Cybersecurity
NIST Seeks Feedback on Cybersecurity Labels for Software
The effort aims to create a user-friendly label to educate consumers about their purchases.
Cybersecurity
CISA chief tees up cyber directives for the water and chemical sectors
CISA Director Jen Easterly said new directives for the water and chemical industries were coming soon in the wake of the passage of the $1.2 trillion Infrastructure Investment and Jobs Act, which includes cybersecurity requirements for public water systems.
Cybersecurity
Facebook Can Sue Israel’s NSO Group, Appeals Court Says
The case against the NSO Group appears to scratch the surface of problematic commercial hacking tools sold at arms markets, which the U.S. government has only just begun trying to control.
Cybersecurity
U.S. Government Acts Against Alleged REvil Hackers
The Justice Department announced two indictments while the State Department offered $10 million for information on other conspirators.
Cybersecurity
OMB official reviews progress six months after the cyber EO
A federal official overseeing the implementation of the cybersecurity executive order signed in May said many agencies have met its aggressive deadlines so far.
Cybersecurity
White House Highlights Cybersecurity Benefit in Infrastructure Package
Along with more than $1 trillion in funding, the House-passed bill moves to the president’s desk with new authorities for relevant agencies and officials.
Cybersecurity
Incident Reporting Legislation Moves Enforcement Power from CISA Director
The bipartisan measure introduced as an amendment to the National Defense Authorization Act makes other significant changes to legislation introduced in September.
Cybersecurity
Officials: Cybersecurity Mandates Are important But Don’t Address Funding Needs
A panel of federal CIOs and CISOs lauded recent cybersecurity mandates as important, but noted conflicting priorities and lack of funding is causing issues.
Cybersecurity
Small Financial Institutions Say They’re Getting Squeezed by Others’ Bad Cybersecurity Practices
Representatives from small banks and minority financial institutions told Congress they need help in the form of better, streamlined regulation.
Cybersecurity
$500 million for TMF, other tech added to Build Back Better
Governmentwide technology modernization appropriations are back in the Biden administration's signature Build Back Better legislation, but the timing of a vote remains unclear.
Cybersecurity
DOD Suspends Cybersecurity Certification Program Pending Major Changes
The Pentagon outlined the changes ahead for its Cybersecurity Maturity Model Certification program with two new rulemaking processes.
Cybersecurity
DOD revamps controversial CMMC program
After a nine-month review, the Defense Department is replacing its original cyber compliance program for the industrial base with CMMC 2.0, putting more emphasis on self-assessment.
Digital Government
Republican Senators Question the Security of Collecting Health Information from Airline Passengers
A group of Republican senators raised concerns over the CDC’s new order requesting select data from airline passengers to track the spread of COVID-19.
Cybersecurity
U.S. Blacklists NSO Group and 3 Others for Selling Spyware, Hacking Tools
The Commerce Department says the companies—three from allied nations—acted against U.S. national security interests.
Modernization
What Google’s New Cloud Security Authorizations Mean for Its Government Customers
Company officials called the updates the result of a significant engineering effort.
Cybersecurity
Former Microsoft exec DelBene tapped for top tech job at VA
Kurt DelBene, a former senior executive at Microsoft and husband of a Democratic congresswoman, is being tapped by the Biden administration to serve as CIO of the Department of Veterans Affairs.
Cybersecurity
CISA orders civilian agencies to fix known flaws in six months
The binding operational directive issued Nov. 3 requires federal agencies to remediate known exploited vulnerabilities on their networks under specific timeframes is also intended to serve as guidance for the private sector and state and local governments.
Cybersecurity
CISA Orders Agencies to Patch Hundreds of Vulnerabilities Under Attack
Remediation of more than a third of the bugs the agency identified is due within two weeks.
Modernization
Building a Cloud-Savvy Workforce May Mean Rethinking Degree Requirements
Government and industry officials question how they can keep cloud positions filled when they require various degrees and certifications.
Ideas