Cybersecurity
FISMA Bill Drops in House Amid Confusion Over Federal CISO Role
Rep. John Katko is continuing a campaign to make the Cybersecurity and Infrastructure Security Agency a central Chief Information Security Office—or CISO— for federal civilian agencies.
Ideas
Taking Control of Ransomware and Other Malware with a Zero-Trust Strategy
Antivirus, sandboxing and similar detection techniques can’t keep up. It’s time for agencies to transform their approach to thwarting malware.
Digital Government
Man Arrested For Alleged Exportation of Technology To Iran From U.S.
A dual American-Iranian citizen was arrested and charged with one count of conspiracy to illegally export technology and electronic equipment to Iran despite sanctions.
Digital Government
Congress Losing a Heavy Hitter on Cybersecurity
Rep. Jim Langevin, co-chair and founder of the House Cybersecurity Caucus, will not seek re-election.
Cybersecurity
Biden Official Credits Diplomacy With Russia for Arrest of Colonial Pipeline Hacker
A senior administration official disassociated the move from tensions between the U.S. and Russia amid a build-up of Russian troops near Ukraine and an unattributed cyberattack on the country’s government websites.
Ideas
3 Strategies for Securing the Supply Chain, Security’s Weakest Link
Today, no vendor or agency is safe—and just as importantly, no single organization can address all these threats independently.
Cybersecurity
FBI Officials Clarify What the Bureau Wants in Cyber Incident Reporting Bill
However the legislation is eventually passed, CISA plans to share reports with the FBI and other agencies, a Homeland Security official said.
Cybersecurity
NSA, CISA, FBI Issue Joint Advisory Against Russian Hackers Amid Growing Tensions
The warning comes as a military build-up occurs at the Russian-Ukrainian border.
Cybersecurity
NIST Updates Cybersecurity Engineering Guidelines
Amid constant cybersecurity threats, NIST added more insight for engineers and programmers on how to mitigate system vulnerabilities.
Cybersecurity
How the Log4j Vulnerability is Forcing Change in Federal Cybersecurity Policy
Officials say agencies have demonstrated more dedication than ever in addressing a bug with astronomical reach, but organizations are at the mercy of product vendors to issue the patches they need to implement.
Ideas
AI-Powered Automation Can Be Both a Part of the Problem and Part of the Solution
There are real security concerns that should be addressed ahead of further government adoption of a truly automated future.
Ideas
Modernizing Federal Cybersecurity Must Go Beyond Nation-State Defense
Insider risk can’t be overlooked.
Cybersecurity
What Is Log4J, How Bad It Is and What’s at Stake?
Log4Shell is the latest hacker exploit rocking the internet, and it’s arguably the worst yet. The vulnerability is in an obscure piece of software used on millions of computers.
Ideas
The Implications of Publicly Disclosing Cyberattacks
Officials must weigh the benefits and risks on a case-by-case basis.
Cybersecurity
Agencies Under New Deadlines to Address ‘log4j’ Flaws with Emergency Directive
The Cybersecurity and Infrastructure Security Agency order comes as a prominent firm says nation states are exploiting the vulnerabilities.
Digital Government
U.S., Australian Law Enforcement Enter Into Partnership Against Cybercrimes
The U.S. and Australian government partnered under the CLOUD Act, which facilitates electronic communication and data sharing between nations to investigate various crimes.
Cybersecurity
NSA, CISA, Add Original Equipment Manufacturers to Audience for 5G Security Guidance
The agencies got specific about who is responsible for what in a four-part series on securing the inherently cloud-based environments.
Ideas
Cream Cheese is the Just the Smooth Tip of a Sharp Problem
With ransomware hackers varying their targets to include operational technology used by U.S. factories and manufacturers, is an OT executive order needed to help combat them?
Cybersecurity
Federal Cybersecurity Advisor Floats Executive Order on Cloud Service Providers
The idea sprung from a sense of moral outrage Cybersecurity and Infrastructure Security Agency Director Jen Easterly identified with.
Ideas