Cybersecurity
CMMC body hires ex-CISA deputy as first CEO
The governing body in charge of implementing the Defense Department's Cybersecurity Maturity Model Certification program has hired Matthew Travis, former CISA deputy director, as new CEO.
Cybersecurity
Impatient lawmakers press Biden for cyber director nominee
President Joe Biden has said cybersecurity will be a top priority for his administration, but two senior positions focused on the issue remain either vacant or held by an acting official.
Cybersecurity
CISA head: Group of SolarWinds victims is 'solidified'
Brandon Wales, the acting director of the Cybersecurity and Infrastructure Security Agency, also said his agency is still working to determine if any federal networks were compromised by vulnerabilities discovered in Microsoft Exchange.
Cybersecurity
An ambitious cybersecurity strategy is just a starting point
With funding and the help of top experts, the Biden administration can make tangible progress toward modernization, but much work remains to be done.
Cybersecurity
Agency hacks could accelerate push to zero trust security model
Chris DeRusha, the federal chief information security officer, said agencies largely have the tools they need to adopt zero trust security protocols but making a change will "require a shift in mindset."
Cybersecurity
Senators press for federal agency accountability over SolarWinds
Three top cybersecurity officials struggled to answer questions from lawmakers about who is to blame for the government's failure to stop the breach of nine federal agencies.
Cybersecurity
House panel advances industrial control systems bill
New legislation puts the director of the Cybersecurity and Infrastructure Security Agency in the center of federal response to threats to computerized industrial systems.
Cybersecurity
New bill looks to centralize CISA's role in ICS threat response
Rep. John Katko (R-N.Y.) cited the recent cybersecurity incident at a water treatment plant in Oldsmar, Fla., as the impetus for the legislation.
Cybersecurity
House passes Rescue package with TMF funding
The $1.9 trillion bill is aimed at Americans suffering financial hardships from the pandemic, but in the federal IT community, the bill will be remembered for the dramatic expansion of the Technology Modernization Fund.
Cybersecurity
CISA: No federal agencies compromised by Exchange hack so far
Two seniors officials at the Cybersecurity and Infrastructure Security Agency told House lawmakers today the attacks in recent months demonstrate the fact the federal government "must raise our game" in cybersecurity.
Cybersecurity
Pentagon issues cyber tasking order in response to Exchange hack
The Pentagon's new order to its agencies and commands aligns with the recent emergency directive issued by the Cybersecurity and Infrastructure Security Agency.
Cybersecurity
Hafnium hack poses new long-term threat for already overtaxed cyber workers
Federal agencies still reeling from the effects of a massive hack involving SolarWinds may face a new challenge of evicting any adversaries that breached their networks through recently discovered vulnerabilities in Microsoft's Exchange software.
Cybersecurity
Why the network compass is obsolete
Old labels for network traffic are out of date with government users connecting from devices outside traditional perimeters, but TIC 3.0 offers a new map.
Cybersecurity
CISA orders agencies to disconnect Microsoft Exchange on-prem servers
The government's leading cybersecurity agency is ordering all federal civilian agencies to provide a status report on its usage of Microsoft Exchange products by noon on Friday.
Cybersecurity
When water utilities get hacked, who should they call?
In the wake of a cybersecurity breach at a public water system, lawmakers have begun questioning what rules are in place to govern those facilities' cybersecurity and what changes may be necessary.
Cybersecurity
Mandatory breach reporting bill on deck, lawmakers say
Congress could be poised to require companies to report hacks in the wake of the massive breach linked to vulnerabilities on SolarWinds' IT management software.
Cybersecurity
SolarWinds CEO: This could have happened to anyone
In what will be the first of several public appearances this week, Sudhakar Ramakrishna says his company will be transparent about the supply chain attack it suffered as a way to help other companies prepare for the next attack.
Cybersecurity
CISA eyes changes to combat future supply chain hacks
The acting director of the Cybersecurity and Infrastructure Security Agency today said his agency is looking various changes to protect federal networks in the wake of the massive breach discovered late last year.
Cybersecurity
Industry presses for tech funding in COVID relief amid Senate opposition
Several industry groups sent a letter to lawmakers last week urging them to include $10 billion for cybersecurity in the next coronavirus relief bill, however congressional backers of a tech push in the relief bill say that Senate opposition makes a big push unlikely to pass.
Cybersecurity