Cybersecurity
TSA imposes new cyber rules on pipeline operators
The new mitigation requirements come as the U.S. attributes a past effort to hack U.S. pipeline infrastructure to a Chinese state-sponsored group.
Cybersecurity
DHS workforce sprint brings in nearly 300 cyber employees
Cybersecurity vacancies totaled about 2,000 at the start of the hiring sprint in May.
Cybersecurity
CISA predicts cyber EO will drive progress on zero trust
Most agencies are just getting started creating plans around zero trust, but tight deadlines featured in President Joe Biden's cybersecurity executive order and a wave of new guidance, may speed up implementation across the entire government.
Cybersecurity
Hassan, Cornyn float bill to create new federal cybersecurity training programs
One part of the bill would create a pilot program to train vets to work in cybersecurity.
Cybersecurity
NIST defines 'critical software' under the cyber EO
The National Institute of Standards and Technology's new definition of "critical software" is foundational to new federal efforts to exert more control over the code supply chain.
Cybersecurity
CISA still in the dark about agency network defense plans
In the wake of the SolarWinds campaign, the agency in charge of federal agency cyber defense acknowledges some gaps in both its data collection and network monitoring capabilities.
Cybersecurity
Survey: Many water utilities lack data on IT, OT assets
The new survey data from an information sharing and analysis center was published on the same day a news outlet reported a water treatment facility in California was easily breached by an individual who possessed a former employee's credentials.
Cybersecurity
DHS poised to remake federal hiring in September to confront cybersecurity gap
The Department of Homeland Security's Cybersecurity Talent Management System has been years in the making, but officials say it will finally come online this fall.
Cybersecurity
Warner previews breach notification bill
The chairman of the Senate Select Committee on Intelligence said he will introduce legislation to mandate that companies notify the government to major cybersecurity breaches, a promise several lawmakers have made this year.
Cybersecurity
Biden's top cyber nominees face the Senate as the country reels from cyberattacks
Jen Easterly, selected to head the Cybersecurity and Infrastructure Security Agency and Chris Inglis, the former National Security Agency deputy director picked to fill the new national cyber director role, faced lawmakers concerned about the spike in ransomware attacks.
Cybersecurity
Colonial Pipeline CEO talks ransom with lawmakers
House lawmakers on Wednesday were keen to ask Colonial Pipeline's chief executive officer what he knew about the ramifications of making a ransom payment and how it might affect the company's finances.
Cybersecurity
Colonial CEO defends $4.3M ransomware payment
Joseph Blount, the chief executive officer of Colonial Pipeline, on Tuesday defended the company's ransom payment to the criminal group Darkside and said Colonial is continuing to work with law enforcement and cybersecurity consultants to restore their business systems.
Cybersecurity
The group that hacked SolarWinds is out with a new campaign, Microsoft says
Microsoft said in a blog post the hackers behind SolarWinds are already advancing their tradecraft, and are impersonating a U.S. government agency as part of a global phishing campaign.
Cybersecurity
After Colonial attack, TSA issues new cyber regs for pipelines
DHS chief Alejandro Mayorkas cited the attack on Colonial Pipeline as the impetus for the new regulations.
Cybersecurity
DHS to issue new pipeline security regulations after Colonial attack
A Department of Homeland Security spokesperson said the new guidance for pipeline security will be issued in the coming days.
Cybersecurity
Connecting and supporting the post-pandemic workforce
After a year of emergency response, IT leaders are planning for a permanently changed operating environment.
Cybersecurity
Industry coalition asks appropriators to boost CISA funding
CISA received $650 million from the American Rescue Plan Act, but the agency's top officials have described that as only a "down payment" to move the government's cybersecurity efforts.
Cybersecurity
House advances cybersecurity bills in wake of pipeline company hack
Following a week filled with a devastating ransomware attack and a massive executive order to strengthen the federal government's networks, a House panel on Tuesday advanced several bills largely aimed at DHS and CISA.
Cybersecurity
Can NTSB-style oversight work for cybersecurity?
President Joe Biden's new cybersecurity executive order calls for a safety review board to examine the attack against SolarWinds as well as other significant cybersecurity incidents moving forward.
Cybersecurity