The Cybersecurity and Infrastructure Security Agency is seeking $116 million to finance staffing and technology upgrade efforts for the Cyber Incident Reporting for Critical Infrastructure Act, according to the Department of Homeland Security’s fiscal year 2025 budget request. CISA plans to implement ticketing and customer relationship management systems and onboard 122 employees to aid in […]
The Department of Health and Human Services has published a letter urging UnitedHealth Group to expedite the activation of its programs designed to mitigate the impact of a ransomware attack on its claims processing and payments platform. UHG is the parent company of Change Healthcare, which is the subject of the cyberattack on Feb. 21. […]
Jane Rathbun, the Department of the Navy’s chief information officer, shared at a recent GovCIO Media & Research event that her organization is securing tactical edge communications by modernizing its infrastructure, training its workforce and utilizing emerging technology. Rathbun, a 2024 Wash100 winner, said she wants to ensure that warfighters receive trustworthy and useful data […]
The Cybersecurity and Infrastructure Security Agency recently hosted the Open Source Software Security Summit, bringing together the open-source community to ensure a secure ecosystem. At the two-day event, CISA announced that it will be leading several initiatives, including promoting the adoption of the Principles for Package Repository Security and launching an effort to enable voluntary […]
The White House’s National Security Telecommunications Advisory Committee is calling on the federal government to adopt new programs to incentivize critical infrastructure operators that adhere to cybersecurity standards. The group, composed of representatives from U.S. telecommunications and cybersecurity companies, said the need to introduce new incentive programs comes from the fact that current market forces […]
The FBI’s Internet Crime Complaint Center has released a report showing that health care and public health institutions, manufacturing establishments and government facilities were the top three ransomware attack targets in 2023. The ranking was based on the 1,193 incident reports that the IC3 received from U.S.-designated critical infrastructures, with metrics like financial losses also […]
IBM has opened the IBM X-Force Cyber Range, a facility that allows trainees to engage in exercises to fend off cyberthreats and dangers posed by artificial intelligence. The facility can simulate various scenarios, including AI code poisoning, deepfake zero-day attacks and other cyber intrusions. Trainees can engage in crisis response exercises, cyber wargames and offensive […]
The National Security Agency has released “Advancing Zero Trust Maturity Throughout the Network and Environment Pillar,” a Cybersecurity Information Sheet that provides recommendations on how to use zero trust principles to strengthen internal network control and contain network intrusions. According to the CSI, the network and environment pillar, one of the pillars that compose the […]
The Department of the Treasury has sanctioned entities connected to the Predator spyware. Brian Nelson, the department’s sanctions lead, said the penalties are meant to discourage the use of commercial surveillance tools that could pose national security risks, CyberScoop reported. Researchers previously found that malicious actors used Predator to target dissidents, journalists and officials. The […]
The Department of Energy has announced Rockwell Automation’s entry into the Cyber Testing for Resilient Industrial Control Systems program, tasking the company to assess critical infrastructure components for vulnerabilities. CyTRICS is the testing arm of Energy Cyber Sense, a White House initiative to develop cybersecurity risk management capabilities and resources for the national energy sector […]
