Cybersecurity
Report: Fostering a diverse cybersecurity workforce
Experts at an Aspen Institute event explained some roadblocks to cultivating a diverse cybersecurity workforce and offered potential solutions, including putting less reliance on formal certification.
Cybersecurity
Chris Inglis scopes out cyber turf
The newly installed National Cyber Director offered his take on the roles and responsibilities of his office, the Cybersecurity and Infrastructure Security Agency, the National Security Council and agency IT and security operations in responding to federal cyber incidents.
Cybersecurity
White House hits the gas on zero trust
Newly released strategy and technical guidance documents covering zero trust and cloud security are open for comment as part of a federal push to improve federal government cybersecurity.
Cybersecurity
House panel mulls mandatory disclosure bill
Industry reps at a hearing of the House Homeland Security Committee were supportive of new requirements to report hacks, but want more clarity on how to report and what constitutes a covered incident.
Acquisition
Christopher Krebs: Truth and consequences
Krebs spent 2020 working furiously to ensure the integrity of our elections, while also ensuring that ransomware, software supply-chain vulnerabilities and a range of other rapidly escalating risks didn't cripple government operations or the nation's critical infrastructure.
Cybersecurity
DHS stands up new excepted service for cyber talent
The new human resources system, which is launching seven years after legislation authorizing special pay for cybersecurity specialists, is a complete move away from traditional federal HR practices, the agency said.
Cybersecurity
New Solarium report highlights policy strides, funding stumbling blocks
Much of the Cyberspace Solarium Commission's recommendations are "on track" to being implemented, but funding issues loom for some.
Cybersecurity
Agency zero trust does not start from point zero
The good news is that consistent IT policy spanning previous presidential administrations has allowed the federal government to slowly put the necessary building blocks in place for the inevitable zero trust architecture journey.
Cybersecurity
CISA launches new initiative to combat ransomware
The Joint Cyber Defense Collaborative (JCDC) will allow the federal government and corporate partners share information to combat ransomware.
Cybersecurity
New report details America's water infrastructure cyber vulnerabilities
Water utilities across the country are plagued by a lack of cybersecurity funding and qualified personnel, a ThreatLocker report warns, as officials work to create new guidelines on securing critical infrastructure.
Cybersecurity
CISA debuts vulnerability disclosure platform
Federal civilian agencies can tap a bug reporting system fielded as a shared service by the Cybersecurity and Infrastructure Security Agency to gather information on potential website and software vulnerabilities.
Cybersecurity
DHS recent hiring sprint shows promise, but lawmakers still see gaps in the federal cybersecurity workforce
The federal government continues to face challenges in recruiting a skilled cybersecurity workforce, amid heavy private sector demand and obstacles built into the hiring process, but there are some recent signs that longstanding efforts to improve the situation are starting to pay off.
Cybersecurity
Senate breach disclosure bill targets agencies, contractors, infrastructure
A bipartisan bill introduced by the leaders of the Senate Intelligence Committee sets up a 24-hour deadline for infrastructure operators, federal contractors and federal agencies to report confirmed cybersecurity breaches and ransomware attacks.
Cybersecurity
TSA imposes new cyber rules on pipeline operators
The new mitigation requirements come as the U.S. attributes a past effort to hack U.S. pipeline infrastructure to a Chinese state-sponsored group.
Cybersecurity
DHS workforce sprint brings in nearly 300 cyber employees
Cybersecurity vacancies totaled about 2,000 at the start of the hiring sprint in May.
Cybersecurity
CISA predicts cyber EO will drive progress on zero trust
Most agencies are just getting started creating plans around zero trust, but tight deadlines featured in President Joe Biden's cybersecurity executive order and a wave of new guidance, may speed up implementation across the entire government.
Cybersecurity
Hassan, Cornyn float bill to create new federal cybersecurity training programs
One part of the bill would create a pilot program to train vets to work in cybersecurity.
Cybersecurity
NIST defines 'critical software' under the cyber EO
The National Institute of Standards and Technology's new definition of "critical software" is foundational to new federal efforts to exert more control over the code supply chain.
Cybersecurity
CISA still in the dark about agency network defense plans
In the wake of the SolarWinds campaign, the agency in charge of federal agency cyber defense acknowledges some gaps in both its data collection and network monitoring capabilities.
Cybersecurity