Guidance from the National Security Agency and the Cybersecurity and Infrastructure Security Agency describe a phishing attack on a federal employee that used fake help desk domains to gain access to at least two federal civilian executive branch networks.
Jen Easterly, the director of the Cybersecurity and Infrastructure Security Agency, stressed the importance of cyber incident reporting but said mandates should be careful of potentially overburdening companies -- and CISA -- with "reporting noise."
The newly installed National Cyber Director offered his take on the roles and responsibilities of his office, the Cybersecurity and Infrastructure Security Agency, the National Security Council and agency IT and security operations in responding to federal cyber incidents.
Most agencies are just getting started creating plans around zero trust, but tight deadlines featured in President Joe Biden's cybersecurity executive order and a wave of new guidance, may speed up implementation across the entire government.
Gen. Paul Nakasone, the director of the National Security Agency and head of U.S. Cyber Command, told lawmakers that infrastructure deficits could prevent the creation of a service modeled on Space Force.
President Joe Biden's pick to lead the Defense Department's intelligence and security office, Ronald Moultrie, appears to have a smooth path to Senate confirmation thanks in large part to his cybersecurity experience.
The supply chain hack that targeted IT management software SolarWinds and other vendors will result in changes to the federal government's cybersecurity posture, according to the official charged with leading the administration's response.
A group of Democratic lawmakers is calling on the NSA to explain its part in developing a flawed encryption algorithm that was used and subsequently exploited through Juniper Network's security products, citing the supply chain hack involving SolarWinds Orion.