Cybersecurity
Senator makes new attempt to extend cyber info-sharing law by 10 years
Sen. Gary Peters, D-Mich., said he’s spoken directly with Senate Majority Leader John Thune, R-S.D., about renewing the 2015 Cybersecurity Information Sharing Act, which lapsed when the government shut down.
People
Hundreds of DHS staff face reassignments to border security, immigration
Affected workers — including people in the Cybersecurity and Infrastructure Security Agency — have been given a week to respond or risk termination from federal service.
Cybersecurity
Former CISA lead Matt Hartman joins Merlin Group as chief strategy officer
Hartman most recently served as acting head of cyber at the Cyber and Infrastructure Security Agency. He now joins Merlin to grow its partnerships with technology companies and government agencies.
Cybersecurity
CISA issues emergency patching directive for Cisco devices on federal networks
An emerging cyber threat group is exploiting vulnerabilities in Cisco devices, both the company and CISA said. The hackers have potential links to China, according to an analysis put out last year.
Cybersecurity
CISA wants more international involvement in cyber vulnerability catalog, official says
Nick Andersen, the agency’s assistant executive director for cybersecurity, says the CVE project would benefit from a "more holistic look" with international partners.
Cybersecurity
CISA ready to accept any extension for key cyber info-sharing law, official says
“Give us two years. Give us ten years. Give us 50. Whatever you take, we’ll take it,” CISA’s Nick Andersen said of the soon-to-expire 2015 Cybersecurity Information Sharing Act.
Cybersecurity
CISA weighs ‘alternative funding sources’ to preserve cyber vulnerability-tracking project
The Common Vulnerabilities and Exposures Program almost lapsed in April, according to MITRE, a key funder.
Cybersecurity
House panel advances bill to extend bedrock cyber info-sharing law
Some Republicans want to ensure there’s language that would prevent the nation’s core cyberdefense agency from engaging in alleged “censorship” of Americans’ free speech.
People
Nick Andersen onboards into top CISA cyber position
Andersen has served in both public and private roles, and he held top cybersecurity positions in the Department of Energy in Donald Trump’s first term.
People
CISA’s head of legislative affairs to soon depart
Kate DiEmidio, who most recently served as the top policy executive at Dragos, is leaving voluntarily after spending three months in the role.
Cybersecurity
CISA officials commit to supporting top vulnerability cataloging program
Organizations around the world rely on the Common Vulnerabilities and Exposures Program, whose contract with CISA almost expired in April. It serves as the worldwide, de facto standard for vulnerability identification and management.
Updated
Cybersecurity
‘High-severity’ Microsoft Exchange vulnerability disclosed on heels of Black Hat talk
Parts of the federal enterprise are likely susceptible to the flaw that allows hackers to hijack on-premises versions of Active Directory. CISA plans to release an emergency directive on Thursday, according to a person familiar with the matter.
Cybersecurity
Federal CISO urges cyber community to start sharing and scaling their solutions
The Trump administration wants to ease regulatory burdens on the cyber industry with a mindset where there is still room for policymaking. It largely begins with the private sector.
Cybersecurity
Former and current officials clash over CISA’s role in US cyber defenses at Black Hat
CISA’s communications chief backed the narrowing of the agency’s scope, while a former NSA leader warned that shrinking the federal cyber workforce risks weakening U.S. defenses.
People
Army rescinds West Point role for ex‑CISA director after pressure from Laura Loomer
Jen Easterly was one of the top cybersecurity officials that served in the Biden administration and is a West Point alumna.
People
Senate panel advances CISA director nominee to full Senate floor vote
Sean Plankey may still have to contend with a hold from Senator Ron Wyden over objections to the cyber defense agency not releasing a 2022 report on telecommunications industry vulnerabilities. The agency said it plans to release it.
Cybersecurity
CISA to release telecom security report as its director nominee nears confirmation
The 2022 report, which has not been made publicly available, has been used as leverage by Senator Ron Wyden to hold Sean Plankey from being confirmed as director of CISA.
Cybersecurity
Trump’s CISA nominee is confident he can get funding to cyber agency where needed
Sean Plankey, a former Energy Department cyber official, tussled with Sen. Richard Blumenthal, D-Conn., over 2020 election security during his confirmation hearing. He also committed to the renewal of a key cyber information-sharing law before it soon expires.
Cybersecurity
Operational tech is ‘underprioritized’ in cyberdefense, experts tell Congress
Witnesses' calls for better investment in securing such systems come just two months before a key cybersecurity information-sharing law is set to expire.
People