Cybersecurity
Senate adjourns without confirming CISA director
Sean Plankey’s nomination faltered as lawmakers ran out the clock after a tumultuous year of workforce reductions. The cyberdefense agency enters the new year without a permanent leader as the White House finalizes a sweeping national cyber strategy.
Ideas
Three moves that can jumpstart cyber modernization — even wthout a full budget
COMMENTARY | You don’t need a billion-dollar overhaul to modernize cybersecurity. Lou Eichenbaum shares three quick wins and three long-term priorities that agencies can act on, even with limited budgets.
Ideas
The cyberwarfare landscape is changing — here’s how to prepare
COMMENTARY | Entering 2026, cyberattack targets and tactics are poised to shift from perpetuating fraud and theft to societal disruption.
Cybersecurity
Sen. Cotton urges top White House cyber official to protect open-source software
A letter from the chairman of the Senate Intelligence Committee cites previous Nextgov/FCW reporting about a potential Russian backdoor into a Defense Department software suite.
Ideas
Cybersecurity 101: Why it’s time to rethink what we think we know
COMMENTARY | Cybersecurity isn’t about eliminating risk. It’s about managing it wisely.
Cybersecurity
China is using advanced ‘Brickstorm’ malware against government and IT orgs, US assesses
The malware was detected in the recently disclosed breach of F5, an application delivery and security provider.
Cybersecurity
New bill proposes government-wide processes to attribute, sanction hackers
The measure would permit “robust sanctions against designated actors, including asset blocking, financial restrictions, export controls, procurement prohibitions, visa bans and suspension of assistance.”
Cybersecurity
Senators expect 10-year extension of cyber data-sharing law in future budget package
The Cybersecurity Information Sharing Act of 2015 got a temporary reprieve after the government reopened this month, but it risks lapsing again at the end of January.
Cybersecurity
National cyber strategy coming ‘as quickly as possible,’ official says
“It’s going to be a short statement of intent and policy, and then it will be paired very quickly with action items and deliverables under that,” National Cyber Director Sean Cairncross explained.
Cybersecurity
Dem lawmakers renew calls for release of delayed telecom security report
In a letter to DHS and ODNI, Sens. Ron Wyden of Oregon and Mark Warner of Virginia said the release of a 2022 report detailing cyber vulnerabilities in the U.S. telecommunications sector is “critically important to U.S. national security.”
Cybersecurity
Bill to end shutdown includes temporary cyber info-sharing law extension
The Cybersecurity Information Sharing Act of 2015 expired when the government’s calendar reset without a funding package for FY 2026.
Cybersecurity
CBO systems accessed in ‘security incident’ possibly tied to foreign hackers
The office estimates the cost and economic impact of proposed legislation and helps forecast federal spending, revenues, deficits and debt.
Cybersecurity
AI has leveled the field between cybercriminals and nation-state hackers, FBI official says
The FBI is slower to adopt AI tools due to the sensitive nature of the data that it works with, Brett Leatherman, the FBI Cyber Division head, said.
Cybersecurity
UN cybercrime treaty enables authoritarian regimes, top think tank argues
The agreement is scheduled to be signed in Vietnam next week, but the concept has raised concerns for some time.
Cybersecurity
US cyber policy goals have regressed during Trump 2.0 in ‘unprecedented setback,’ landmark report says
Cuts to various agencies and the politicization of disinfo-tracking work have slowed implementation goals set out five years ago by a congressionally authorized cybersecurity policy group.
Cybersecurity
CISA orders government to patch F5 products after ‘nation-state’ cyber intrusion
“This cyber threat actor presents an imminent threat to federal networks using F5 devices and software,” CISA’s directive says. China-linked hackers previously exploited F5 vulnerabilities.
Cybersecurity
Multiple CISA divisions targeted in shutdown layoffs, people familiar say
CISA units including its Stakeholder Engagement division are believed to have been hit. A DHS spokesperson said that the RIFs are meant to help get CISA “back on mission.”
Ideas
Risks of cyber fraud allegations remain high for companies subject to government requirements
COMMENTARY | Stricter government cybersecurity requirements present elevated risk to companies due to increased enforcement pressure and additional bases for allegations of cybersecurity fraud.
Cybersecurity
Senator makes new attempt to extend cyber info-sharing law by 10 years
Sen. Gary Peters, D-Mich., said he’s spoken directly with Senate Majority Leader John Thune, R-S.D., about renewing the 2015 Cybersecurity Information Sharing Act, which lapsed when the government shut down.
Cybersecurity