Cybersecurity

The White House is developing a 10-year modernization plan to replace legacy IT

The National Cybersecurity Strategy tasks the Office of Management and Budget with creating a plan to eliminate all vulnerable legacy systems from federal agencies within a decade.

White House cyber office has its eye on workforce data

Data on the cybersecurity workforce is fragmented and inconsistent. A top White House official is looking to change that.

White House cyber office makes new workforce-focused hire

Daniel “Rags” Ragsdale is joining the White House Office of the National Cyber Director, following work in the private sector, Defense Department and cyber research space.

GAO: IRS must enhance cyber oversight of third-party vendors, modernize online services

The IRS continues to ignore GAO’s recommendation to streamline oversight of third-party tax vendors’ cyber practices, despite concerns about mitigating digital threats.

Report reveals 'sudden surge' in cyberattacks targeting government agencies

Cyberattacks impacting government agencies and the public sector spiked by 40% in recent months, according to a new report. 

Government contractors grapple with enforcement challenges of TikTok ban

Industry groups are raising censorship and privacy concerns over a ban of popular social media app TikTok on devices used by government contractors. 

1/4 of DOD cyber jobs are vacant. Here's the plan to fill them

Civilian cyber workers are the main challenge, as it's harder for DOD to attract and keep them.

House panel probes China-linked email hacks

The House Committee on Oversight and Accountability is investigating how the State and Commerce departments responded to a cyberattack that successfully gained access to unclassified government email accounts of top-level officials.

Biden selects NSA veteran as national cyber director nominee

White House officials named former National Security Agency official Harry Coker Jr. as the nominee to replace former National Cyber Director Chris Inglis amid the ongoing implementation of the new National Cyber Strategy.

IRS needs better documentation for its cyber threat hunts, watchdog says

A new report noted that a lack of “established policies and procedures” could prevent the tax agency from meeting federal requirements.

US power grid faces escalating cyber threats, infrastructure experts warn

The power grid is experiencing heightened threats from foreign adversaries and domestic extremist groups that can pose devastating consequences for the nation’s supply of electricity, experts told a House subcommittee on Tuesday. 

State Department email accounts hit in China-linked cyberattack

A China-based cybercriminal known as Storm-0558 gained access to unclassified U.S. government email accounts using forged authentication tokens, according to a report released by Microsoft.

Critical cyber threats persist on federal networks despite recent directives

Hundreds of devices on federal networks remain in apparent violation of a recent Binding Operational Directive from the Cybersecurity and Infrastructure Security Agency, according to a new report. 

Public transit systems remain vulnerable to cyber threats

Despite repeated warnings, a report on Washington, D.C.’s transit authority finds it is still at risk of a cyberattack. Its issues aren’t unique, though, and experts warn that public transportation at-large is vulnerable unless leaders act.

There’s something DHS can do to help civilian agencies fight cyberattacks

The Homeland Security Department has the power to do a lot more than just issue words of warning. 

No 'Systemic Risk' to Government Networks From Latest Breach, CISA Says

The nation’s cyber defense agency confirmed it was providing assistance to several federal agencies that have been impacted in an apparent global cyberattack.

Interior Faces 'Disturbing' Cyber Risks Due to Cracked Passwords and Vulnerable Assets

Recent reports reveal the Interior Department of is not enforcing multifactor authentication for its high-value assets and has a range of other significant cybersecurity risks.