Cybersecurity

CMS Subcontractor Breach Potentially Exposes Sensitive Data of 254,000 Customers

The Centers for Medicare and Medicaid said the breach involved a subcontractor that appears to have violated its obligations to the agency.

  • By Mariam Baksh
Emerging Tech

More States Move to Ban TikTok from Government Devices

Maryland joined South Dakota in announcing a ban on state employees or agencies from using the app on government-issued devices, while South Carolina asked for it to be blocked.

  • By Chris Teale, GCN
Cybersecurity

Preparations for Quantum Cyber Threat Get a Senate Boost

The bill would require an annual report to Congress from the Office of Management and Budget with the goal of identifying funding needed for agencies’ transition to post-quantum cryptography.

  • By Mariam Baksh
Ideas

Darknet Markets Generate Millions in Revenue Selling Stolen Personal Data, Supply Chain Study Finds

Darknet hackers aren't slowing down.

  • By C. Jordan Howell and David Maimon, The Conversation
Podcasts

Critical Update: A Technical Farewell and the ‘Emergiest’ News of 2022

Nextgov reporters say goodbye to 2022 … and to Critical Update.

  • By Aaron Boyd
Cybersecurity

TSA Considers Using Third-Party Assessors in Coming Pipeline Regulations

The agency is exercising its authority to regulate pipelines and railways after issuing a series of short-term emergency security directives.

  • By Mariam Baksh
Podcasts

Critical Update: Safeguarding Data From Outside Intrusion

The VA is in the process of implementing a zero-trust cybersecurity model to better secure veterans’ sensitive personal data.

  • By Edward Graham
Cybersecurity

CISA Seeks Information for Potential Cyber Threat Intelligence Platform

The request will help the agency develop the platform to address current challenges related to cyber threat intelligence.

  • By Kirsten Errick
Cybersecurity

Offshore Drilling Operations Vulnerable to Cyberattacks, Watchdog Warns

The Government Accountability Office made a new case for improving the cybersecurity safeguards within offshore drilling and natural gas facilities. 

  • By Alexandra Kelley
Cybersecurity

Agencies Push Deadline to Comment on Would-Be Federal Cyber Insurance Program

Insurance companies are pushing for taxpayer assistance to provide coverage in the event of catastrophic incidents.

  • By Mariam Baksh
Cybersecurity

Big Tech Tells CISA to Exempt Third-Party Providers from Incident Reporting Rule

Major industry groups clashed on how CISA should define key terms in its rulemaking process to implement the federal incident reporting law.

  • By Mariam Baksh
Cybersecurity

Iranian Hackers Compromised a Federal Agency’s Network, CISA and FBI Say

Actors linked with the Iranian government were able to exploit an unpatched Log4Shell vulnerability—which the Cybersecurity and Infrastructure Security Agency asked agencies to address by the end of 2021—in an unnamed agency’s network.

  • By Edward Graham
Cybersecurity

DOD Must Enhance Cyber Incident Reporting and Sharing, Watchdog Says

The Government Accountability Office found that the Pentagon “lacks an accountable organization and consistent guidance” for documenting and sharing details about reported cyber incidents.

  • By Edward Graham
Cybersecurity

China’s Cyber Capabilities ‘Pose a Serious Threat’ to US, Advisory Panel Warns

The panel’s report also called for the Biden administration to consider revoking China’s status as a favored trading partner if a congressional review finds that Beijing is not complying with its commitments.

  • By Edward Graham
Cybersecurity

NIST Official Warns Against Device-only Approach to Securing IoT

Federal agencies’ implementation of NIST’s guidelines on the issue—under direction from Congress—is coinciding with industry resistance to the comprehensive approach stakeholders agree is necessary.

  • By Mariam Baksh
Cybersecurity

No ‘Specific or Credible’ Cyber Threats Affected Integrity of Midterms, CISA Says

Despite “a handful” of DDoS attacks targeting state and local election websites and some technical glitches affecting voting equipment, CISA says it saw “no activity” that should undermine faith in the results of the midterm elections.

  • By Edward Graham
Cybersecurity

CISA Leaning Toward Lower Threshold for Mandatory Cyber Incident Reporting

The agency has started to receive feedback from some key stakeholders for its rulemaking process on the issue.

  • By Mariam Baksh
Cybersecurity

Experts Weigh in on Strengths and Vulnerabilities of Election Cybersecurity

Both voting systems and the voters themselves could be targets of malign influence.

  • By John Breeden II
Cybersecurity

Russia Linked to Nearly 75% of Late 2021 Ransomware Attacks, Per Analysis

The analyzed ransomware variants—from July to December 2021—amounted to millions of dollars in damages.

  • By Alexandra Kelley
Cybersecurity

Public Entities in Nearly Every State Use Federally-Banned Foreign Tech, Report Says

A new report from Georgetown University’s Center for Security and Emerging Technology found that at least 1,681 state and local governments purchased equipment from five Chinese companies that were banned by the federal government between 2015 and 2021.

  • By Edward Graham
Previous
Next