Cybersecurity

Survey: Many water utilities lack data on IT, OT assets

The new survey data from an information sharing and analysis center was published on the same day a news outlet reported a water treatment facility in California was easily breached by an individual who possessed a former employee's credentials.

Cybersecurity

New bill looks to ramp up penalties for ransomware crooks

Three senators are aiming to pass new legislation that expands DOJ's power to go after botnets and stiffen penalties for cyberattacks on critical infrastructure by adding it to the upcoming infrastructure bill.

Cybersecurity

TSA preps second pipeline cyber directive

A senior TSA official told House lawmakers on Tuesday that it is preparing to issue a second security directive focused on cybersecurity mitigation measures used by pipeline companies.

Cybersecurity

DHS poised to remake federal hiring in September to confront cybersecurity gap

The Department of Homeland Security's Cybersecurity Talent Management System has been years in the making, but officials say it will finally come online this fall.

Cybersecurity

Warner previews breach notification bill

The chairman of the Senate Select Committee on Intelligence said he will introduce legislation to mandate that companies notify the government to major cybersecurity breaches, a promise several lawmakers have made this year.

Cybersecurity

Biden's top cyber nominees face the Senate as the country reels from cyberattacks

Jen Easterly, selected to head the Cybersecurity and Infrastructure Security Agency and Chris Inglis, the former National Security Agency deputy director picked to fill the new national cyber director role, faced lawmakers concerned about the spike in ransomware attacks.

Cybersecurity

Colonial Pipeline CEO talks ransom with lawmakers

House lawmakers on Wednesday were keen to ask Colonial Pipeline's chief executive officer what he knew about the ramifications of making a ransom payment and how it might affect the company's finances.

Cybersecurity

Colonial CEO defends $4.3M ransomware payment

Joseph Blount, the chief executive officer of Colonial Pipeline, on Tuesday defended the company's ransom payment to the criminal group Darkside and said Colonial is continuing to work with law enforcement and cybersecurity consultants to restore their business systems.

Modernization

DOJ seizes $2.26 million in ransom paid out by Colonial Pipeline

The FBI on Monday said it has identified at least 90 victims across multiple industrial sectors that Darkside has victimized.

Digital Government

White House warns industry on ransomware threat

Deputy National Security Advisor Anne Neuberger on Thursday warned industry leaders to view ransomware as a threat to their core business operations, not just a risk of data theft.

Cybersecurity

Supreme Court narrows scope of hacking law, but questions remain

The Supreme Court's ruling on Thursday decided a police officer did not violate a 1980s anti-hacking law, but the court ultimately left open questions about the Computer Fraud and Abuse Act's applicability for other purposes such as cybersecurity research.

Cybersecurity

Lawmakers seek IG probes of telework cybersecurity

A group of House lawmakers are calling on the inspectors general of nine executive departments and the intelligence community to see what cybersecurity vulnerabilities may have arisen due to the mass increase of telework during the coronavirus pandemic.

Acquisition

Biden's first budget ups cyber and tech spending; gives feds a 2.7% pay raise

The Biden administration released its $6 trillion fiscal year 2022 budget proposal on Friday, including $1.5 trillion in discretionary spending across federal agencies.

Cybersecurity

The group that hacked SolarWinds is out with a new campaign, Microsoft says

Microsoft said in a blog post the hackers behind SolarWinds are already advancing their tradecraft, and are impersonating a U.S. government agency as part of a global phishing campaign.

Cybersecurity

After Colonial attack, TSA issues new cyber regs for pipelines

DHS chief Alejandro Mayorkas cited the attack on Colonial Pipeline as the impetus for the new regulations.

Cybersecurity

Biden's first cyber EO deadline is here. What will change?

The Department of Homeland Security was asked to transmit policy recommendations on data retention and event logging to the Office of Management and Budget by May 26 as part of President Joe Biden's cybersecurity executive order.

Cybersecurity

DHS to issue new pipeline security regulations after Colonial attack

A Department of Homeland Security spokesperson said the new guidance for pipeline security will be issued in the coming days.

Acquisition

NASA looks to change course on cybersecurity with new contract

NASA's inspector general says the agency's "fragmented" IT approach has left it with an overly risky cybersecurity posture. Meanwhile the agency is preparing a solicitation for a wide-ranging cybersecurity management contract.

Cybersecurity

Industry coalition asks appropriators to boost CISA funding

CISA received $650 million from the American Rescue Plan Act, but the agency's top officials have described that as only a "down payment" to move the government's cybersecurity efforts.

Cybersecurity

House advances cybersecurity bills in wake of pipeline company hack

Following a week filled with a devastating ransomware attack and a massive executive order to strengthen the federal government's networks, a House panel on Tuesday advanced several bills largely aimed at DHS and CISA.