Cybersecurity
Senate Committee Passes Major FISMA Changes—Including a New Definition of ‘Major Incident’
The Homeland Security and Governmental Affairs Committee also passed an incident reporting bill with increased liability protections for companies, drawing praise from industry.
Cybersecurity
DOJ to Hit Government Contractors with ‘Very Hefty Fines’ If They Fail to Disclose Data Breaches
Deputy Attorney General Lisa Monaco promised to use an existing law to go after contractors that don't follow required cybersecurity standards.
Cybersecurity
DHS adds cyber requirements for transportation industry
The Transportation Security Agency and the Coast Guard are getting increased authority over industry cybersecurity.
Cybersecurity
Deputy National Security Adviser Lays Out Goals for Upcoming 30 Nation Meeting on Ransomware
Top cyber officials highlighted the importance of defensive measures as lawmakers move on related initiatives, including a bill to identify systemically important critical infrastructure.
Emerging Tech
DHS Issues Roadmap to Help Organizations Prepare for Quantum Computing Threat
Officials say there’s a lot agencies and other entities should be doing, even though it may be more than a decade before a quantum computer can decode current levels of encryption.
Cybersecurity
FCC Issues Order on Security Reviews Ahead of U.S.-China Engagement
The commission’s new rule on foreign ownership and investment comes amid an industry call for international alignment on the use of voluntary standards to secure the supply chain of information and communications technology
Cybersecurity
FCC Renews Effort to Block Robocalls to 911 Call Centers
Under a proposed rule, voice service providers would cross reference autodialed calls with numbers on the do not call list to block any robocalls to emergency lines.
Cybersecurity
Bipartisan FISMA update drops
Leaders of the Senate Homeland Security and Government Affairs Committee introduced legislation on Monday to update the Federal Information Security Modernization Act to clarify the role of CISA in defending federal networks.
Cybersecurity
Tough conversations on ransomware ahead
The U.S. government, will have to start regularly having hard conversations "country to country" on state-sponsored cyberattacks, according to a top Defense Department official.
Digital Government
DOD Now Continuously Monitoring Clearance Holders’ Credit and Criminal Records
The long-awaited change to the background investigations process will flag concerning information for further investigation.
Ideas
5 Lessons Learned as the CISO for the U.S. Postal Service
Agencies cannot stop hackers from targeting them. But we can—and should—develop risk management strategies.
Cybersecurity
DHS faces uphill climb with financial systems modernization
The agency made some awards on a long-delayed financial management modernization effort earlier this month, but years of work awaits the agency on establishing an enterprisewide system.
Cybersecurity
FCC Working on Rule for Wireless Carriers to Avert SIM Swap Fraud
More than a year after lawmakers requested such action to protect consumer data and national security, the commission’s move could help to stop hackers undermining multifactor authentication.
Ideas
Prioritizing Breach Prevention for a Secure Government
A more secure government happens when hackers are stopped before they can touch critical data and systems—when a breach is prevented, not mitigated.
Cybersecurity
White House Announces 7 TMF Awards with Big Focus on Zero Trust
Half of the awards announced publicly went to zero trust cybersecurity projects, with no funding going directly to pandemic response tech. One project remains classified.
Cybersecurity
Cyber EO compliance is a full-time job
Unified security controls, supply chain security, zero trust and smart procurement decisions are all pieces of the puzzle.
Cybersecurity
7 new TMF awards include one classified project
The awards focus on zero trust and include a major investment in the Login.gov federal digital identity solution.
Cybersecurity
NSA Cyber Chief Warns Hackers Increasingly Use Commercial Tools to Stay Hidden
Advanced persistent threat actors are becoming harder to spot and making attribution more difficult.
Digital Government
After 3 Years, Key IRS Systems Still Aren’t Properly Encrypted
The inspector general attributed the delays in the agency’s data at rest encryption program to additional mandates and poor adherence to program management best practices.
Cybersecurity