Author Archive
Contracts
White House cyber shop is crafting AI security policy framework, top official says
ONCD chief Sean Cairncross also said a bedrock National Cyber Strategy, initially expected last month, is coming “sooner rather than later” without specifying a date.
Companies
OMB reverses Biden-era software attestation order
A new executive branch memorandum instead allows agencies to lean on software bills of materials, or SBOMs, in lieu of a universal attestation framework.
Companies
US charges former Accenture employee with misleading feds on cloud platform’s security
Danielle Hillmer, most recently employed with SentinelOne, allegedly concealed a cloud product’s noncompliance with federal security regulations.
Companies
SEC to drop high-profile SolarWinds hack lawsuit
The landmark lawsuit garnered pushback from dozens of cybersecurity leaders last year.
Companies
Upcoming White House cyber strategy to seek more involvement with private sector
The Trump 2.0 cyber strategy is in development, National Cyber Director Sean Cairncross said, though he did not elaborate on when it would be released.
Companies
Industry groups push to keep open-source measures in annual intelligence bill
They’re backing provisions in the House version of the Intelligence Authorization Act. But multiple intelligence community elements are hesitant about the measures, people familiar say.
Contracts
FCC initiates process to ban Hong Kong Telecom in US
The agency has previously barred China-linked communications providers from operating on American soil.
Companies
CISA orders government to patch F5 products after ‘nation-state’ cyber intrusion
“This cyber threat actor presents an imminent threat to federal networks using F5 devices and software,” CISA’s directive says. China-linked hackers previously exploited F5 vulnerabilities.
Companies
Small defense industrial base firms pose tempting targets for nation-state hackers, NSA official says
Some 80% of the defense industrial base are actually small firms, according to the NSA’s head of DIB security, who has helped over 200 providers identify thousands of vulnerabilities in their systems.
Updated
Companies
‘High-severity’ Microsoft Exchange vulnerability disclosed on heels of Black Hat talk
Parts of the federal enterprise are likely susceptible to the flaw that allows hackers to hijack on-premises versions of Active Directory. CISA plans to release an emergency directive on Thursday, according to a person familiar with the matter.
Contracts
House NDAA draft mandates database of contractors used in covert operations
The early stage defense bill draft would create an internal list of contractor clients that assist the U.S. military in its secret operations “to facilitate deconfliction and risk assessment.”
Contracts
DOD gets millions for cyber capabilities under GOP reconciliation package
The law’s vast cuts to Medicaid, however, are putting rural healthcare groups on high alert.
Podcasts
WT 360: Nextgov/FCW’s David DiMolfetta on Iran, cyber and the Salt Typhoon breach
David DiMolfetta, our Nextgov/FCW colleague who covers all things cyber, jumps in to explain how U.S. government agencies are monitoring Iran’s cyber activities and why a major intrusion into telecommunications networks keeps getting worse.
Contracts
DHS expects Iran’s cyber forces will target US networks after strikes on nuclear sites
Iran has often targeted U.S. digital systems. Last year, Iranian hackers pilfered and distributed sensitive documents from inside President Donald Trump’s 2024 campaign.
Contracts
CISA projected to lose a third of its workforce under Trump’s 2026 budget
The White House’s latest spending proposal projects nearly 1,000 jobs will be slashed at the nation’s lead civilian cyber agency. Related cyber and intel programs across government also face funding rollbacks.
Companies
Industry reps urge Congress to renew backbone cyber information-sharing law
The Cybersecurity Information Sharing Act of 2015, a keystone ordinance that lets the private sector share cyber threat information with legal safeguards, expires in September unless renewed by Congress.
Companies
Federal cost cutting leads cyber contractors to rework ties with government
Federal agencies are trying to do more with less on cybersecurity spending as DOGE pursues spending reductions. Officials still insist that the private sector is needed to combat hackers.
Companies
Phishing campaign seeks to siphon Ukraine war intelligence from defense contractors
Nearly 880 spoofed domains of worldwide IT, defense and aerospace firms were identified between December and March, DomainTools Investigations says.
Contracts
FedRAMP to announce major overhaul next week
The initiative would seek to automate much of the cloud security program’s approval workflow and shift more control to the private sector.
Contracts