Companies

Small defense industrial base firms pose tempting targets for nation-state hackers, NSA official says

Some 80% of the defense industrial base are actually small firms, according to the NSA’s head of DIB security, who has helped over 200 providers identify thousands of vulnerabilities in their systems.

Updated Companies

‘High-severity’ Microsoft Exchange vulnerability disclosed on heels of Black Hat talk

Parts of the federal enterprise are likely susceptible to the flaw that allows hackers to hijack on-premises versions of Active Directory. CISA plans to release an emergency directive on Thursday, according to a person familiar with the matter.

Contracts

House NDAA draft mandates database of contractors used in covert operations

The early stage defense bill draft would create an internal list of contractor clients that assist the U.S. military in its secret operations “to facilitate deconfliction and risk assessment.”

Contracts

DOD gets millions for cyber capabilities under GOP reconciliation package

The law’s vast cuts to Medicaid, however, are putting rural healthcare groups on high alert.

Podcasts

WT 360: Nextgov/FCW’s David DiMolfetta on Iran, cyber and the Salt Typhoon breach

David DiMolfetta, our Nextgov/FCW colleague who covers all things cyber, jumps in to explain how U.S. government agencies are monitoring Iran’s cyber activities and why a major intrusion into telecommunications networks keeps getting worse.

Contracts

DHS expects Iran’s cyber forces will target US networks after strikes on nuclear sites

Iran has often targeted U.S. digital systems. Last year, Iranian hackers pilfered and distributed sensitive documents from inside President Donald Trump’s 2024 campaign.

Contracts

CISA projected to lose a third of its workforce under Trump’s 2026 budget

The White House’s latest spending proposal projects nearly 1,000 jobs will be slashed at the nation’s lead civilian cyber agency. Related cyber and intel programs across government also face funding rollbacks.

Companies

Industry reps urge Congress to renew backbone cyber information-sharing law

The Cybersecurity Information Sharing Act of 2015, a keystone ordinance that lets the private sector share cyber threat information with legal safeguards, expires in September unless renewed by Congress.

Companies

Federal cost cutting leads cyber contractors to rework ties with government

Federal agencies are trying to do more with less on cybersecurity spending as DOGE pursues spending reductions. Officials still insist that the private sector is needed to combat hackers.

Companies

Phishing campaign seeks to siphon Ukraine war intelligence from defense contractors

Nearly 880 spoofed domains of worldwide IT, defense and aerospace firms were identified between December and March, DomainTools Investigations says.

Contracts

FedRAMP to announce major overhaul next week

The initiative would seek to automate much of the cloud security program’s approval workflow and shift more control to the private sector.

Contracts

Hegseth orders suspension of cyber, information operations planning against Russia

Kremlin spokesman Dmitry Peskov said Sunday that new U.S. foreign policy configurations “largely coincides with our vision.”

Companies

IBM contract for overseas cyber assistance canned amid USAID shutdown

The foreign aid agency — a prime target of President Donald Trump’s agenda to eliminate perceived government waste — declared cybersecurity an economic development issue in 2021.

Contracts

OPM procurement processing fully halted following agency layoffs, internal email says

Sweeping terminations in OPM’s Office of Procurement Operations have fully halted agency contracting business and are likely to increase OPM’s operational risks, an internal email reads.

Katie Arrington announces she is DOD’s new CISO

Arrington, who was once accused of disclosing classified data, was a major proponent of the Cybersecurity Maturity Model Certification program used for DOD contractors.

Companies

Trump’s anti-DEI efforts damage national security, former officials say

The rollback of diversity, equity and inclusion initiatives weakens intelligence operations, erodes workforce morale and limits the U.S. government’s ability to navigate global threats, former national security officials argue.

Companies

Space companies say cyber threat intelligence is often overclassified, unactionable

Space and aerospace industry feedback from a series of government-run workshops noted that such threat intelligence is difficult to translate into actionable cyber efforts.

Contracts

Biden signs executive order inspired by lessons from recent cyberattacks

The order gives CISA more eyes to hunt cyber threats on government networks and directs agencies and contractors to be more transparent about the security of their software stockpiles.

Contracts

New TSA cyber rules leave lawmakers, industry hopeful for happy medium regulations

The agency argues its Nov. 8 proposed rulemaking will dually address the transportation industry’s regulation concerns while ensuring they’re suitably protected from hackers. Others want to wait and see.

Contracts

Will cyber suffer under Trump’s goal to slash federal budgets?

Donald Trump’s intent to cut agency budgets has sparked concerns over adequate cybersecurity funding for government networks. Some believe these fears may be overstated.