Cybersecurity

FISMA Bill Drops in House Amid Confusion Over Federal CISO Role

Rep. John Katko is continuing a campaign to make the Cybersecurity and Infrastructure Security Agency a central Chief Information Security Office—or CISO— for federal civilian agencies.

Cybersecurity

Ransomware to overtake phishing as top cause for data compromises, report says

A new report says 2021 set a record for data breaches, but increasingly notifications to victims and authorities often lack transparency, hindering investigations.

Cybersecurity

NSA: Securing Cloud-Related PDFs Shouldn’t Mean Sacrificing Usability

The rise of editable Portable Document Files created a new avenue for attackers, but the right configuration can protect most systems without compromising functionality, NSA says.

Cybersecurity

Air Force secretary talks acquisitions, JADC2

Air Force Secretary Frank Kendall said he wants to focus on operational payoffs when it comes to the services programs, particularly the Air Force's contribution to Joint All Domain Command and Control called the Advanced Battle Management System.

Cybersecurity

Biden Official Endorses Effort to Move Pipeline Cybersecurity Regulation to DOE

An emergency directive from the Transportation Security Administration following the Colonial Pipeline attack faced opposition from Senate Republicans after the industry complained they weren’t sufficiently consulted beforehand.

Cybersecurity

NSA to get binding operational directive authority under new cyber policy

A new memo signed by President Biden outlines how the May 2021 executive order on cybersecurity applies to national security systems.

Cybersecurity

DISA leans on training collaboration, academic partnerships to build future workforce

The Defense Department's IT agency says "collaborative environment" at U.S. Cyber Command's Dreamport has been key for tech workforce development.

Cybersecurity

Big Tech Anxious About Commerce Plan to Secure Supply Chains from Foreign Influence

Comments an association of industry giants made on a notice of proposed rulemaking from the Commerce Department come amid multiple government efforts to reduce cybersecurity risks in globally produced information and communications technology.

Cybersecurity

Biden Official Credits Diplomacy With Russia for Arrest of Colonial Pipeline Hacker

A senior administration official disassociated the move from tensions between the U.S. and Russia amid a build-up of Russian troops near Ukraine and an unattributed cyberattack on the country’s government websites.

Ideas

3 Strategies for Securing the Supply Chain, Security’s Weakest Link 

Today, no vendor or agency is safe—and just as importantly, no single organization can address all these threats independently.

Cybersecurity

Is there a path forward in Congress for mandatory cyber incident reporting?

A group of lawmakers is seeking legislation that would require private companies to report cyber incidents and ransomware attacks to the Cybersecurity and Infrastructure Security Agency, despite their efforts being derailed late last year.

Cybersecurity

FBI Officials Clarify What the Bureau Wants in Cyber Incident Reporting Bill

However the legislation is eventually passed, CISA plans to share reports with the FBI and other agencies, a Homeland Security official said.

Cybersecurity

Defense officials press lawmakers for a 2022 appropriation

Defense officials warned lawmakers that some programs and tech efforts could be delayed or eliminated if Congress fails to pass a 2022 defense spending bill soon.

Cybersecurity

FCC Chair Proposes Updating Data Breach Reporting Requirements

The Commission is still waiting for an empty chair to be filled as observers call for a vote on Biden nominee Gigi Sohn.

Cybersecurity

Why self-sufficiency is key to fostering data literacy in the Air Force

The Air Force wants to improve data literacy and culture, so it's creating a cadre of "citizen analysts" and communities of interest to build and then spread their knowledge.

Cybersecurity

House FISMA Reform Would Empower Federal CISO With Budgeting Authority

Corresponding Senate legislation doesn’t mention the federal chief information security officer but shares other key elements—including a shorter incident reporting window—with a discussion draft issued by the House Oversight and Reform Committee.

Cybersecurity

House FISMA draft codifies federal CISO role, looks to shared services

The House Oversight Committee is considering the first updates to the Federal Information Security Modernization Act in seven years, amid increasingly sophisticated cyber risks and threats.