Author Archive

Mariam Baksh

Mariam Baksh
Mariam Baksh reports on the development of federal cybersecurity policy for Nextgov. She started covering technology governance in 2014, during the heat of the Net Neutrality debate, and focused her graduate studies at American University on investigative journalism.
Cybersecurity

Energy Updates Assessment Tool for Administration’s 100-Day Cybersecurity Sprint

The update comes as lawmakers jostle for jurisdiction over cybersecurity across multiple critical infrastructure sectors with a slew of bills advancing in both chambers of Congress.

Cybersecurity

Commerce Secretary Highlights Cybersecurity Workforce Needs With $3B Initiative

Grants will be competitively awarded to state and local governmental entities, institutions of higher education, not-for-profit entities, unions and tribes. 

Cybersecurity

Senators Promote Cybersecurity Measures in Core Bipartisan Infrastructure Framework

Congressional leaders of the Cyberspace Solarium Commission stressed a need to focus specifically on water treatment systems.

Cybersecurity

Bill Would Require Federal Agencies and Contractors to Report Cyber Intrusions Within 24 Hours

The bill leaves it up to an interagency rulemaking process to determine whether entities would be required to report incidents they’re aware of but not directly involved in.

Cybersecurity

NIST Outlines Security Measures for Software Use and Testing Under Executive Order

Eyes now turn to the Office of Management and Budget to issue requirements for federal agencies and contractors based on NIST’s work.

Cybersecurity

Lawmakers Look to Improve Cyber Workforce, Especially for Acquisitions

The effort is happening through major Department of Homeland Security reform legislation recently introduced in the House and a supply-chain bill that just cleared committee in the Senate.

Cybersecurity

Agencies Unveil Plans to Fight Ransomware—Including Paying for Tips

The State Department’s Rewards for Justice program is offering a reward of up to $10 million for information about attackers targeting U.S. critical infrastructure.

Cybersecurity

CISA Orders Agencies to Patch Microsoft ‘PrintNightmare’ Vulnerability

The flaw—which Microsoft said affects all versions of Windows—could allow an adversary to execute code on their victim’s system remotely.  

Cybersecurity

Cybersecurity Funding Faces Political Clash During Appropriations Markup

Republican lawmakers continue to withhold support for the Cybersecurity and Infrastructure Security Agency until their immigration concerns are addressed.

Cybersecurity

CISA Issues Mitigation Tips for Common Attack Tactics

The agency assessed 37 federal agencies, and state, local and tribal governments last year to see how they are typically exploited.

Cybersecurity

Official Suggests Consequences Coming to Russia for Ransomware

A senior administration official said the U.S. has made specific requests through official channels regarding cyber criminals.

Cybersecurity

VA’s Cybersecurity Still Missing Critical Zero-Trust Element, Watchdog Says

An official from the Government Accountability Office said she is encouraged by the formation of an investment review board at the department and intends to monitor it closely.

Cybersecurity

U.S., Russian Officials to Meet Following Kaseya Ransomware Attack

President Joe Biden also plans to meet with U.S. officials on measures to address ransomware.

Cybersecurity

Debate Heats Up as Senator Prepares to Introduce Incident-Reporting Legislation

Reviews are in on draft legislation Sen. Mark Warner’s office has circulated and plans to update for introduction after the holiday break.

Cybersecurity

US, UK Officials: Russian Military Leveraging Containers in Active Hacking Campaign

Cybersecurity agencies issued an advisory with indicators of compromise and mitigation measures. 

Cybersecurity

House Panel Approves DHS Bill with ‘Historic’ Funding for Cybersecurity

The bill would increase the budget for the Cybersecurity and Infrastructure Security Agency from both the previous year’s and the president’s request for fiscal year 2022.

Cybersecurity

Lawmakers Look to Give NTIA More Cybersecurity Responsibilities

During a hearing of the House Energy and Commerce Committee, witnesses drew attention to the absence of a permanent leader at the National Telecommunications and Information Administration.

Cybersecurity

CISA Starts Cataloging Bad Practices in Cybersecurity

The agency plans to keep updating the narrow list based on feedback from cybersecurity professionals.

Cybersecurity

White House Plans to Attribute the Microsoft Exchange Hack Soon

Microsoft has already attributed the broad-scale compromise of its on-premises mail servers to Chinese nation-state actors.