Author Archive
IT Infrastructure
National Cyber Director: Mandates coming to secure commercial information technology
An event hosted by the leading trade association for major tech vendors highlighted what has so far been an impasse between government and industry on cybersecurity policy.
Cyber
DOD recommends NIST align frameworks for cybersecurity risk management
An effort to update the framework for securing critical infrastructure from cyberattack is coming face to face with issues that have plagued the Commerce agency from the beginning.
Emerging Tech
CISA, DOD report gaps for agencies assessing 5G security risks
Agency officials identified a lack of guiding standards for determining and mitigating risk from certain implementations of the technology and advised agencies to proceed with caution, employing penetration tests accordingly.
Cyber
CISA wants feedback on upcoming software transparency requirement
The agency has identified four topics—including considerations for cloud and online applications—it wants to hear more about from stakeholders.
Cyber
State Secretary makes case for tech-centered strategy to counter China
The secretary delivered a speech outlining the administration’s policy toward Beijing as Congress tries to reconcile legislation that would provide at least $50 billion to increase domestic production of semiconductors.
Cyber
CISA orders agencies to mitigate VMWare vulnerabilities under deadline
Advanced adversaries appear to be exploiting the vulnerabilities to get around multifactor authentication.
Policy
Key convener releases plan for securing open source software with White House
A crucial entity within the open source ecosystem is urging prioritization of libraries that support widespread applications like internet routing, among other things.
Cyber
US and allies attribute attack on U.S. satellite provider in Ukraine to Russia
Officials are highlighting significant spillover effects from the attack—including damage to infrastructure supporting wind farms—into Central Europe.
Cyber
Microsoft official to assume leading role at the National Cyber Director’s office
Another addition joined the new office from the intelligence community.
Cyber
NSA chief: Cyber Command did 9 international missions last year
The dual-hatted head of the spy agency and military command has been conducting proactive missions to diffuse cyber threats to U.S. elections and other critical infrastructure and stressed the importance of artificial intelligence to advance those efforts.
Emerging Tech
Microsoft, DOD partners celebrate cooperative research and development agreement
The company may have the chance to negotiate exclusive intellectual property rights—with an exception for the government—to innovations emerging from the collaboration.
Cyber
CISA add industrial control specialists to Joint Cyber Defense Collaborative
Companies in the space are trying to shape public policy and push for money agencies can use to—among other things—track their devices and other assets.
Cyber
What CISA wants critical infrastructure partners to report on cyber incidents
A new guide provides clues into how the agency might be thinking of crucial details, such as what should count as an “incident” under a new law.
Emerging Tech
Private sector player urges DOD to screen 5G technology for cybersecurity
The Pentagon is offering cash prizes for hardware or software ideas to make various components of fifth-generation networking technology interoperable across various manufacturers.
Cyber
CISA director details growing threat to maritime transportation sector
Cybersecurity professionals are noting the possibility of Russia reprising a watershed attack on the shipping industry to hit back against the U.S. economy.
Cyber
White House warns of potential Russian cyberattack based on new intel
Officials, distressed by the continued lack of cybersecurity basics implemented in the private sector, issued “a call to action.”
Congress
Cyber-incident reporting legislation clears House in bipartisan spending bill
The bill, attached to government funding legislation, now moves to the Senate, which recently passed the same incident reporting provisions separately by unanimous consent.
Cyber
CISA warns of ransomware gang, issues indicators of compromise
Processes spurring from the Ragnar Locker Ransomware have affected at least 52 critical infrastructure victims since January, but will terminate if it encounters systems in certain Russian and near-Russian locations.
Cyber
NSA stresses vendor diversification in network segmentation guidance
Robust firewalls within and around a network are especially important in environments incorporating industrial control systems, which have been targeted in Russian state-sponsored operations.
Cyber