Cybersecurity
New bill looks to centralize CISA's role in ICS threat response
Rep. John Katko (R-N.Y.) cited the recent cybersecurity incident at a water treatment plant in Oldsmar, Fla., as the impetus for the legislation.
Cybersecurity
House passes Rescue package with TMF funding
The $1.9 trillion bill is aimed at Americans suffering financial hardships from the pandemic, but in the federal IT community, the bill will be remembered for the dramatic expansion of the Technology Modernization Fund.
Cybersecurity
CISA: No federal agencies compromised by Exchange hack so far
Two seniors officials at the Cybersecurity and Infrastructure Security Agency told House lawmakers today the attacks in recent months demonstrate the fact the federal government "must raise our game" in cybersecurity.
Cybersecurity
Pentagon issues cyber tasking order in response to Exchange hack
The Pentagon's new order to its agencies and commands aligns with the recent emergency directive issued by the Cybersecurity and Infrastructure Security Agency.
Cybersecurity
Hafnium hack poses new long-term threat for already overtaxed cyber workers
Federal agencies still reeling from the effects of a massive hack involving SolarWinds may face a new challenge of evicting any adversaries that breached their networks through recently discovered vulnerabilities in Microsoft's Exchange software.
Cybersecurity
Why the network compass is obsolete
Old labels for network traffic are out of date with government users connecting from devices outside traditional perimeters, but TIC 3.0 offers a new map.
Cybersecurity
CISA orders agencies to disconnect Microsoft Exchange on-prem servers
The government's leading cybersecurity agency is ordering all federal civilian agencies to provide a status report on its usage of Microsoft Exchange products by noon on Friday.
Cybersecurity
When water utilities get hacked, who should they call?
In the wake of a cybersecurity breach at a public water system, lawmakers have begun questioning what rules are in place to govern those facilities' cybersecurity and what changes may be necessary.
Cybersecurity
Mandatory breach reporting bill on deck, lawmakers say
Congress could be poised to require companies to report hacks in the wake of the massive breach linked to vulnerabilities on SolarWinds' IT management software.
Cybersecurity
SolarWinds CEO: This could have happened to anyone
In what will be the first of several public appearances this week, Sudhakar Ramakrishna says his company will be transparent about the supply chain attack it suffered as a way to help other companies prepare for the next attack.
Cybersecurity
CISA eyes changes to combat future supply chain hacks
The acting director of the Cybersecurity and Infrastructure Security Agency today said his agency is looking various changes to protect federal networks in the wake of the massive breach discovered late last year.
Cybersecurity
Industry presses for tech funding in COVID relief amid Senate opposition
Several industry groups sent a letter to lawmakers last week urging them to include $10 billion for cybersecurity in the next coronavirus relief bill, however congressional backers of a tech push in the relief bill say that Senate opposition makes a big push unlikely to pass.
Cybersecurity
Krebs: More 'destructive,' 'brazen' attacks possible from Russia
The former CISA director's warning came during one of the first congressional hearings that largely focused on the SolarWinds Orion breach.
Cybersecurity
Does Einstein need a post-SolarWinds makeover?
A marquee program designed to protect the government against cybersecurity threats is facing new scrutiny in the wake of Solar Winds Orion breach, but analysts say the program was unlikely to have ever stopped the hacking campaign.
Cybersecurity
SolarWinds hack blights the Trump administration's cybersecurity record
The consequences of the SolarWinds Orion hack are far from clear, but analysts and lawmakers say that officials at CISA and NSA made notable strides to improve the government's cybersecurity posture.
Cybersecurity
Mayorkas calls for review of Einstein, CDM
The president-elect's nominee to lead the Department of Homeland Security said he will review the government's two major cybersecurity programs in the wake of the SolarWinds hack.
Cybersecurity
SolarWinds fallout makes secure communications a critical first line of defense
Crisis situations like this one can induce the fog-of-war and lead to tradeoffs during remediation. While we may not know the full extent of the damage for some time, as is always the case in an event like this, we need to stop the bleeding. We must not afford the adversary an easy path to more information.
Cybersecurity
Biden floats $9B boost to TMF as part of funding surge
The incoming Biden-Harris administration announced a $1.9 trillion "rescue" package to help Americans whose incomes have taken a hit from the pandemic, which includes a major uptick in technology spending to secure government systems and spur modernization.
Cybersecurity
Evanina: Number of known SolarWinds victims 'will continue to grow'
A top counterintelligence official today said the number of known federal agencies affected by the SolarWinds hack will likely to continue to rise beyond initial estimates.
Cybersecurity