Congress needs ‘private sector buy-in’ to address cyber workforce shortage

Organizations are working to educate and train the next generation of professionals to fill critical cybersecurity vacancies, but private sector firms need to change their hiring practices to integrate this pool of talent into the workforce. 

US ‘can’t PSA our way out’ of cyber vulnerability, CISA director says

Speaking during a Cybersecurity Advisory Committee meeting, CISA Director Jen Easterly noted that corporate responsibility for cyber must stand “as a matter of good governance.”

NIST wants to help prevent a major cyberattack on the water sector

The National Institute of Standards and Technology aims to provide a practical guide to address unique cyber challenges impacting America’s complex water systems.

Justice Department launches new unit to combat cyber threats

The National Security Cyber Section will work to "increase the scale and speed of disruption campaigns and prosecutions” against cybercriminals, an official said this week.

Vacant White House cyber post draws concern amid global software breach

In the aftermath of a global cyberattack exposing personal data on millions of Americans, calls are growing for the White House to fill the top slot at the Office of the National Cyber Director.

No 'systemic risk' to government networks from latest breach, CISA says

The nation’s cyber defense agency confirmed it was providing assistance to several federal agencies that have been impacted in an apparent global cyberattack.

Lawmakers suggest ‘radical transparency’ as key to shoring up US cyber posture

The lessons of Ukraine argue for increased openness about public and private sector cyber attacks, two congressmen said on Monday.

CISA's new directive targets devices that can be configured over public internet 

The nation’s cyber defense agency is requiring all federal civilian agencies to remove such devices from their networks. 

Spy agencies acquire commercial data with little coordination and few controls

The purchase of sensitive commercial data that is potentially traceable to individual Americans could be subject to new restrictions, according to a newly declassified report from the Office of the Director of National Intelligence.

New bill would give CISA greater cyber outreach responsibilities

The Cybersecurity Awareness Act would direct the agency to launch a new public-private campaign promoting cyber best practices across small businesses and underserved communities. 

Industry calls for clarity after White House extends software security form deadline

Software vendors praised a decision from the Office of Management and Budget to extend a deadline for agencies to collect self-attestation forms, though questions remain about what comes next.

Interior faces 'disturbing' cyber risks due to cracked passwords and vulnerable assets

Recent reports reveal the Department of Interior is not enforcing multifactor authentication for its high-value assets and has a range of other significant cybersecurity risks.

White House cyber strategy can help mitigate AI dangers, official says

Acting National Cyber Director Kemba Walden noted that the underpinnings of the National Cyber Strategy can offer guardrails for emerging AI systems. 

Ransomware gang exploits critical vulnerability in popular file transfer software

A cybersecurity advisory issued Wednesday said that a major ransomware group had successfully exploited a previously unknown vulnerability in Progress Software’s MOVEit software.

Public sector apps face widespread security challenges, report reveals

A new study found alarming security vulnerabilities across the vast majority of public applications over the last year.

Lawmakers want to expand USDA's Circuit Rider program to cover cyber

A new bill would allow small water utilities to obtain funds for cybersecurity consults. 

Experts call for overhaul of 'outdated' critical infrastructure cyber policy

A new report analyzes the federal government’s approach to infrastructure cybersecurity as a key strategy document is getting a rewrite.