CISA

Former CISA chief wants a new, cross-cutting new agency to lead federal cyber

Chris Krebs wants to establish a new agency to focus on privacy, data and cyber risks facing the U.S., or to pull the Cybersecurity and Infrastructure Security Agency from under the Department of Homeland Security.

Misinformation campaigns and threats are undermining confidence in U.S. elections, official says

CISA is ramping up efforts to defend voting systems from outside intrusion, but the spread of online misinformation and threats against election officials still damage faith in the electoral process.

CISA’s first international office set to open later this month in London

CISA’s planned international attaché office will help promote the agency’s first-ever global strategy announced last year.

CISA expands Joint Cyber Defense Collaborative

The JCDC is gaining over a dozen new experts focused on enhancing the cybersecurity posture for industrial control systems and operational technology as CISA ramps up security efforts around critical infrastructure.

NSA to get binding operational directive authority under new cyber policy

A new memo signed by President Biden outlines how the May 2021 executive order on cybersecurity applies to national security systems.

Biden's CX order puts new momentum behind longtime efforts, leaders say

Officials at an ACT-IAC event explained how a recent White House executive order on customer experience is helping to unify disparate CX efforts across government.

FTC warns of legal risks of failing on Log4j mitigation

The Federal Trade Commission issued a warning this week urging companies to take "reasonable steps" to mitigate known software vulnerabilities or face potential legal consequences, recalling the $700 million settlement Equifax paid for a major breach in 2017.

The legacy of the Cyberspace Solarium Commission

The Cyberspace Solarium Commission is officially sunsetting after more than two years, dozens of recommendations and a slew of legislative changes. But since there’s more to be done, the panel is rebooting its efforts as a non-profit.

CISA, FBI issue new guidance on addressing Log4j risks

The Cybersecurity and Infrastructure Security Agency and its partners are providing new ways to identify Log4j risks and mitigate possible exploitation.

CISA issues emergency directive to patch Log4j flaw

The Cybersecurity and Infrastructure Security Agency released an emergency directive on Friday ordering all federal agencies to take immediate action against a critical security flaw with potential long-term consequences for public and private infrastructure.

DHS scales up bug bounty program

Department of Homeland Security Secretary Alejandro Mayorkas announced a plan to pay vetted cybersecurity researchers between $500 and $5,000 for identifying cybersecurity vulnerabilities within agency systems.

DHS gets nearly 2,000 applications for new cyber cadre

The goal is for DHS to onboard the first 150 feds into the system next year.

CISA mulls plan to safeguard federal civilian email

According to contracting documents, the Cybersecurity and Infrastructure Security Agency is looking to take a leading role in identifying and defending against threats against federal civilian executive branch email systems and networks.

Langevin tees up cyber legislation for 2022

Rep. Jim Langevin (D-R.I.) is looking to create a statutory framework for threat information sharing and mitigation between a small number of critical infrastructure firms and the federal government.

Federal government still in the dark on ransomware

Information on the majority of ransomware attacks targeting American companies and civilian agencies remains unreported to the Department of Homeland Security, a top cyber official told lawmakers.

FBI wants in on cyber reporting legislation

A top FBI cyber official told lawmakers on Tuesday that the bureau could face significant challenges addressing cyberattacks and ransomware incidents if it was not included in breach disclosure requirements being considered in legislation.