Author Archive
Cybersecurity
Big Tech Anxious About Commerce Plan to Secure Supply Chains from Foreign Influence
Comments an association of industry giants made on a notice of proposed rulemaking from the Commerce Department come amid multiple government efforts to reduce cybersecurity risks in globally produced information and communications technology.
Cybersecurity
Biden Official Credits Diplomacy With Russia for Arrest of Colonial Pipeline Hacker
A senior administration official disassociated the move from tensions between the U.S. and Russia amid a build-up of Russian troops near Ukraine and an unattributed cyberattack on the country’s government websites.
Cybersecurity
FBI Officials Clarify What the Bureau Wants in Cyber Incident Reporting Bill
However the legislation is eventually passed, CISA plans to share reports with the FBI and other agencies, a Homeland Security official said.
Cybersecurity
FCC Chair Proposes Updating Data Breach Reporting Requirements
The Commission is still waiting for an empty chair to be filled as observers call for a vote on Biden nominee Gigi Sohn.
Cybersecurity
House FISMA Reform Would Empower Federal CISO With Budgeting Authority
Corresponding Senate legislation doesn’t mention the federal chief information security officer but shares other key elements—including a shorter incident reporting window—with a discussion draft issued by the House Oversight and Reform Committee.
Cybersecurity
How the Log4j Vulnerability is Forcing Change in Federal Cybersecurity Policy
Officials say agencies have demonstrated more dedication than ever in addressing a bug with astronomical reach, but organizations are at the mercy of product vendors to issue the patches they need to implement.
Cybersecurity
GSA Seeks Comments on Transfer of .Gov Domain to Cybersecurity Agency
The government’s site for managing government websites—dotgov.gov— may temporarily go down for maintenance as officials make the switch.
Emerging Tech
Privacy Advocates Connect Capitol Attack to Need for Data Protection Legislation
Sen. Ron Wyden joined citizen groups calling for limits on data collection as a way around an impasse over regulating free speech.
Emerging Tech
Defense Official: Talent Tops Tools for Executing Data Strategy
The DOD’s chief data officer emphasized the importance of personnel over equipment for how the military is trying to obtain a data advantage over adversaries like China.
Cybersecurity
Corrected: FedRAMP Bill Includes Transparency Provisions for New Advisory Council
The legislation would create a public-private advisory council that would be subject to most of the provisions of the Federal Advisory Committee Act.
Cybersecurity
Watchdog Security Reviews Not Guaranteed in FedRAMP Revamp
Legislation recently clearing a key Senate committee stops short of requiring the Government Accountability Office to review vendors’ encryption practices and supply chains.
Cybersecurity
US Still Lacks Federal Cyber Strategy After Decades of Attempts
The United Kingdom, meanwhile, recently updated its approach, crediting strong regulatory measures with significant cyber-risk reduction over recent years.
Policy
Women Report from the Frontlines of Federal Cryptocurrency Governance
Over the course of 2021, Congress and the administration have recognized significant benefits from diving into the technology, a trend that looks poised to continue.
Cybersecurity
Report: Legacy Equipment Puts Telehealth Consumers’ Data At Risk
Telehealth services have expanded exponentially over the course of the pandemic due in part to the Trump administration’s decision to relax enforcement of the industry’s privacy regulations.
Cybersecurity
Biden Signs NDAA Relying on Voluntary Private-Sector Cybersecurity Collaboration
Major breaches over the past year were a double-edged sword in efforts to pass a crucial mandatory reporting measure that didn’t make it into the ‘must-pass’ legislation despite bipartisan support, according to key lawmakers.
Cybersecurity
Federal CISO Clarifies Support for a Standard that Could Make Passwords History
The cryptographic protocol is at the heart of a ‘zero trust’ proposal pioneered by Google that has a fan base within the federal government.
Cybersecurity
Agencies Under New Deadlines to Address ‘log4j’ Flaws with Emergency Directive
The Cybersecurity and Infrastructure Security Agency order comes as a prominent firm says nation states are exploiting the vulnerabilities.
Cybersecurity
NSA, CISA, Add Original Equipment Manufacturers to Audience for 5G Security Guidance
The agencies got specific about who is responsible for what in a four-part series on securing the inherently cloud-based environments.
Cybersecurity
Senators Ready to Write Clarifying Legislation to Maintain U.S. Leadership in Crypto
Stakeholders fear an overly broad application of the tax provisions beyond virtual currency exchanges.
Cybersecurity