Cybersecurity
CISA alerts on NSA-discovered Windows 10 flaw
Attackers could use the vulnerability to trick users into installing "updates" from trusted parties that are actually malware.
Cybersecurity
Cyber Solarium to back CISA as the lead response agency
Leveling up CISA and CyberCom and streamlining Congressional jurisdiction will be among the recommendations issued in an upcoming report from the Cyberspace Solarium Commission.
Cybersecurity
CISA cautions on Iran threats
U.S. officials and cybersecurity experts are concerned that Iranian reprisals for the killing of Soleimani could take the form of attacks on U.S. networks or critical infrastructure.
Cybersecurity
Killing of Iranian general spurs concern about cyber retaliation
Iran has threatened to respond to the targeted killing of senior general Qassem Soleimani, and analysts say the goal will be to punish the U.S. by targeting its IT and critical infrastructure while avoiding traditional military conflict.
Cybersecurity
Privacy assessment finds risk with CDM shared service platform
An updated assessment from the Department of Homeland Security finds that a shared services platform designed to help smaller agencies use the Continuous Diagnostics and Mitigation program brings with it new but manageable privacy risks.
Cybersecurity
Government information sharing efforts remain a mixed bag
The rollout of a new tool in 2017 has improved information sharing across the federal government, but other once promising programs are withering on the vine.
Cybersecurity
Security researchers seek clarity on legal protections in CISA vulnerability disclosure directive
Some notable names in the security research community have already weighed in on a draft order directing federal agencies to set up their own vulnerability disclosure programs.
Cybersecurity
Cyber report heads to White House with request for new commission
Several members of CISA leadership expressed agreement with the goals laid out in the report to secure critical infrastructure, but they stopped short of endorsing plans for new government bodies.
Cybersecurity
Senate's CISA subpoena bill adds privacy protections to DHS proposal
The draft legislation would require DHS to set up internal protocols to document and justify how it uses the authority and report to Congress on its effectiveness.
Cybersecurity
CISA subpoena bill set to land
The legislation will make a number of changes from a proposal submitted by DHS, narrowing the scope of the authorities to critical infrastructure IT and only for cybersecurity purposes.
Cybersecurity
Report: aviation industry playing catch up on cybersecurity
A new report from the Atlantic Council argues that aircrafts have become highly complex, "flying data centers," but the industry and government are behind on protecting them from cyber threats and sabotage.
Cybersecurity
Advisory group looks to redesign federal cyber response
The National Infrastructure Advisory Council wants new agencies to tackle "existential" cyber threats.
Cybersecurity
With U.S. cyber policy, clear lanes still hard to come by
The elevation of CISA and maturation of Cyber Command have clarified "big picture" responsibilities for the U.S. government's cyber mission, but private-sector coordination remains a question mark.
Cybersecurity
CISA rolls out post-election audit tool for 2020
The software, Arlo, is an open source tool and election officials from Pennsylvania, Michigan, Missouri, Virginia, Ohio and Georgia have all signed on thus far.
Cybersecurity
Manfra announces plans to step down from CISA
One of the federal government's top cybersecurity officials announced she would be stepping down at the end of the year.
Cybersecurity
DHS wants better coordination on ICS security
A top cyber official at the Department of Homeland Security said the agency is looking across industrial sectors and federal agencies when it comes to protecting critical infrastructure from cyber and physical threats.
Cybersecurity
Rip and repay?
The federal government is pushing U.S. telecoms to take out gear from Huawei and other Chinese companies that may threaten their networks, but who is going to pay for the work?
Cybersecurity
Rogers warns on 'stovepiped' cybersecurity
The ranking member of the House Homeland Security Committee said agencies should be coordinating their cybersecurity efforts under CISA's direction and leadership.
Cybersecurity
Industry seeks more liability protections for threat info
Commercial providers of technology and infrastructure want more federal protection to share specific cyber threat information about risky products and services.
Cybersecurity