Cybersecurity
Biden Official Endorses Effort to Move Pipeline Cybersecurity Regulation to DOE
An emergency directive from the Transportation Security Administration following the Colonial Pipeline attack faced opposition from Senate Republicans after the industry complained they weren’t sufficiently consulted beforehand.
Cybersecurity
NSA to get binding operational directive authority under new cyber policy
A new memo signed by President Biden outlines how the May 2021 executive order on cybersecurity applies to national security systems.
Cybersecurity
DISA leans on training collaboration, academic partnerships to build future workforce
The Defense Department's IT agency says "collaborative environment" at U.S. Cyber Command's Dreamport has been key for tech workforce development.
Cybersecurity
Big Tech Anxious About Commerce Plan to Secure Supply Chains from Foreign Influence
Comments an association of industry giants made on a notice of proposed rulemaking from the Commerce Department come amid multiple government efforts to reduce cybersecurity risks in globally produced information and communications technology.
Cybersecurity
Biden Official Credits Diplomacy With Russia for Arrest of Colonial Pipeline Hacker
A senior administration official disassociated the move from tensions between the U.S. and Russia amid a build-up of Russian troops near Ukraine and an unattributed cyberattack on the country’s government websites.
Ideas
3 Strategies for Securing the Supply Chain, Security’s Weakest Link
Today, no vendor or agency is safe—and just as importantly, no single organization can address all these threats independently.
Cybersecurity
Is there a path forward in Congress for mandatory cyber incident reporting?
A group of lawmakers is seeking legislation that would require private companies to report cyber incidents and ransomware attacks to the Cybersecurity and Infrastructure Security Agency, despite their efforts being derailed late last year.
Cybersecurity
FBI Officials Clarify What the Bureau Wants in Cyber Incident Reporting Bill
However the legislation is eventually passed, CISA plans to share reports with the FBI and other agencies, a Homeland Security official said.
Cybersecurity
Defense officials press lawmakers for a 2022 appropriation
Defense officials warned lawmakers that some programs and tech efforts could be delayed or eliminated if Congress fails to pass a 2022 defense spending bill soon.
Cybersecurity
FCC Chair Proposes Updating Data Breach Reporting Requirements
The Commission is still waiting for an empty chair to be filled as observers call for a vote on Biden nominee Gigi Sohn.
Cybersecurity
Pentagon Moves to Improve its Cybersecurity-Centered Engagement with Universities
A new consortium aims to enable deeper collaboration on digital challenges.
Cybersecurity
Why self-sufficiency is key to fostering data literacy in the Air Force
The Air Force wants to improve data literacy and culture, so it's creating a cadre of "citizen analysts" and communities of interest to build and then spread their knowledge.
Cybersecurity
House FISMA Reform Would Empower Federal CISO With Budgeting Authority
Corresponding Senate legislation doesn’t mention the federal chief information security officer but shares other key elements—including a shorter incident reporting window—with a discussion draft issued by the House Oversight and Reform Committee.
Cybersecurity
House FISMA draft codifies federal CISO role, looks to shared services
The House Oversight Committee is considering the first updates to the Federal Information Security Modernization Act in seven years, amid increasingly sophisticated cyber risks and threats.
Cybersecurity
NSA, CISA, FBI Issue Joint Advisory Against Russian Hackers Amid Growing Tensions
The warning comes as a military build-up occurs at the Russian-Ukrainian border.
Digital Government
Newly Uncovered Emails Intensify Republican Senator's Unease About DOD’s Cloud Contracts
A senior senator continued a back-and-forth with auditors over the Defense Department's now-canceled JEDI contract.
Cybersecurity
NIST Updates Cybersecurity Engineering Guidelines
Amid constant cybersecurity threats, NIST added more insight for engineers and programmers on how to mitigate system vulnerabilities.
Cybersecurity
How the Log4j Vulnerability is Forcing Change in Federal Cybersecurity Policy
Officials say agencies have demonstrated more dedication than ever in addressing a bug with astronomical reach, but organizations are at the mercy of product vendors to issue the patches they need to implement.
Cybersecurity
NGA looks to tech to support unclassified workforce
The National Geospatial-Intelligence Agency is looking to the future with plans to accommodate uncleared employees and to be prepared for "a changing world environment that we don't anticipate," said Mark Andress, the agency's CIO.
Cybersecurity