Author Archive
Cyber
Is there a path forward in Congress for mandatory cyber incident reporting?
A group of lawmakers is seeking legislation that would require private companies to report cyber incidents and ransomware attacks to the Cybersecurity and Infrastructure Security Agency, despite their efforts being derailed late last year.
Cyber
CISA, FBI issue new guidance on addressing Log4j risks
The Cybersecurity and Infrastructure Security Agency and its partners are providing new ways to identify Log4j risks and mitigate possible exploitation.
Cyber
CISA issues emergency directive to patch Log4j flaw
The Cybersecurity and Infrastructure Security Agency released an emergency directive on Friday ordering all federal agencies to take immediate action against a critical security flaw with potential long-term consequences for public and private infrastructure.
Cyber
CISA draws plans for more secure federal civilian email
The Cybersecurity and Infrastructure Security Agency wants to beef up federal civilian email security with CISA-provisioned threat hunting and incident response efforts, according to a request for information published last week.
Cyber
Federal government is still in the dark on ransomware
Information on the majority of ransomware attacks targeting American companies and civilian agencies remains unreported to the Department of Homeland Security, a top cyber official told lawmakers.
Cyber
FBI wants input on cyber reporting legislation
A top FBI cyber official told lawmakers on Tuesday that the bureau could face significant challenges addressing cyberattacks and ransomware incidents if it was not included in breach disclosure requirements being considered in legislation.
Cyber
CISA directive requires vulnerability fixes in 6 months
A new binding operational directive puts federal civilian agencies on a six-month clock to remediate known vulnerabilities.
Cyber
CISA's new talent management system could boost cyber recruitment
Despite increasing competition among the public and private sectors in hiring top cyber talent, CISA Director Jen Easterly said she has high hopes for a new personnel management system which reduces friction in hiring and offers new career paths.
IT Infrastructure
Federal contractors have until Dec. 8 to get COVID vaccine
New COVID-19 guidance directs federal contractors and subcontractors to make sure their employees are vaccinated — the latest in a series of new vaccine requirements the White House has been rolling out in recent weeks.
Cyber
Chris Inglis outlines blueprint for federal cyber priorities
The newly installed National Cyber Director offered his take on the roles and responsibilities of his office, the Cybersecurity and Infrastructure Security Agency, the National Security Council and agency IT and security operations in responding to federal cyber incidents.
Cyber
White House hits the gas on zero trust
Newly released strategy and technical guidance documents covering zero trust and cloud security are open for comment as part of a federal push to improve federal government cybersecurity.
IT Infrastructure
State Department expands push to the cloud
The State Department wants to go all in on the cloud, starting with a new multiplatform toolset to add flexibility and innovation to IT services.
Cyber
CISA launches joint cyber defense effort
The Joint Cyber Defense Collaborative aims to help the U.S. defend against threats to critical infrastructure through information-sharing and defense operations planning.
Cyber
National cyber director backs new Bureau of Cyber Statistics
The White House is still considering whether to support the Cyberspace Solarium Commission's recommendation to establish a Bureau of Cyber Statistics, National Cyber Director Chris Inglis said on Monday, while stressing the urgent need for the federal government to begin assessing and publishing data on cybersecurity incidents.
Cyber
Lawmakers advance cyber legislation
The Senate’s 2022 defense authorization bill and a number of House measures are addressing cyber authorities, domestic microelectronics manufacture, supply chain security and raising cyber awareness among the public.
Cyber
CISA predicts cyber EO will drive progress on zero trust
Most agencies are just getting started creating plans around zero trust, but tight deadlines featured in President Joe Biden's cybersecurity executive order and a wave of new guidance, may speed up implementation across the entire government.
Cyber
NIST details executive order’s ‘critical software’ categories
To help agencies comply with the Biden administration’s cybersecurity executive order, the National Institute of Standards and Technology posted a new definition of "critical software" for production systems and operational purposes.
Cyber
Biden revokes Trump's unenforced Chinese app bans
President Joe Biden's administration is establishing a new timetable to assess risks posed by using web services from foreign adversaries like China - while revoking his predecessor's final actions against Beijing.
Cyber
DHS faces setbacks implementing CDM, IG says
The Department of Homeland Security has failed to address critical vulnerabilities across information technology assets due to significant delays in the department's rollout of a federal Continuous Diagnostics and Mitigation program.
Cyber