Cybersecurity

DOJ Issues Guidance for Enforcing Computer Fraud and Abuse Act

Nearly a decade after the death of open-access advocate Aaron Schwartz, his legacy is still playing out in cybersecurity policy.

Cybersecurity

Legislation Promoting Cyber Collaboration Between DHS and States Awaits Biden Signature

The legislation would improve information sharing between federal cybersecurity authorities and state and local governments.

Ideas

The Cybersecurity Executive Order: From Missed Opportunity to Unexpected Progress

The impact of President Joe Biden’s cybersecurity executive order over the last year proved to go beyond initial expectations.

Cybersecurity

Survey: Most Agencies Expect to Meet Zero Trust Requirements

More than half of federal IT professionals surveyed are actively implementing a zero trust strategy.

Cybersecurity

Survey: 93% of Americans Fear Cyber Warfare Against U.S.

A consumer survey suggests Americans are taking some steps to prepare for possible cyber warfare.

Cybersecurity

Defense Officials Push For Cyber Standards Compliance, Citing Warfighter Needs

Officials from Defense’s CIO Office reiterated the need for strong digital defenses as conflicts take aim at critical infrastructure.

Cybersecurity

NIST’s Supply-Chain Security Guidance Tells Agencies: Look to FedRAMP First

The agency has spent years revising guidance for organizations to address vulnerabilities presented by vendors of software and other enterprise suppliers.

Cybersecurity

NSA Chief: Cyber Command Did 9 International Missions Last Year

The dual-hatted head of the spy agency and military command has been conducting proactive missions to diffuse cyber threats to U.S. elections and other critical infrastructure and stressed the importance of artificial intelligence to advance those efforts.

Cybersecurity

CISA Points to Water Sector in Seeking $80 Million More for FEMA Grants

CISA and FEMA are currently rolling out the first of $1 billion the Homeland Security agencies got in Rescue Act funding to help state and local entities improve their cybersecurity.

Cybersecurity

NIST Official: Revised Cybersecurity Supply-Chain Guidance Imminent

The software Industry wants agencies to show their ‘use’ of the NIST Cybersecurity Framework, which it says should be mapped to the revised supply chain guidance.

Cybersecurity

Telecom Group Wants NIST to Map Performance Goals to the Cybersecurity Framework

But, in general, the industry wants NIST to avoid making any changes at all to the choose-your-own-adventure document that has guided risk management and U.S. cybersecurity policy for almost a decade.

Emerging Tech

Lawmaker Argues for Quantum-Level Security in a Pre-Quantum World

New legislation advocates safeguarding U.S. online networks with quantum-resistant encryption as a preemptive cybersecurity measure.

Cybersecurity

Energy to Fund Development of Climate-Friendly Grid Security and Resilience

The effort reflects a commitment to clean energy while aiming to mitigate supply-chain threats.

Emerging Tech

Bipartisan Legislation Calls for Implementing Post-Quantum Security Practices

The new Quantum Computing Cybersecurity Preparedness Act would prepare for stronger quantum algorithms that pose a threat to traditionally-encrypted data.

Cybersecurity

CISA Adds Industrial Control System Specialists to Joint Cyber Defense Collaborative

Companies in the space are trying to shape public policy and push for money agencies can use to—among other things—track their devices and other assets.

Cybersecurity

Lawmakers Weighing Critical Infrastructure Designation for Major Cloud Service Providers

Rep. Jim Langevin and others are working on bipartisan legislation to be introduced this summer that truly reflects the Solarium Commission’s agreement on benefits and burdens for systemically important private-sector entities.

Cybersecurity

Industry Groups Butt Heads on SEC’s Incident Reporting Rules

A major trade association for relevant financial-sector entities is asking the regulatory agency to hold off in favor of incident reporting rules being implemented at the non-regulatory Cybersecurity and Infrastructure Security Agency.