Cybersecurity

Interior faces 'disturbing' cyber risks due to cracked passwords and vulnerable assets

Recent reports reveal the Department of Interior is not enforcing multifactor authentication for its high-value assets and has a range of other significant cybersecurity risks.

  • By Chris Riotta

White House cyber strategy can help mitigate AI dangers, official says

Acting National Cyber Director Kemba Walden noted that the underpinnings of the National Cyber Strategy can offer guardrails for emerging AI systems. 

  • By Alexandra Kelley

Ransomware gang exploits critical vulnerability in popular file transfer software

A cybersecurity advisory issued Wednesday said that a major ransomware group had successfully exploited a previously unknown vulnerability in Progress Software’s MOVEit software.

  • By Chris Riotta

Public sector apps face widespread security challenges, report reveals

A new study found alarming security vulnerabilities across the vast majority of public applications over the last year.

  • By Chris Riotta

Lawmakers want to expand USDA's Circuit Rider program to cover cyber

A new bill would allow small water utilities to obtain funds for cybersecurity consults. 

  • By Adam Mazmanian

Experts call for overhaul of 'outdated' critical infrastructure cyber policy

A new report analyzes the federal government’s approach to infrastructure cybersecurity as a key strategy document is getting a rewrite.

  • By Alexandra Kelley

U.S., South Korean agencies warn of state-sponsored spearphishing

The North Korea-affiliated group Kimsuky’s email attacks targeted research and media organizations.

  • By Alexandra Kelley

Federal vision to streamline cyber incident reporting expected this summer

The Cyber Incident Reporting Council will issue a report to Congress "in the next month or two" with recommendations on ways to achieve harmony across a complex network of federal cyber mandates. 

  • By Chris Riotta

FTC charges Ring over 'disregard' for customer data security

The Federal Trade Commission has proposed stronger security protocols for home video surveillance company Ring after years of mounting concern over data privacy.

  • By Alexandra Kelley

Satellite data could boost border security, disaster response

Homeland Security relies on satellite imagery for its missions—and it wants more.

  • By Lauren C. Williams

AI and China are ‘defining challenges of our time,’ CISA director says

Artificial intelligence’s potential as an “extinction event” for humanity prompted CISA Director Jen Easterly to advise companies to “think about self-regulation” for product security and safety.

  • By Edward Graham

Unmonitored networks put US nuclear arsenal at risk, GAO finds

A Government Accountability Office report found that the Energy Department cannot effectively monitor potential insider threats to U.S. nuclear security because department staff “have not identified the total number of DOE’s stand-alone classified networks.”

  • By Edward Graham

GAO identifies new infosec deficiencies in IRS system controls

The watchdog's annual audit of the agency turned up new recommendations on system access controls and security configurations, alongside a limited release report and previous recommendations.

  • By Carten Cordell

DHS' cyber agency seeks small biz support for strategic planning

The Cybersecurity and Infrastructure Security Agency has set a date to explain its changes to a management consulting services contract.

  • By Nick Wakeman
Featured eBooks

Energy Department officials eye 2027 date to stand-up cyber intelligence center

Officials from the department's Office of Cybersecurity, Energy Security and Emergency Response told House members Tuesday that work within the threat-sharing pilot program has already shown progress and could use more resources from Congress.

  • By Carten Cordell

Ransomware vulnerability warning pilot yielding valuable lessons, CISA official says

A new interagency effort to proactively mitigate ransomware vulnerabilities has helped expand information sharing between the public and private sectors, according to a risk operations official from the Cybersecurity and Infrastructure Security Agency. 

  • By Chris Riotta

Lawmakers tell Biden they are ‘extremely concerned’ about critical vacant cyber role

The Office of the National Cyber Director has not had a Senate-confirmed director since former Director Chris Inglis left the post nearly three months ago, just prior to the release of the national cyber strategy.

  • By Chris Riotta

NIST updates cyber guidance for contractors handling sensitive data

The National Institute of Standards and Technology is accepting comments on the revised document through July 14. 

  • By Alexandra Kelley

CISA is growing up, CIO says

CISA's Bob Costello talks top priorities, challenges and growing pains and progress for a CIO office in a relatively young federal agency.

  • By Natalie Alms

Energy Department's cybersecurity program features critical weaknesses, report says

The Department of Energy is suffering from significant issues surrounding identity and access management, in addition to dozens of other concerns detailed in a new inspector general’s report. 

  • By Chris Riotta

DISA wants to take Thunderdome pilot to full production in ’30 to 60 days,’ director says

Lt. Gen. Robert Skinner said following the successful test of the zero trust architecture prototype, the Defense Department’s information technology agency is working on an acquisition plan to scale the program.

  • By Carten Cordell