Policy

Biden: Fill Gaps in Cybersecurity Laws. Congress: What Gaps? Admin Officials: ...

Neither the DHS chief nor the FBI director had an answer when a lawmaker asked about Biden's Nov. 7 request.

Threats

Are You 'Choice-Paralyzed' About Protecting Your Critical Infrastructure? NSA Wants to Help

Simplifying decisions about hardening industrial control systems is the aim of new guidance from the NSA and the Cybersecurity and Infrastructure Security Agency.

Policy

Tell Everyone How to Measure Cyber Risk, DOD Begs NIST

Gaps in an 8-year-old standard are creating potentially dangerous mismatches between departments and agencies.

Business

Navy, Microsoft Team Up for R&D—and the Rights to Sell What Emerges

The Seattle-based tech giant will get access to Naval Postgraduate School facilities and the chance to negotiate exclusive rights for technology it helps develop there.

Threats

FBI: Ransomware Attackers Are Taking Aim at Critical Infrastructure

A joint advisory with CISA, the NSA, and their counterparts in the UK and Australia offers advice for defenders.

Policy

DHS Launches Portal to Recruit—and Retain—Cybersecurity Talent

The moment of truth is here for a new hiring system that promises to address gaping cybersecurity shortages by redefining "merit."

Threats

The Most Targeted Vulnerability of the Year Was First Identified in 2017

In a joint advisory, international cybersecurity officials say failure to patch years-old vulnerabilities makes attributing cyberattacks more difficult.

Policy

White House Asks CISA, NIST to Set Cybersecurity Performance Goals for Critical Infrastructure Operators

The initiative will not result in mandatory measures for the private sector, but the administration hopes to signal its commitment to cybersecurity and maybe get a little help from Congress on that front.

Policy

White House Wants Industry Input on New Software Security Rules

The administration wants to make sure the private sector has the ability to weigh in on procurement standards in an impending executive order.

Policy

Experts Torn on Proper Role of National Cyber Director

Former officials say someone needs to coordinate government entities but weighed pros and cons to the position being located within the National Security Council.

Policy

White House Prepping Multi-Part Executive Order on SolarWinds Hack

The official leading the effort said changes are necessary to improve information sharing within the federal government.

Threats

Water-Supply Hack Should Be a Wake-Up Call, Experts Say

The Cybersecurity and Infrastructure Security Agency should be involved every step of the way, a former presidential adviser said.

Threats

House Lawmakers Split Oversight of Cyber, Intel

Seven Armed Services Committee subcommittees will help oversee the vast Defense Department.

Policy

IGs Ask: How Well Do Feds Share Cyber-Threat Info?

A key government contractor has already weighed in with a scathing review.

Threats

Russia ‘Likely’ Behind SolarWinds Hack, Cyber Response Agencies Say

The Cyber Unified Coordination Group believes fewer than ten government agencies were compromised by the still-active intelligence operation.

Threats

CISA Warns About Iran’s Offensive Cyber Capabilities

One observer suggests the alert is meant more for the adversary than defenders.

Policy

2021 NDAA Would Create a National Cyber Director

If the bill passes next week and is signed into law, another amendment would codify cybersecurity roles for sector-specific agencies.

Threats

Krebs Unloads About Trump’s Election-Fraud Claims

The former director of the Cybersecurity and Infrastructure Security Agency worries that his firing will hurt the recruitment of future leaders.

Threats

Biden Team Highlights Cybersecurity With First Cabinet Picks

Familiar faces will likely have to revisit efforts around information-sharing and establishing global norms.

Threats

US Charges Six Russians with Major Cyberattacks

U.S. officials said a new indictment describing a four-year global conspiracy belies the country’s recent offer to reset relations in cyberspace.