Tag Archives: cyber incident

Think Tank Finds Governors Mostly Use National Guard Cyber Response for Ransomware Cases

Cybersecurity

Third Way, a public policy think tank, said state governors have asked for the National Guard's assistance to respond to ransomware, more often than to other types of cyberattacks. The National Guard has supported state cybersecurity efforts since 2018, with 23 of the 41 recorded cases being related to ransomware, the think tank said Monday.

Read More »

Anne Neuberger Offers Update on Government’s Response to Recent Cyber Incidents

Anne Neuberger

Anne Neuberger, deputy national security adviser for Cyber and Emerging Technology and a 2021 Wash100 Award winner, said that due to an increase in patching efforts, the Biden administration is “standing down” the two unified coordination groups that were established in response to cyber breaches involving SolarWinds and Microsoft Exchange.

Read More »

FedRAMP Issues Updated Guidance Doc on Reporting Information Security Incidents

OCONUS Cloud Strategy

The Federal Risk and Authorization Management Program (FedRAMP) has updated a document that details the roles and responsibilities of each stakeholder in the cyber incident communication process. “Additionally, CSPs are responsible for responding to emergency inquiries from FedRAMP, including those that are the result of the issuance of CISA Emergency Directives,” the document reads.

Read More »

GAO: Federal Government Should Prioritize Cybersecurity, IT Acquisitions Management

NSA-CISA-FBI-UK NCSC

The Government Accountability Office (GAO) has called on the federal government to address two high-risk areas: ensuring cybersecurity and improving information technology acquisitions and operations. GAO recommended that the federal government develop and implement a comprehensive strategy for national cybersecurity and global cyberspace, mitigate supply chain risks and improve the federal response to cyber incidents

Read More »

Marc Raimondi: SolarWinds Cyber Incident Involves Access to DOJ’s Email Environment

Department of Justice

Marc Raimondi, a spokesman for the Department of Justice (DOJ), said the DOJ’s office of the chief information officer has stopped the method the threat actor uses to access the department’s Microsoft O365 email environment after learning of the malicious activity related to the SolarWinds cyber incident on Dec. 24th. 

Read More »

Karen Evans: DHS Consolidates Network, Security Operations Centers

Karen Evans

Karen Evans, chief information officer at the Department of Homeland Security (DHS), said DHS is merging its security and network operations centers to keep systems operational as analysts respond and investigate a cyber incident. She said DHS is considering ways how to staff the newly formed network operations security center with federal and contract employees. 

Read More »

Report: GSA Proposes New Cyber Incident Reporting Rule for Contractors

The General Services Administration has proposed a new rule that would require contractors to report cyber threats and provide GSA and client agencies authority to access breached systems, Nextgov reported Thursday. The agency introduced the policy as an amendment to the GSA Acquisition Regulation, according to a regulatory roadmap obtained by the publication.
 

Read More »

GAO: DHS Should Establish Performance Evaluation Measures for NCCIC

The Government Accountability Office has urged the Department of Homeland Security to establish metrics and methods to assess the performance of the National Cybersecurity and Communications Integration Center. GAO reported Wednesday NCCIC is required to perform 11 cybersecurity functions and comply with nine principles but the center’s level of adherence is unclear since it …

Read More »

DHS Publishes National Cyber Incident Response Plan

The Department of Homeland Security has released the National Cyber Incident Response Plan that aims to boost the federal government’s capacity to manage cyber incidents. DHS Secretary Jeh Johnson said Wednesday the plan describes the roles and responsibilities of federal, state, local, territorial and tribal entities as well as private sector and international …

Read More »