OMB wants to avoid a future SolarWinds by requiring federal software vendors to self-certify that they’re following secure development practices.
The health of the U.S. economy and well-being of our citizens relies on secure critical infrastructure but the Critical Infrastructure Information Act of 2002 has not been updated since it was first introduced.
By any measure software vendor Solar Winds was a high flyer, with many federal customers for its IT managements software. Now the company says it's nearly recovered from the 2020 Sunburst hack that sent federal agencies fleeing...and became part of the cybersecurity vernacular.
There’s an unsettling reality that the federal technology community is facing: the SolarWinds and Kaseya breaches could have happened to almost any other company
The mix of traditional and cloud DBaaS platforms will require IT professionals to master new skills.
The budget request outlines a "strategic shift" in federal cybersecurity efforts after incidents like SolarWinds and Log4j.
CISA has two years to design one of the most significant cyber regulatory programs in history.
The so-called insider threat remains a potent one for cybersecurity practitioners. But old fashioned outside hackers have been raising their capabilities. Now they're the biggest threat to governments at all levels.
The name SolarWinds has become synonymous with a scary cybersecurity crisis. It's one of at least two widescale breaches to which the government had to respond. The other is when hackers showed they could get into and take over Microsoft Exchange Server. The Government Accountability Office took a look at the federal response to these two incidents.
Log4j, the most visible cybersecurity threat since Solar Winds, has organizations scrambling to find and fix instances of certain software.
In today's Federal Newscast, a Government Accountability Office report on the federal response to the SolarWinds and Microsoft Exchange exploits, shows agencies have a lot of work to do.
Log4j will keep agencies busy into the new year, but experts say the federal enterprise made progress a year after SolarWinds.
DHS was concerned the Pentagon's approach was too "heavy-handed." Now, officials think "CMMC 2.0" might leave gaps in contractor cybersecurity.
CISA is directing agencies to address hundreds of known cyber exploits under a new process where the agency will regularly update a catalog of known vulnerabilities for priority patching.