National Security Council

CISA predicts cyber EO will drive progress on zero trust

Most agencies are just getting started creating plans around zero trust, but tight deadlines featured in President Joe Biden's cybersecurity executive order and a wave of new guidance, may speed up implementation across the entire government.

Warner previews breach notification bill

The chairman of the Senate Select Committee on Intelligence said he will introduce legislation to mandate that companies notify the government to major cybersecurity breaches, a promise several lawmakers have made this year.

Biden's top cyber nominees face the Senate as the country reels from cyberattacks

Jen Easterly, selected to head the Cybersecurity and Infrastructure Security Agency and Chris Inglis, the former National Security Agency deputy director picked to fill the new national cyber director role, faced lawmakers concerned about the spike in ransomware attacks.

CISA chief says cyber order is doable but will 'stretch the system'

The executive order, which was published Wednesday night, contains deadlines for CISA, the Department of Homeland Security, the Office of Management and Budget and other agencies to begin reworking the government's cybersecurity with some timelines as short as 30 days from its signing.

White House, CISA react to pipeline ransomware attack

Senior administration officials say multiple government agencies are working to distribute information to industry about the ransomware attack that led to the shutdown of a key natural gas pipeline for the East Coast.

Impeachment witnesses talk public service

Four former government officials who played key roles in the first impeachment of former president Donald Trump discussed their experiences during a Public Service Recognition Week event.

CISA issues third emergency directive since SolarWinds

The government's cybersecurity watchdog is increasingly issuing emergency instructions to agencies for handling high-risk vulnerabilities, something analysts say reflects both CISA's stature and the environment its working in.

White House launches cybersecurity push targeting electricity sector

The pilot program to improve the cybersecurity of the nation's electricity infrastructure is part of a broader initiative focused on industrial control systems.

White House stands down groups tackling SolarWinds, Microsoft Exchange

The move comes days after the administration sanctioned Russia for its alleged role in the cyberattacks

White House plans order on industrial control systems

The move tracks with a schedule "sprint" on the risks posed by insecure industrial control systems scheduled for this summer by the Department of Homeland Security.

Top cyber slots still unfilled amid multiple crises

Chris Krebs, the former CISA director, has been vocal in recent months about the need for his old job to be filled in short order while the administration confronts multiple cybersecurity problems within the federal government.

Krebs cautions on push for national cyber director

The former CISA chief expressed confidence in Deputy National Security Advisor Anne Neuberger to help the White House confront the multiple cybersecurity incidents it is facing.

House lawmakers seek answers on SolarWinds from agency chiefs

The letters sent to senior administration officials come as Senate lawmakers plan to hold a hearing on the breach of federal networks.

White House tees up cyber labeling policy

A 2020 law could provide some legal cover for executive orders regulating software and IoT cybersecurity, but new legislation could be required.

Biden to use Quad as 'vehicle' for regional cyber cooperation

Jake Sullivan, the national security advisor, says President Joe Biden discussed both the supply chain attack on SolarWinds and vulnerabilities being exploited in Microsoft Exchange with leaders of Japan, India and Australia.

Hafnium hack poses new long-term threat for already overtaxed cyber workers

Federal agencies still reeling from the effects of a massive hack involving SolarWinds may face a new challenge of evicting any adversaries that breached their networks through recently discovered vulnerabilities in Microsoft's Exchange software.

Changes coming to federal cyber in wake of massive breach

The supply chain hack that targeted IT management software SolarWinds and other vendors will result in changes to the federal government's cybersecurity posture, according to the official charged with leading the administration's response.