Companies
Small defense industrial base firms pose tempting targets for nation-state hackers, NSA official says
Some 80% of the defense industrial base are actually small firms, according to the NSA’s head of DIB security, who has helped over 200 providers identify thousands of vulnerabilities in their systems.
Updated
Companies
‘High-severity’ Microsoft Exchange vulnerability disclosed on heels of Black Hat talk
Parts of the federal enterprise are likely susceptible to the flaw that allows hackers to hijack on-premises versions of Active Directory. CISA plans to release an emergency directive on Thursday, according to a person familiar with the matter.
Contracts
House NDAA draft mandates database of contractors used in covert operations
The early stage defense bill draft would create an internal list of contractor clients that assist the U.S. military in its secret operations “to facilitate deconfliction and risk assessment.”
Contracts
DOD gets millions for cyber capabilities under GOP reconciliation package
The law’s vast cuts to Medicaid, however, are putting rural healthcare groups on high alert.
Podcasts
WT 360: Nextgov/FCW’s David DiMolfetta on Iran, cyber and the Salt Typhoon breach
David DiMolfetta, our Nextgov/FCW colleague who covers all things cyber, jumps in to explain how U.S. government agencies are monitoring Iran’s cyber activities and why a major intrusion into telecommunications networks keeps getting worse.
Contracts
DHS expects Iran’s cyber forces will target US networks after strikes on nuclear sites
Iran has often targeted U.S. digital systems. Last year, Iranian hackers pilfered and distributed sensitive documents from inside President Donald Trump’s 2024 campaign.
Contracts
CISA projected to lose a third of its workforce under Trump’s 2026 budget
The White House’s latest spending proposal projects nearly 1,000 jobs will be slashed at the nation’s lead civilian cyber agency. Related cyber and intel programs across government also face funding rollbacks.
Companies
Industry reps urge Congress to renew backbone cyber information-sharing law
The Cybersecurity Information Sharing Act of 2015, a keystone ordinance that lets the private sector share cyber threat information with legal safeguards, expires in September unless renewed by Congress.
Companies
Federal cost cutting leads cyber contractors to rework ties with government
Federal agencies are trying to do more with less on cybersecurity spending as DOGE pursues spending reductions. Officials still insist that the private sector is needed to combat hackers.
Companies
Phishing campaign seeks to siphon Ukraine war intelligence from defense contractors
Nearly 880 spoofed domains of worldwide IT, defense and aerospace firms were identified between December and March, DomainTools Investigations says.
Contracts
FedRAMP to announce major overhaul next week
The initiative would seek to automate much of the cloud security program’s approval workflow and shift more control to the private sector.
Contracts
Hegseth orders suspension of cyber, information operations planning against Russia
Kremlin spokesman Dmitry Peskov said Sunday that new U.S. foreign policy configurations “largely coincides with our vision.”
Companies
IBM contract for overseas cyber assistance canned amid USAID shutdown
The foreign aid agency — a prime target of President Donald Trump’s agenda to eliminate perceived government waste — declared cybersecurity an economic development issue in 2021.
Contracts
OPM procurement processing fully halted following agency layoffs, internal email says
Sweeping terminations in OPM’s Office of Procurement Operations have fully halted agency contracting business and are likely to increase OPM’s operational risks, an internal email reads.
Katie Arrington announces she is DOD’s new CISO
Arrington, who was once accused of disclosing classified data, was a major proponent of the Cybersecurity Maturity Model Certification program used for DOD contractors.
Companies
Trump’s anti-DEI efforts damage national security, former officials say
The rollback of diversity, equity and inclusion initiatives weakens intelligence operations, erodes workforce morale and limits the U.S. government’s ability to navigate global threats, former national security officials argue.
Companies
Space companies say cyber threat intelligence is often overclassified, unactionable
Space and aerospace industry feedback from a series of government-run workshops noted that such threat intelligence is difficult to translate into actionable cyber efforts.
Contracts
Biden signs executive order inspired by lessons from recent cyberattacks
The order gives CISA more eyes to hunt cyber threats on government networks and directs agencies and contractors to be more transparent about the security of their software stockpiles.
Contracts
New TSA cyber rules leave lawmakers, industry hopeful for happy medium regulations
The agency argues its Nov. 8 proposed rulemaking will dually address the transportation industry’s regulation concerns while ensuring they’re suitably protected from hackers. Others want to wait and see.
Contracts