Cybersecurity
Biden’s Nominee to Lead CISA Interested in Reforming FISMA
Members of the Senate Homeland Security Committee pressed Jen Easterly and other key nominees on supply chain security and workforce challenges.
Cybersecurity
Biden Redirects Agencies on Securing Information and Communications Technology
A new executive order revokes bans on WeChat and TikTok but retains and adds to a Trump edict on U.S. tech, especially “connected software applications” tied to foreign adversaries.
Cybersecurity
Colonial Pipeline CEO: Cybersecurity Mandates From TSA Might Help
Hackers breached the company after gaining access to a virtual private network not protected by multifactor authentication.
Cybersecurity
IRS' Use of Special Hiring Authorities Could Be Leading to Skills Gaps, IG Says
The agency has been using emergency authorities to meet staffing goals, but may be compromising on the quality of new hires as a result, according to an inspector general report.
Emerging Tech
DOD-NTIA Open 5G Challenge Could Lead to New Requirements
A Defense Department official said DOD’s 5G prototyping is also examining the benefits of hardware and software bills of materials to scrutinize the supply chain.
Cybersecurity
IG: CISA-Run Monitoring Program Has Not Improved DHS’ Cybersecurity Posture
The department’s inspector general also found vulnerabilities in the department’s technology due to poorly defined patch management roles and configuration settings.
Cybersecurity
NIST Will Build on Existing Software Development Framework to Meet Executive Order
The agency also shared how it’s thinking about defining “critical software,” which is to be prioritized under the order.
Cybersecurity
Justice Took Down Two Domains Used in USAID Hack
The action demonstrates the department’s authorities beyond attributing malicious cyber activity.
Cybersecurity
NTIA Wants Feedback on Software Transparency Plan
One high-profile expert raised the ever-looming workforce challenge in suggesting the juice might not yet be worth the squeeze.
Digital Government
Biden Budget Ups Request for Civilian Agencies’ Cybersecurity
The president’s funding proposal also puts numbers on the National Cyber Director’s Office and other priority cybersecurity areas.
Cybersecurity
Pipeline Companies Have One Week to Identify Cybersecurity Coordinators Under TSA Directive
The directive now mandates incident reporting and reviews described in the administration’s voluntary guidelines for the sector.
Cybersecurity
NIST Will Do Gap Analysis Before Creating Software Standards for Executive Order
The Government Accountability Office told lawmakers enforcement, through expanded reporting, of agencies’ supply chain security activity is “the thing that has to happen.”
Cybersecurity
Cryptocurrency Crackdown Won’t Stop Ransomware, CISA Official Says
Cybersecurity professionals stress the importance of proactive defense to combat the growing number of attacks.
Cybersecurity
GAO to Explore the Government’s Role in Cybersecurity Insurance
The Treasury Department runs a program to insure the insurers, but there’s a limit to the backstop.
Cybersecurity
White House Advisers Consider Workforce Requirements for Critical Infrastructure Providers
The National Security Council asked the private-sector led National Infrastructure Advisory Council to focus a critical-infrastructure workforce study on cybersecurity and to speed delivery of its recommendations.
Cybersecurity
CISA Official Promotes an Emerging Cybersecurity Role in Wake of New Executive Order
Move over CISOs, it may be time to make room for chief product security officers.
Cybersecurity
House Panel Passes Bill to Explore Bringing State and Local Cybersecurity Workers into CISA
The Homeland Security Committee cleared several bills to address cybersecurity following the attack on Colonial Pipeline.
Podcasts
Critical Update: Do You Know What’s In Your Software?
In the wake of several major cybersecurity incidents, the government wants to shore up its software supply chain. Two experts explain the merits of some approaches and why there’s no silver bullet.
Cybersecurity
Progressive Lawmakers Praise Biden’s Plan for Cybersecurity Labels
Reviews are in on the administration’s long-awaited executive order following several major hacking campaigns.
Cybersecurity