Cybersecurity

Incident Reporting Legislation Moves Enforcement Power from CISA Director

The bipartisan measure introduced as an amendment to the National Defense Authorization Act makes other significant changes to legislation introduced in September.

Cybersecurity

Officials: Cybersecurity Mandates Are important But Don’t Address Funding Needs

A panel of federal CIOs and CISOs lauded recent cybersecurity mandates as important, but noted conflicting priorities and lack of funding is causing issues.

Cybersecurity

Small Financial Institutions Say They’re Getting Squeezed by Others’ Bad Cybersecurity Practices

Representatives from small banks and minority financial institutions told Congress they need help in the form of better, streamlined regulation.

Cybersecurity

$500 million for TMF, other tech added to Build Back Better

Governmentwide technology modernization appropriations are back in the Biden administration's signature Build Back Better legislation, but the timing of a vote remains unclear.

Cybersecurity

DOD Suspends Cybersecurity Certification Program Pending Major Changes

The Pentagon outlined the changes ahead for its Cybersecurity Maturity Model Certification program with two new rulemaking processes.

Cybersecurity

DOD revamps controversial CMMC program

After a nine-month review, the Defense Department is replacing its original cyber compliance program for the industrial base with CMMC 2.0, putting more emphasis on self-assessment.

Digital Government

Republican Senators Question the Security of Collecting Health Information from Airline Passengers

A group of Republican senators raised concerns over the CDC’s new order requesting select data from airline passengers to track the spread of COVID-19.

Cybersecurity

U.S. Blacklists NSO Group and 3 Others for Selling Spyware, Hacking Tools

The Commerce Department says the companies—three from allied nations—acted against U.S. national security interests. 

Cybersecurity

Former Microsoft exec DelBene tapped for top tech job at VA

Kurt DelBene, a former senior executive at Microsoft and husband of a Democratic congresswoman, is being tapped by the Biden administration to serve as CIO of the Department of Veterans Affairs.

Cybersecurity

CISA orders civilian agencies to fix known flaws in six months

The binding operational directive issued Nov. 3 requires federal agencies to remediate known exploited vulnerabilities on their networks under specific timeframes is also intended to serve as guidance for the private sector and state and local governments.

Cybersecurity

CISA Orders Agencies to Patch Hundreds of Vulnerabilities Under Attack

Remediation of more than a third of the bugs the agency identified is due within two weeks. 

Modernization

Building a Cloud-Savvy Workforce May Mean Rethinking Degree Requirements

Government and industry officials question how they can keep cloud positions filled when they require various degrees and certifications.

Ideas

You Know How to Identify Phishing Emails

A cybersecurity researcher explains how to trust your instincts to foil the attacks.

Cybersecurity

TSA Considers Rulemaking Process for Cybersecurity in Transportation Sector

The announcement from a White House official follows pressure from industry and GOP lawmakers questioning the administration’s use of security directives to improve the sector’s cybersecurity.

Cybersecurity

Bill to Codify FedRAMP Set for Vote in Senate Committee

If passed, agencies would have to explain their reasons for rejecting previously authorized cloud products or services.

Cybersecurity

Zero-trust has a branding problem

A zero-trust approach to cybersecurity is intended to increase vigilance and minimize risk, but without the necessary context, the concept could raise discomfort or even hostility among federal workers.

Cybersecurity

Senate Republicans seek IG probe of TSA pipeline directives

Republican leaders on the Senate Homeland Security and Governmental Affairs Committee are calling for an inspector general probe into how the Transportation Security Administration developed its first ever pipeline-specific security directives.

Cybersecurity

Researchers Push FITARA-Like Scorecard for Cybersecurity

A recent MITRE report lays out eight ways the federal government can improve cybersecurity habits across all agencies, hinging on enhanced Congressional funding and oversight. 

Digital Government

Elections Officials Are Still Receiving Death Threats and Harassment About the 2020 Election. They’re Asking Congress For Help.

Three state and local election officials testified before a Senate committee about their terrifying experiences since last year’s election in support of proposed voting reform legislation.