Cybersecurity
NIST Suggests Agencies Accept the Word of Software Producers Per Executive Order
The standards agency said an attestation from vendors themselves would be sufficient when screening for cybersecurity, unless an agency's risk calculus suggests otherwise.
Cybersecurity
CISA Offers Tips to Protect Data in Face of Evolving Ransomware Attacks
The cybersecurity agency warned attackers now threaten to sell or leak stolen data, not just render systems unusable.
Cybersecurity
NIST Updates Cyber Resiliency Guide to Account for Increasingly Sophisticated Threats
Public feedback on the more than 200-page document will be considered in the near future.
Cybersecurity
Survey: Pandemic Has Left Public Sector IT Exposed
The single largest risk factor reported by respondents is the influx in remote work.
Cybersecurity
Bill Would Require Federal Agencies and Contractors to Report Cyber Intrusions Within 24 Hours
The bill leaves it up to an interagency rulemaking process to determine whether entities would be required to report incidents they’re aware of but not directly involved in.
Cybersecurity
Biden Administration, Allies Attribute Microsoft Exchange Hack to China
The White House said it’s accusing China with “high confidence.”
Cybersecurity
Key Senator Wants Biden to Raise SolarWinds in International Negotiations
Senate Intelligence Committee Chairman Mark Warner said espionage campaigns like the SolarWinds hack merit discussion with Russian President Vladimir Putin.
Cybersecurity
Justice Took Down Two Domains Used in USAID Hack
The action demonstrates the department’s authorities beyond attributing malicious cyber activity.
Cybersecurity
NTIA Wants Feedback on Software Transparency Plan
One high-profile expert raised the ever-looming workforce challenge in suggesting the juice might not yet be worth the squeeze.
Cybersecurity
Russia’s Latest Hack Shows How Useful ‘Criminal Groups’ Are to the Kremlin
Russian coders have little choice but to work with their government, which in turn denies any knowledge of their activities. That’s why hacking activity shows no sign of slowing.
Digital Government
Biden Budget Ups Request for Civilian Agencies’ Cybersecurity
The president’s funding proposal also puts numbers on the National Cyber Director’s Office and other priority cybersecurity areas.
Cybersecurity
Pipeline Companies Have One Week to Identify Cybersecurity Coordinators Under TSA Directive
The directive now mandates incident reporting and reviews described in the administration’s voluntary guidelines for the sector.
Cybersecurity
US Chamber Asks Government To Get More Involved In Ransomware Defense
The Chamber of Commerce offered six steps the federal government can take to help American businesses defend against and respond to ransomware cyberattacks.
Cybersecurity
37 Defense Industrial Base Companies Affected by SolarWinds Intrusion
A defense official told lawmakers the department’s CMMC program likely wouldn’t have guaranteed successful prevention of the SolarWinds breach.
Cybersecurity
Pipeline Security Act Reintroduced in House
More than a dozen lawmakers have cosponsored the legislation following the Colonial Pipeline attack.
Cybersecurity
Progressive Lawmakers Praise Biden’s Plan for Cybersecurity Labels
Reviews are in on the administration’s long-awaited executive order following several major hacking campaigns.
Cybersecurity
Cyber Response Bill Advances in Senate
The legislation includes a fund to help impacted organizations pay for remediation efforts.
Cybersecurity
Biden Issues Executive Order to Bolster Nation’s Cybersecurity
The administration calls for a standardized federal playbook and review board for incident response, as well as changes to software procurement.
Cybersecurity
Senators Cite Colonial Pipeline Hack in Calling for Cyber Response and Recovery Fund
A hearing on federal agencies’ response to the SolarWinds hack drew attention to communication issues, both with the private sector and within the government.
Cybersecurity
US, UK Agencies Warn Russian Hackers Are Adapting Based on Government Advisories
The adversary is changing its tools to avoid detection while attacking the vulnerabilities governments issue warnings about.
Almost There!
Help us tailor content specifically for you: