Ideas
The need for collaborative global cyber diplomacy is growing
COMMENTARY | Strengthening global cyber collaboration is needed now more than ever.
Artificial Intelligence
NIST releases finalized guidelines on protecting AI from attacks
The final guidance for defending against adversarial machine learning offers specific solutions for different attacks, but warns current mitigation is still developing.
Cybersecurity
NIST’s vulnerability database logjam is still growing despite attempts to clear it
Vulnerability submissions increased 32% in 2024, NIST said. The agency is considering machine learning to automate certain vulnerability analysis tasks.
Exclusive
Cybersecurity
Lawmakers seek DHS records in probe of US response to Chinese cyber campaigns
The House Homeland Security Committee wants DHS to provide internal documents on China’s Volt and Salt Typhoon hacking units, according to a letter being sent Monday.
Cybersecurity
Cyberspace Solarium Commission turns five years old
The commission has largely influenced cybersecurity policymaking in Congress through the first half of the decade.
Cybersecurity
IBM contract for overseas cyber assistance canned amid USAID shutdown
The foreign aid agency — a prime target of President Donald Trump’s agenda to eliminate perceived government waste — declared cybersecurity an economic development issue in 2021.
People
Veterans Affairs loses cybersecurity migration project lead after DOGE layoffs
Another project co-lead is among the 21 legacy USDS staffers who chose to leave civil service this week rather than work with DOGE.
Cybersecurity
DOGE employee Edward Coristine lands at CISA with DHS email
A handle dubbed “Rivage” was reportedly tied to Coristine, and used to discuss and solicit hacking activities with a cybercrime syndicate known as The Com.
Cybersecurity
Trump to nominate former RNC official to be national cyber director
It’s not clear how Sean Cairncross would address ongoing ONCD efforts, as the Trump administration has sought to refocus certain cyber priorities in the federal government.
Cybersecurity
Coast Guard workforce lacks maritime cyber expertise, watchdog says
The maritime service says it will develop “competency requirements” for relevant personnel by the end of December. It’s also planning new procedures to document maritime cyber incidents.
Cybersecurity
Space companies say cyber threat intelligence is often overclassified, unactionable
Space and aerospace industry feedback from a series of government-run workshops noted that such threat intelligence is difficult to translate into actionable cyber efforts.
Cybersecurity
Biden signs executive order inspired by lessons from recent cyberattacks
The order gives CISA more eyes to hunt cyber threats on government networks and directs agencies and contractors to be more transparent about the security of their software stockpiles.
Cybersecurity
Forthcoming executive order seeks to plug holes in federal cyber practices
The eleventh-hour cybersecurity executive action asks agencies to rethink software procurement, supply chains and AI, among other things.
Exclusive
Digital Government
Coming cyber executive order includes a push to mobile drivers licenses
The draft order does not, however, tackle the full breadth of actions that were expected from a promised identity executive order that has yet to materialize.
Cybersecurity
US has ‘a lot of work to do’ on cyber defenses, departing cyber czar says
Outgoing National Cyber Director Harry Coker thinks his office needs more influence over the federal cyber budget but not necessarily more authority on offensive cyber operations.
Cybersecurity
White House unveils Cyber Trust Mark program for consumer devices
The label is designed to help consumers make more cybersecure choices when they pick products off the shelf.
Artificial Intelligence
DOD announces completion of pilot to identify medical AI vulnerabilities
The Pentagon’s red teaming effort identified more than 800 “potential vulnerabilities and biases” in the use of large language models for clinical note summarization and for a medical advisory chatbot.
Cybersecurity
Congress approves 2025 NDAA with important cyber provisions
Left out was language that would have helped clarify the scope and reach of a controversial surveillance power that was renewed in April.
Cybersecurity
CISA orders federal agencies to secure their cloud environments
Federal civilian agencies are compelled by the Binding Operational Directive to adopt specific cloud standards under SCuBA, a government blueprint that helps agencies assess cloud security security guidelines.
Cybersecurity