Treasury watchdog calls on IRS to step up insider threat monitoring
An IG report finds information missing for 67% of systems included in a key threat audit list.
Coast Guard needs to improve its cyber workforce says watchdog
The GAO calls on the service to adopt six key recommendations to improve the ability of its staff to respond to cyberattacks.
Watchdog report identifies cybersecurity failings at National Nuclear Security Administration
GAO finds that the agency has no cyber risk management strategy for nuclear weapons IT systems.
Ex-HHS CIO says agency was hit with over 8 billion scanning efforts during March 2020 DDOS-style attack
Malicious actors were waiting for the agency to lower its perimeter firewall, according to José Arrieta.
Senators propose open source software risk framework in new bill
The legislation would require CISA to develop a new cybersecurity framework for agencies and critical infrastructure owners and operators.
ONCD senior leader says FBI and operational cyber agencies have improved incident info sharing
Kemba Walden says governmentwide agencies are now being looped in faster when cyber breach details are reported.
Why the US government will require software vendors to certify the security of their products
A new White House memo on software supply chain security goes some way to addressing tech industry concerns about the use of third-party cybersecurity assessors.
CISA to develop ‘self-attestation’ cybersecurity standards for federal software vendors
The agency will create a standardized form for U.S. departments to collect proof that vendors comply with NIST standards.
White House cyber memo compels vendors to attest software meets security standards
Federal agencies will have 120 days to develop a consistent process for collecting cybersecurity assurance from software providers.
CISA seeks public comment on upcoming major cyber incident reporting regulations
Industry will have until Nov. 14 to comment on the Cyber Incident Reporting for Critical Infrastructure Act of 2022.