Cybersecurity

White House bans government 'operational' use of commercial spyware in executive order

The Biden administration hopes the ban on government use of commercial spyware will serve as a model for other countries to help stem the proliferation of surreptitious surveillance tools.

  • By Alexandra Kelley

Industry reps like CISA's public-private cybersecurity collaborative, but offer tips on how to scale it

Rep. Eric Swalwell (D-Calif.) noted in the hearing that CISA’s Joint Cyber Defense Collaborative lacks a charter or membership criteria and previewed a forthcoming bill to “clarify activities of the JCDC.”

  • By Natalie Alms

Treasury's system tracking federal debt still needs security improvements, GAO says

The watchdog found continued “information system control deficiencies,” despite Treasury’s progress on prior recommendations.

  • By Edward Graham

CISA: 'Multiple threat actors' used old exploit to access federal agency servers

At least two groups tried to exploit the vulnerability to get deeper into the agency’s networks, including a Vietnamese criminal gang.

  • By Aaron Boyd

Government employees and defense contractors still have got bad passwords, report says

According to new research, a majority of government employees with exposed passwords were found to have reused them across multiple accounts. 

  • By Chris Riotta

NSA offers new tips on zero trust and identity

Weaknesses in identity and access controls are allowing cyber attacks to happen, NSA officials say. A new tip sheet is meant to help national security systems mature their controls.

  • By Natalie Alms

New bills look to help small water systems tap cybersecurity help

New legislation looks to set aside $10 million to help subsidize fees for small utilities to join the Water Information Sharing and Analysis Center.

  • By Carten Cordell

Lawmaker and staffer health data exposed in insurance breach

The attack on local insurance company DC Health Link threatens to expose personal information of House lawmakers and Hill staffers.

  • By Alexandra Kelley

TSA issues cybersecurity amendment for aviation industry

The Transportation Security Administration has released a series of new performance-based cybersecurity measures for the aviation industry just days after the White House released its national cybersecurity strategy.

  • By Chris Riotta

CISA still has work to do to fix agency weaknesses revealed by SolarWinds, watchdog says

A new report from the Department of Homeland Security’s inspector general details recommendations for CISA’s network visibility and threat detection tech, workforce and more.

  • By Natalie Alms

EPA: States must evaluate cybersecurity of public water systems

The Environmental Protection Agency said it was expanding its capacity for helping states assess the cybersecurity of operational technology used in public water systems.

  • By Alexandra Kelley

Tech trade group leery of new regulations proposed in Biden's cyber strategy

The new national cybersecurity strategy calls for software providers to be held accountable for vulnerabilities in their products – a fundamental shift in approach that sparked concerns among some technology associations and firms.

  • By Chris Riotta

National cyber strategy faces major implementation challenges, experts say

A depleted workforce, lack of funding and challenges with information sharing across the public and private sectors may severely hamper the federal government’s implementation of a new sweeping cybersecurity strategy, experts told FCW. 

  • By Natalie Alms and Chris Riotta

New White House cyber strategy looks to redistribute risks, responsibilities

The ranging strategy document includes plans for the collective defense of federal civilian executive branch agencies and a push for legislation to require software vendors to assume liability for the security of their products.

  • By Natalie Alms
Featured eBooks

CISA advisory details red team attack on critical infrastructure organization

The report comes as the director of the nation’s cyber defense agency calls on Congress to establish “higher standards of care for software in specific critical infrastructure entities.”

  • By Chris Riotta

U.S. Marshals Service hacked in ‘major incident’

This is the second time the agency has been hacked in recent years, adding to a growing number of agencies that have experienced cybersecurity incidents.

  • By Kirsten Errick

White House to officially ban TikTok from government devices within 30 days

New guidance from the Office of Management and Budget finalizes a congressional push to ban the popular Chinese social networking app from all government devices amid privacy and security concerns.

  • By Chris Riotta

Census Bureau data susceptible to ‘reconstruction attacks’ exposing individual data, report claims

A team of computer scientists demonstrated how cybercriminals can leverage commercial laptops to reverse engineer the Bureau’s statistics, leaving Americans exposed to risks like identity theft and discrimination. 

  • By Chris Riotta

House bill would put grid operators on a short clock for breach reporting

A cyber incident reporting bill making its way through Congress would task critical energy infrastructure owners and operators with reporting cyber incidents to the Department of Energy within 24-hours of their discovery.

  • By Chris Riotta

Cyberattacks on Energy's National Labs draw lawmaker scrutiny

The attacks, allegedly conducted by Russian-based adversaries, occurred during August and September 2022, potentially exposing sensitive U.S. scientific research.

  • By Alexandra Kelley

U.S. cyberspace ambassador lays out technology’s role in geopolitical contests

Nathaniel Fick said tools like cloud computing and public-private partnerships will continue to prove essential to diplomacy, as they already have in Ukraine. 

  • By Chris Riotta