Author Archive
Cybersecurity
The U.S. is the top target of ransomware attacks, report says
The majority of ransomware attacks worldwide targeted industries that play a "critical role" in domestic and international supply chains, including IT, health care and the public sector, according to new research.
Cybersecurity
Cyber criminals increasingly relying on ransomware-as-a-service, report says
A new report reveals threat actors are using the same ransomware as in previous years – but relying on new malware-free intrusion methods and ransomware-as-a-service offerings to evade popular mitigation techniques.
Cybersecurity
CISA teases strategy to protect critical infrastructure
The Cybersecurity and Infrastructure Security Agency will soon release a sweeping plan to bolster cybersecurity protections for the nation's critical infrastructure industries.
Cybersecurity
NSA, CISA and ODNI release new software supply chain guidelines for developers
The guidelines include best practices on open source management, verifying third-party components, delivering code, component maintenance, hardening the build environment and more.
Data & Analytics
New report warns of growing 'data divide'
The Center for Data Innovation says a lack of collection and use of data across demographics is leading to disparities in access to critical services.
Cybersecurity
CISA's cyber info sharing program didn't always deliver, watchdog says
The Cybersecurity and Infrastructure Security Agency did not always provide more than 300 participants of a public-private cyber threat partnership with actionable information to address potential vulnerabilities, according to an oversight report.
Cybersecurity
FTC explains 'reasonable' cybersecurity
From risk-based management to staying up-to-date about known vulnerabilities and their patches, the Federal Trade Commission is detailing key steps organizations can take to avoid getting hit with a data security complaint.
Public Safety
Legislation sets penalties for drone misuse
The Drone Act of 2022 would set new federal penalties for drone operators who weaponize drones, disrupt emergency operations or use the technology to deliver contraband into prisons.
Cloud & Infrastructure
Infrastructure investments should focus on 'cyber smart' projects
Funding appropriated in the $1.2 trillion Infrastructure Investment and Jobs Act should go toward investments that bolster resilience and protections for America's digital and physical infrastructure, National Cyber Director Chris Inglis said.
Cybersecurity
Water sector wants greater cybersecurity for its infrastructure
Experts from the water and wastewater sectors called on the Environmental Protection Agency to bolster cybersecurity for what they called America's "weakest link" when it comes to critical infrastructure.
Cybersecurity
Watchdog finds cyber risks in TVA control systems
The Tennessee Valley Authority, a federal utility operating in seven southeastern states, lacked proper IT controls and cybersecurity oversight of systems assisting with flood and river management, according to a recent inspector general report.
Cybersecurity
EPA seeks funding to improve the cybersecurity of America’s water systems
The Environmental Protection Agency aims to invest $4 billion in upgrades to the nation’s water and wastewater infrastructure with a strong focus on cybersecurity.
Cybersecurity
New cybersecurity bill authorizes DHS to ramp up incident response efforts nationwide
The National Cybersecurity Preparedness Consortium Act gives the Department of Homeland Security a range of opportunities to bolster cybersecurity preparedness at the state and local level, including and technical assistance services.
Data & Analytics
Panel closes in on federal data use recommendations
The Advisory Committee on Data for Evidence Building is preparing a series of recommendations that officials said will increase collaboration with state governments.
Cybersecurity
NIST moves toward cybersecurity labeling for IOT devices
If a plan proposed in the Biden administration's executive order is successful, consumer internet-of-things devices will come with a cybersecurity seal of approval.
Cybersecurity
CISA's public-private cyber defense group helped speed Log4j mitigation, experts say
A panel of cybersecurity pros testified that the Cybersecurity and Infrastructure Security Agency's collaborative operational body helped speed up response times and provide critical real-time insights on the Log4J software vulnerabilities to a vast range of companies and federal agencies.
Cybersecurity
White House starts the clock on zero trust adoption
Agencies will have to meet specific zero trust security requirements by the end of fiscal year 2024 under a new policy memo, including updates to identity policies that will affect how federal employees access systems and applications.
Cloud & Infrastructure
Citizen satisfaction with federal government services hits all-time low
The American Customer Satisfaction Index 2021 Federal Government Report showed citizen satisfaction in government services in a freefall over the last four years, with declines across all driving indicators of satisfaction.
Cybersecurity
Ransomware to overtake phishing as top cause for data compromises, report says
A new report says 2021 set a record for data breaches, but increasingly notifications to victims and authorities often lack transparency, hindering investigations.
Data & Analytics