Tech

New CISA, NSA guidance highlights pain points in identity and security management

A public-private working panel recommends vendors invest more in security measures like multifactor authentication.

Tech

New cyber rules aim to standardize requirements for federal contractors

The proposed rules would create new information sharing and incident reporting requirements.

Management

What happens to government devices during a shutdown?

Experts say government-issued devices like phones, computers and even email accounts face heightened security risks during a federal shutdown.

Management

Democrats fear cyberattacks as government shutdown looms

Lawmakers are expressing concerns that the shutdown could radically hinder the work of the Cybersecurity and Infrastructure Security Agency in responding to major ransomware incidents and other digital intrusions. 

Management

Federal cyber operations face challenges as government shutdown looms

The Cybersecurity and Infrastructure Security Agency will retain about one-sixth of its workforce in the event of a partial government shutdown, according to its current plan.

Management

Civic hackers explore ways to streamline government operations

Lawmakers and technologists united for a day of civic hacking on Capitol Hill as part of an effort to modernize government services and make government operations more efficient.

Oversight

HHS looks to improve cybersecurity coordination

The agency is utilizing a relaunched cybersecurity coordination center and additional programs to significantly ramp up interactions with key partners, a top official said.

Tech

Chinese hackers targeted government entities and thwarted recovery efforts, report says

The cybercrime group evaded remediation efforts by installing persistent backdoors and deploying “new and novel malware.”

Tech

White House names new deputy chief technology officer for policy

Austin Bonner joins White House Office of Science and Technology Policy, though the position of U.S. CTO has not been filled since 2021.

Tech

Defense Digital Service elevates top deputy to serve as director

Jennifer Hay will lead the Defense Department’s in-house team of software engineers and data scientists.

Tech

The White House is developing a 10-year modernization plan to replace legacy IT

The National Cybersecurity Strategy tasks the Office of Management and Budget with creating a plan to eliminate all vulnerable legacy systems from federal agencies within a decade.

Tech

National intelligence strategy calls for new partnerships to harness emerging technologies

Federal agencies must collaborate with private sector partners and allies to better understand the implications of emerging technologies, according to the new strategy.

Tech

Report reveals 'sudden surge' in cyberattacks targeting government agencies

Cyberattacks impacting government agencies and the public sector spiked by 40% in recent months, according to a new report. 

Oversight

Government contractors grapple with enforcement challenges of TikTok ban

Industry groups are raising censorship and privacy concerns over a ban of popular social media app TikTok on devices used by government contractors. 

Tech

House panel probes China-linked email hacks

The House Committee on Oversight and Accountability is investigating how the State and Commerce departments responded to a cyberattack that successfully gained access to unclassified government email accounts of top-level officials.

Defense

US power grid faces escalating cyber threats, infrastructure experts warn

The power grid is experiencing heightened threats from foreign adversaries and domestic extremist groups that can pose devastating consequences for the nation’s supply of electricity, experts told a House subcommittee on Tuesday. 

Tech

State Department email accounts hit in China-linked cyberattack

A China-based cybercriminal known as Storm-0558 gained access to unclassified U.S. government email accounts using forged authentication tokens, according to a report released by Microsoft.

Management

Resource constraints led to EPA’s failure to address critical vulnerabilities in air and radiation data

The Environmental Protection Agency cited a lack of resources and the sheer volume of critical vulnerabilities as the reasons for its inability to patch its systems under federally required timeframes. 

Tech

Third-party contractor software exploited in attack on HHS data

An official with the Health and Human Services Department said attackers gained access to data by exploiting a major vulnerability found in the popular MOVEit file transfer service.

Tech

Critical cyber threats persist on federal networks despite recent directives

Hundreds of devices on federal networks remain in apparent violation of a recent Binding Operational Directive from the Cybersecurity and Infrastructure Security Agency, according to a new report.