Cybersecurity
NDAA Negotiations Will Determine Success of Several Cyber Solarium Goals
Influence from major industry threatens once again to thwart lawmakers’ attempts to realize their policymaking goals through the annual defense authorization bill.
Cybersecurity
CISA Director: Big Tech Shouldn’t Charge Extra for Event Logging
The agency has promised to measure the success of efforts to steer major software providers toward the inclusion of logging and other basic security features in their products “by default,” but has said little about how it actually intends to do that.
Cybersecurity
Agencies Shouldn’t 'Just Trust' Software Vendors' Security Assurances, IG Warns
NIST advisors debating the merits of OMB’s policy on software vendors’ “self-attestation” to secure development practices found common ground on a need for audits and testing.
Cybersecurity
CISA Seeks Feedback on Baseline Measures to Secure Cloud Configuration
Initial baselines address Microsoft services, and baselines for configuring rival services from Google are up next.
Cybersecurity
Global Cyber Workforce Needs 3.4 Million Professionals to Fill Gaps, Study Finds
The survey also found that government cyber workers reported the least confidence in their ability to mitigate security threats over the next couple years “based on their current staff and tools.”
Cybersecurity
Can Service Meshes Help Bring Legacy Government Applications into Zero Trust?
The Biden administration’s imperative to move to zero trust could prove challenging for agencies with still-functional legacy systems.
Cybersecurity
NSA Advocates Active Defense, as Industry Lawyer Advises Against Incident Reports
Speakers at a new conference hosted by cybersecurity firm Mandiant highlighted the challenge the government faces in motivating companies to report attacks on critical infrastructure.
Cybersecurity
Labor Group Highlights Conflict of Interest Issues in Cyber Workforce Legislation
The federal workers union wrote to senators opposing an amendment to the NDAA that would establish a civilian reserve at CISA.
Cybersecurity
Commercial Availability, Consequences Best Approach for Post-Quantum Transition
Ann Cox, the lead at the Department of Homeland Security’s research office, emphasized community engagement and technological needs for a successful quantum-resilient future.
Cybersecurity
4 Critical Infrastructure Sectors to Get New Cyber Rules, Per White House Official
The deputy national security advisor for cyber and emerging tech said it should be up to sector-specific agencies to decide who should implement appropriate cybersecurity defenses.
Cybersecurity
Lessons from China’s Cyberattack Strategy Can Help CISOs Better Manage Threats, Report Says
A new report from Booz Allen Hamilton analyzed more than a dozen Chinese-sponsored cyberattacks over the past decade.
Cybersecurity
White House's Internet of Things Security Initiative Gets an Official Meeting Date
The meeting was announced as the administration prepared to release its long awaited national security strategy.
Cybersecurity
Why CISA Won’t Release ‘Public’ Comments on Upcoming Performance Goals
CISA officials often stress their non-regulatory role, but Congress keeps trying to give the agency regulatory responsibilities.
Cybersecurity
New Report Shows Significant Improvement in Consumer Cyber Hygiene
Senior administration officials and cybersecurity leaders marking Cybersecurity Awareness Month weighed in on a consumer survey examining how behaviors have changed over the last three years.
Cybersecurity
National Cybersecurity Review Begins for All Levels of Government
Answering the survey—based on the National Institute of Standards and Technology’s cybersecurity framework—is mandatory for certain grant recipients.
Ideas
What Will it Take to End the Public Sector’s Cybersecurity Talent Gap?
The difference between the number of open cybersecurity positions and the number of people able to fill those roles has skyrocketed in recent years.
Cybersecurity
Watchdog Identifies Multiple Security Deficiencies at VA Medical Center in Louisiana
The VA’s Office of Inspector General found “critical and high-risk vulnerabilities on 37% of the devices” at the Louisiana-based medical center.
Cybersecurity
Industry Objections Spur Changes to Cybersecurity Provisions in Defense Bill
Key members of the House and Senate are altering proposals for identifying systemically important critical infrastructure and securing the software supply chain.
Cybersecurity
Federal Cyber Mandates for Water Infrastructure Are Too Costly to Implement, Experts Say
A House hearing saw expert testimony emphasizing the need for steady funding to cybersecurity programs in water utility providers—especially in rural regions.
Cybersecurity
CISA Plans to Measure the Effect of Coming Standards on Industry’s Cybersecurity
But big companies want to avoid agencies’ use of related performance goals in new regulation.
Almost There!
Help us tailor content specifically for you: