Cybersecurity
CISA, NSA Guidance Tries to Reduce Alternatives for Securing Industrial Control Systems
Policymakers in Congress and the administration are grappling with how to set a performance bar for companies' mitigation of cyber threats against critical infrastructure they own, while allowing flexibility the companies say is needed to run their operations.
Cybersecurity
Industry Objections Spur Changes to Cybersecurity Provisions in Defense Bill
Key members of the House and Senate are altering proposals for identifying systemically important critical infrastructure and securing the software supply chain.
Cybersecurity
FCC Adds China-linked Telecom Providers to List of National Security Threats
The departments of Defense and Justice want the agency to take a more comprehensive approach to preventing foreign adversaries from accessing Americans’ communications and data.
Cybersecurity
CISA Plans to Measure the Effect of Coming Standards on Industry’s Cybersecurity
But big companies want to avoid agencies’ use of related performance goals in new regulation.
Cybersecurity
Defense, Justice Call for FCC Rulemaking to Secure Internet Routing, Opposing NTIA
The departments cited comments from the Cybersecurity and Infrastructure Security Agency and said a regulatory approach would have a greater impact “industry-wide” than dealing with entities case-by-case.
Breaking News
Cybersecurity
OMB: New Acquisition Rule Coming for Vendors to Vouch for Their Software Security
Agencies are also allowed to accept to-do lists from vendors who need to keep working up to a point where they can self-attest their compliance with NIST guidance.
Cybersecurity
Whistleblower Explains How Twitter Easily Skirted FTC’s Data Security Enforcement
The former public official—and legendary hacker’s—decision to expose what he described as a disastrous security environment at the company has prompted an unlikely alliance in Congress.
Cybersecurity
CISA Requests Input on Terms Already Defined by Incident Reporting Law
The agency is embarking on a rulemaking process to implement the law, which requires those who make ransomware payments to report them to the government.
Cybersecurity
U.S. Sanctions Iran—Under New Treasury Rules—for Attack on Albania
The new rules elaborate on what kinds of cyber activities warrant sanctions designation.
Cybersecurity
Commerce revises export rules to boost U.S. standards development on critical tech
The original rule—which banned certain entities from receiving U.S. exports—endangered U.S. participation in international standards bodies where such entities are present, opponents said.
Policy
Commerce Revises Export Rules to Boost US Standards Development on Critical Tech
The original rule—which banned certain entities from receiving U.S. exports—endangered U.S. participation in international standards bodies where such entities are present, opponents said.
Cybersecurity
White House Attributes Attack on Albania’s Critical Infrastructure to Iran
A statement from the National Security Council noted the potential for deviations from international norms to escalate conflict and promised accountability.
Cybersecurity
Treasury Reissues Rules to Enforce Cyber Sanctions on Foreign Adversaries
The rules could apply to any new executive order related to the national security emergency President Obama declared in 2015, in advance of a cybersecurity agreement with China.
Cybersecurity
New Guide to Secure Software Development Passes on Content but Fails on Communication, Industry Official Says
The lengthy document may miss its target audience altogether, one industry observer notes.
Cybersecurity
National Cyber Director’s Office Elevates Key Personnel
Nick Leiserson helped develop legislation that created the cyber director’s office. A year after its establishment, he’s moving to a position where he can use it to shape policy.
Modernization
CISA Seeks Software Engineers to Build New Registrar for .Gov Domain
The agency is taking new hiring authorities out for a spin in the recruitment effort to make state and local government websites more secure
Cybersecurity
Crucial Help Wanted at Cyber Director’s Office as CHIPS Act Adds to Responsibilities
The Office of the National Cyber Director is looking to fill two critical positions, while a recent executive order requires participation on a new steering council.
Digital Government
FCC Probe Reveals Mobile Carriers’ Data Management Practices are ‘All Over the Map’
The last time the FCC investigated mobile carriers’ practices regarding location data, it resulted in fines Jessica Rosenworcel—now chair of the commission—said were unjustly meager.
Cybersecurity
Chemical Sector Next in Line for White House Plan to Incentivize Cybersecurity
Operators of chemical facilities will follow those of electric utilities, gas pipelines and water treatment plants in being asked to facilitate visibility into their systems.
Cybersecurity
How Energy's Cyber-Informed Engineering Strategy Fits into a Pending National Plan
A key White House official highlighted the importance of education and workforce training in the government’s procurement-centric cybersecurity policy.
Almost There!
Help us tailor content specifically for you: