencies Under New Deadlines to Address ‘log4j’ Flaws with Emergency Directive
The Cybersecurity and Infrastructure Security Agency order comes as a prominent firm says nation states are exploiting the vulnerabilities.
Cybersecurity
CISA issues emergency directive to patch Log4j flaw
The Cybersecurity and Infrastructure Security Agency released an emergency directive on Friday ordering all federal agencies to take immediate action against a critical security flaw with potential long-term consequences for public and private infrastructure.
Cybersecurity
NSA, CISA, Add Original Equipment Manufacturers to Audience for 5G Security Guidance
The agencies got specific about who is responsible for what in a four-part series on securing the inherently cloud-based environments.
Cybersecurity
Senate passes 2022 defense authorization bill
The Senate passed the 2022 National Defense Authorization Act, 88-11, authorizing $740 billion for Defense Department spending, and $28 billion for other national security programs.
Cybersecurity
Senators Ready to Write Clarifying Legislation to Maintain U.S. Leadership in Crypto
Stakeholders fear an overly broad application of the tax provisions beyond virtual currency exchanges.
Emerging Tech