Emerging Tech
GAO: Agencies Need to Conduct Cyber Risk Assessments of IoT, OT Devices in Critical Infrastructure Sectors
A Government Accountability Office report found that the agencies responsible for managing infrastructure in the healthcare and public health, energy and transportation sectors need to better assess their cyber risk mitigation strategies.
Digital Government
TSA Wants to Automate ID Verification at Checkpoint Security
The agency is testing using facial recognition to verify passengers’ information with the information on record.
Cybersecurity
CISA Seeks Information for Potential Cyber Threat Intelligence Platform
The request will help the agency develop the platform to address current challenges related to cyber threat intelligence.
Cybersecurity
Latest Guidance Outlines Customer Responsibilities for Software Security
The guide provides recommendations throughout the product lifecycle, from procurement to deployment.
Cybersecurity
Agencies Push Deadline to Comment on Would-Be Federal Cyber Insurance Program
Insurance companies are pushing for taxpayer assistance to provide coverage in the event of catastrophic incidents.
Cybersecurity
Secret Service’s Zero Trust Plan Must Account for OMB Guidance, Watchdog Says
The Secret Service’s plan for adopting a zero trust architecture model across the agency’s systems has not been updated since the Office of Management and Budget released new guidance in January.
Cybersecurity
Big Tech Tells CISA to Exempt Third-Party Providers from Incident Reporting Rule
Major industry groups clashed on how CISA should define key terms in its rulemaking process to implement the federal incident reporting law.
Cybersecurity
Iranian Hackers Compromised a Federal Agency’s Network, CISA and FBI Say
Actors linked with the Iranian government were able to exploit an unpatched Log4Shell vulnerability—which the Cybersecurity and Infrastructure Security Agency asked agencies to address by the end of 2021—in an unnamed agency’s network.
Digital Government
ICE Needs More Data to Monitor Foreign Students Taking US Research, Watchdog Says
The data is meant to assess the risk of foreign STEM students and scholars transferring technology from American universities to foreign entities.
Cybersecurity
CISA Highlights Space, Bioeconomy as Possible New Critical Infrastructure Sectors
The agency also suggested existing sectors be consolidated and that there is a need for some agencies to exercise greater authority over private-sector entities.
Modernization
5 Tips from Practitioners to Improve Government Customer Experience
Good customer experience doesn’t happen by accident.
Cybersecurity
DHS Chief Appears to Back Status Quo Approach for Securing Critical Infrastructure
The Biden administration is looking to Congress for help with ‘filling gaps in statutory authorities’ for improving U.S. cybersecurity.
Cybersecurity
CISA Issues Vulnerability-Management Tools Dependent on Industry Action
Federal agencies are under a binding operational directive to address exploitable security vulnerabilities in their software, but the success of CISA’s effort relies on the cooperation of software vendors.
Cybersecurity
How Federal Agencies are Using Innovative Tech to Protect Critical Infrastructure Cybersecurity
Officials from CISA and DARPA spoke about their initiatives to support cybersecurity operations across critical infrastructure networks.
Cybersecurity
No ‘Specific or Credible’ Cyber Threats Affected Integrity of Midterms, CISA Says
Despite “a handful” of DDoS attacks targeting state and local election websites and some technical glitches affecting voting equipment, CISA says it saw “no activity” that should undermine faith in the results of the midterm elections.
Cybersecurity
Former CISA Head Calls for Renewed Action to Combat Election Lies
Inaugural CISA director Chris Krebs expressed concern about the spread of election misinformation as Twitter changes up its user verification process.
Cybersecurity
CISA, NSA and Industry Outline Security Responsibilities of Software Suppliers
New guidance from the federal agencies—and major companies serving the government—tries to distinguish between the security duties of software developers, suppliers and consumers.
Cybersecurity
CISA Leaning Toward Lower Threshold for Mandatory Cyber Incident Reporting
The agency has started to receive feedback from some key stakeholders for its rulemaking process on the issue.
Policy
Election Misinformation Targeting Diverse Communities Drives Calls for Collaboration
Nonprofit groups have stated that federal officials need to do more to directly engage with their efforts on the ground.
Cybersecurity
CISA Director: Big Tech Shouldn’t Charge Extra for Event Logging
The agency has promised to measure the success of efforts to steer major software providers toward the inclusion of logging and other basic security features in their products “by default,” but has said little about how it actually intends to do that.
Almost There!
Help us tailor content specifically for you: