Cybersecurity

Can NTSB-style oversight work for cybersecurity?

President Joe Biden's new cybersecurity executive order calls for a safety review board to examine the attack against SolarWinds as well as other significant cybersecurity incidents moving forward.

Cybersecurity

House lawmakers re-introduce pipeline security bill after Colonial hack

Lawmakers in previous years have tried to clarify and change which agencies are responsible for regulating the cybersecurity of oil and gas pipelines.

Cybersecurity

CISA chief says cyber order is doable but will 'stretch the system'

The executive order, which was published Wednesday night, contains deadlines for CISA, the Department of Homeland Security, the Office of Management and Budget and other agencies to begin reworking the government's cybersecurity with some timelines as short as 30 days from its signing.

Cybersecurity

Biden signs much-anticipated cybersecurity executive order

The order will, among other things, mandate measures such as multifactor authentication and encryption across government agencies in as quickly as six months.

Cybersecurity

TSA's role in pipeline security looks like a weak link to some in government and industry

Questions about whether TSA is rightly positioned to oversee cybersecurity for natural gas and oil pipelines are resurfacing in the wake of the ransomware attack on Colonial Pipeline.

Cybersecurity

CISA's Wales backs new response, recovery fund

Brandon Wales, acting director of the Cybersecurity and Infrastructure Security Agency, said the funding would go toward expanding CISA's incident response teams with additional contractors and developing new technologies to be used by those teams.

Cybersecurity

White House, CISA react to pipeline ransomware attack

Senior administration officials say multiple government agencies are working to distribute information to industry about the ransomware attack that led to the shutdown of a key natural gas pipeline for the East Coast.

Cybersecurity

Granholm says cyber R&D is a priority at DOE

The agency chief said is refocusing the Energy Department's Office of Cybersecurity, Energy Security, and Emergency Response on providing grid operators with threat intelligence and response capabilities.

Cybersecurity

DHS kicks off workforce sprint with push to hire 200 cyber pros

DHS Secretary Alejandro Mayorkas characterized the new effort to hire cybersecurity personnel as the largest of its kind in the agency's history.

Cybersecurity

Mayorkas: DHS running ransomware task force, White House plan coming

DHS Secretary Alejandro Mayorkas on Thursday said his agency plans to take up the recommendations from a new report focused on combating ransomware and that the White House is developing its own plan to confront the growing cybersecurity threat.

Cybersecurity

CISA experiments with cloud log aggregation to ID threats

CISA's chief technology officer said the cybersecurity watchdog has pilot projects underway with several departments and agencies to explore whether it can compile cloud logs as a way to increase its visibility into agency networks.

Digital Government

Former CIO urges lawmakers to relax TMF paybacks

The $1 billion boost to the Technology Modernization Fund can help agencies, but some changes to strict payback rules will help CIO shops get started on much-needed modernization.

Cybersecurity

New bill would task CISA with infrastructure risk assessments

A new Senate bill would mandate the Department of Homeland Security continually reassess risks to critical infrastructure and that the White House provide a report to lawmakers outlining what legislative steps should be taken to mitigate potential problems.

Cybersecurity

CISA warns on new threat group using VPN flaw

A new report by the government's cybersecurity agency warns about another threat actor using malware initially discovered during the response to the intrusion involving SolarWinds.

Cybersecurity

CISA issues third emergency directive since SolarWinds

The government's cybersecurity watchdog is increasingly issuing emergency instructions to agencies for handling high-risk vulnerabilities, something analysts say reflects both CISA's stature and the environment its working in.

Cybersecurity

CISA confirms U.S. agencies affected by Pulse Connect VPN vulnerabilities

The cybersecurity firm FireEye suspects at least one of the campaigns it reported on operates on behalf of the Chinese government.

Cybersecurity

White House launches cybersecurity push targeting electricity sector

The pilot program to improve the cybersecurity of the nation's electricity infrastructure is part of a broader initiative focused on industrial control systems.

Cybersecurity

White House stands down groups tackling SolarWinds, Microsoft Exchange

The move comes days after the administration sanctioned Russia for its alleged role in the cyberattacks

Cybersecurity

Days after sanctions, House to vote again on Cyber Diplomacy Act

A bill to establish a cyberspace ambassador and an Office of Cyber Issues at the State Department is due to receive a vote on the House floor next week, according to two lawmakers sponsoring the bill.

Cybersecurity

White House sanctions Russia over SolarWinds campaign, election interference

The White House today announced a sanctions package targeting the Kremlin, Russian technology companies and financial institutions for hacking and misinformation efforts.