Cybersecurity
Trackers Say Sanctions Against Crypto Exchanges Are Working in Ransomware Fight
One witness testifying before the Senate Homeland Security and Governmental Affairs Committee called for greater international enforcement against money laundering.
Cybersecurity
DOD Recommends NIST Align Frameworks for Cybersecurity Risk Management
An effort to update the framework for securing critical infrastructure from cyberattack is coming face to face with issues that have plagued the Commerce agency from the beginning.
Cybersecurity
CISA Solicits Feedback on Finer Points of Coming Software Transparency Requirement
The agency has identified four topics—including considerations for cloud and online applications—it wants to hear more about from stakeholders.
Cybersecurity
Why Commerce Went Against Microsoft on Rule to Control Cyber Exploits
The rule aims to prevent certain countries—most notably China—from receiving U.S. exports that could advance their intrusion and surveillance technology.
Cybersecurity
CISA, DOD Report Gaps for Agencies Assessing 5G Security Risks
Agency officials identified a lack of guiding standards for determining and mitigating risk from certain implementations of the technology and advised agencies to proceed with caution, employing penetration tests accordingly.
Cybersecurity
Secretary of State Makes Case for Tech-Centered Strategy to Counter China
The secretary delivered a speech outlining the administration’s policy toward Beijing as Congress tries to reconcile legislation that would provide at least $50 billion to increase domestic production of semiconductors.
Cybersecurity
Senate Homeland Clears Bill to Avoid Conflicts of Interest in Federal Contracting
A hearing the committee held leading up to the bill’s markup focused on a shortage of procurement officials in the federal workforce, which an industry witness said could be addressed if it weren’t for inflexible ethics rules.
Cybersecurity
Federal CISO: Recommendations In to Acquisition Council for Software Procurement
Federal CISO Chris DeRusha says he doesn’t want to tie agencies’ hands regarding self attestation versus third-party verification of vendor practices.
Digital Government
Senior GOP Senator Asked Watchdog to Report After ‘Whistleblower’ Action at IRS
The request of the watchdog agency followed the release of confidential information leading to a detailed news report of how the mega rich avoid paying taxes.
Cybersecurity
National Cyber Director's Vision for the Future Flags Overdue National Plan
The office of the national cyber director is tasked by Congress to weigh in on agencies’ cybersecurity budgets.
Cybersecurity
DOJ Issues Guidance for Enforcing Computer Fraud and Abuse Act
Nearly a decade after the death of open-access advocate Aaron Schwartz, his legacy is still playing out in cybersecurity policy.
Cybersecurity
CISA Orders Agencies to Mitigate VMWare Vulnerabilities Under Deadline
Advanced adversaries appear to be exploiting the vulnerabilities to get around multifactor authentication.
Cybersecurity
Key Convener Releases Plan for Securing Open Source Software with White House
A crucial entity within the open source ecosystem is urging prioritization of libraries that support widespread applications like internet routing, among other things.
Cybersecurity
US Signs on to New Electronic Evidence Protocol in International Cybercrime Agreement
The new protocol is officially being added to the Budapest Convention—an arrangement between 66 member-states—after four years of negotiations.
Cybersecurity
US, Allied Cybersecurity Agencies, Advise Reviewing Contracts with Tech Vendors
A joint advisory from CISA, domestic partners and counterpart agencies in the Five Eyes intelligence alliance warns of a heightened threat to managed service providers and their customers.
Cybersecurity
Microsoft Official to Assume Leading Role at the National Cyber Director’s Office
Another addition joined the new office from the intelligence community.
Cybersecurity
US and Allies Attribute Attack on U.S. Satellite Provider in Ukraine to Russia
Officials are highlighting significant spillover effects from the attack—including damage to infrastructure supporting wind farms—into Central Europe.
Podcasts
Critical Update: Evolution in the 'Valley of Death'
Nextgov looks at the use of cooperative research and development agreements by some major industry players to highlight how the meaning of the phrase, and implementation of its associated authorities, has shifted over the years.
Cybersecurity
Transportation Proposes Near $1M Fine for Colonial Pipeline One Year After Hack
The firm has 30 days to respond with evidence contesting the agency’s allegation of safety violations.
Cybersecurity
NIST’s Supply-Chain Security Guidance Tells Agencies: Look to FedRAMP First
The agency has spent years revising guidance for organizations to address vulnerabilities presented by vendors of software and other enterprise suppliers.
Almost There!
Help us tailor content specifically for you: