Cybersecurity
OMB Gives Agencies Three Months to Help CISA Monitor Networked Devices
The memo adds heft to the Cybersecurity and Infrastructure Security Agency’s longstanding push for more visibility into federal networks.
Cybersecurity
Lawmakers Ask How They Can Help Agencies Fight Crypto-enabled Ransomware Hacks
A new bill would require public and private entities to report on ransomware payments, including the nature of currency used, to DHS within 48 hours.
Cybersecurity
Federal CISO Considers Including Technology Modernization in Cybersecurity Metrics
Chris De Rusha is also thinking about how to use the Technology Modernization Fund to create a new shared services program for zero-trust implementation.
Cybersecurity
Senate Committee Passes Major FISMA Changes—Including a New Definition of ‘Major Incident’
The Homeland Security and Governmental Affairs Committee also passed an incident reporting bill with increased liability protections for companies, drawing praise from industry.
Cybersecurity
Deputy National Security Adviser Lays Out Goals for Upcoming 30 Nation Meeting on Ransomware
Top cyber officials highlighted the importance of defensive measures as lawmakers move on related initiatives, including a bill to identify systemically important critical infrastructure.
Emerging Tech
DHS Issues Roadmap to Help Organizations Prepare for Quantum Computing Threat
Officials say there’s a lot agencies and other entities should be doing, even though it may be more than a decade before a quantum computer can decode current levels of encryption.
Cybersecurity
FCC Issues Order on Security Reviews Ahead of U.S.-China Engagement
The commission’s new rule on foreign ownership and investment comes amid an industry call for international alignment on the use of voluntary standards to secure the supply chain of information and communications technology
Cybersecurity
FCC Working on Rule for Wireless Carriers to Avert SIM Swap Fraud
More than a year after lawmakers requested such action to protect consumer data and national security, the commission’s move could help to stop hackers undermining multifactor authentication.
Cybersecurity
NSA Cyber Chief Warns Hackers Increasingly Use Commercial Tools to Stay Hidden
Advanced persistent threat actors are becoming harder to spot and making attribution more difficult.
Cybersecurity
CISA Warns of Vulnerabilities in Banned Chinese Surveillance Tech
The Federal Communications Commission is set to vote on tightening its national security reviews of foreign suppliers.
Emerging Tech
IRS’ Criminal Investigators Want Help Breaking into Physical Crypto Wallets
The agency’s digital forensics unit is looking for a small business to help make routine processes out of some nascent research into related hardware hacking techniques.
Cybersecurity
Commerce Seeks Comment to Implement Trump Cybersecurity Order on Logging Foreign Actors
The rule would require cloud providers to verify the identities of certain users.
Cybersecurity
Leading Cyber Officials Favor Fines Over Subpoenas to Enforce Incident Reporting
Incident reporting provisions are being considered as part of the annual defense bill.
Digital Government
Biden Doubles the Size of the President’s Science and Technology Council
The group includes high-profile academics and industry representatives, including from Google and Microsoft.
Cybersecurity
Treasury Sanctions First Cryptocurrency Exchange to Combat Ransomware
The department also emphasized guidance for victim organizations who risk running afoul of enforcers by paying attackers and failing to report incidents.
Cybersecurity
Union Supports Revised Civilian Cyber Reserve Program
But the American Federation of Government Employees is still adamantly against the creation of a civilian National Digital Reserve Corps.
Cybersecurity
Agencies Seek Comments on Supply Chain Security of Critical Software
The Commerce and Homeland Security departments want details about the information and communications technology industry’s cybersecurity practices and gaps in manufacturing.
Cybersecurity
Auditors, Contractors Hang in the Balance as Defense Overhauls Cybersecurity Certification Program
The Defense Department has not ruled out a return to allowing companies to ‘self-attest’ their security posture.
Cybersecurity
Watchdog: CISA Needs to Update Plans to Protect Critical Infrastructure
The Department of Homeland Security Inspector General report on dam security found a lack of coordination among agency teams.
Cybersecurity