Blueprint builds a ‘common language’ for ransomware protection

With more than 40 recommendations, the Blueprint for Ransomware Defense can help small to medium sized enterprises build cyber resilience.

Mobile threats prompt operational changes for government staff

More than 80% of public sector respondents to a recent survey said they have been forced to re-evaluate workplace practices as attacks on mobile devices grow.

Lawyers may be limiting threat info sharing

A new study examines how attorney-client privilege and work product immunity impacts cybersecurity.

Emergency alert system vulnerable, FEMA warns

Internet-connected equipment used to send alerts can be vulnerable to unauthorized actors who could issue fake EAS messages.

Rise of precision agriculture exposes food system to new threats

The integration of technologies into farm equipment, from GPS-guided tractors to artificial intelligence, potentially increases the ability of hackers to attack this equipment.

Misinformation campaigns and threats are undermining confidence in U.S. elections, official says

The Cybersecurity and Infrastructure Security Agency is ramping up efforts to defend voting systems from outside intrusion, but the spread of online misinformation and threats against election officials still damage faith in the electoral process.

NSF invests $25.4M into cybersecurity and privacy research projects

The awardees will aim to strengthen open-source supply chain security, increase computing privacy for marginalized populations and ensure trustworthy cloud computing.

Cross-agency group explores next steps for identity verification

The group's new report and simulation tool will help officials identify trade-off considerations for different identity solutions and frameworks.

Locking down identity and access management post-SolarWinds

The epic intrusion campaign has turned up the brights on vendors providing authentication services, but agencies will still need to be actively engaged for effective implementation.

Security alerts: Not all vulnerabilities are created equal

For critical infrastructure organizations without strong IT expertise, responding to the myriad vulnerability advisories released by the Cybersecurity and Infrastructure Security Agency is a daunting task.

National Computer Forensics Institute up for reauthorization

The proposal would continue NCFI’s services through 2028 for any government employee who could help prevent or investigate cyber crimes.

Public transit agencies are vulnerable to cyber threats, researchers warn

Researchers at the Mineta Transportation Institute urged transit agencies to have a unified risk management strategy and called on regulators to provide more guidance.

Verifying identity is the foundation of cybersecurity, state CSO says

Delaware’s security program aims to “walk alongside the user” as constituents access services and employees conduct business.

Start protecting the nation’s digital identities today

An abstraction layer that sits between the sources of identity data and its consumers makes it possible to discover and understand identity data without disrupting existing operations.

EPA to issue cybersecurity rule for water facilities

The EPA will extend its sanitary reviews of critical water facilities to include cybersecurity, an administration official said.

Ransomware hackers will still target smaller critical infrastructure, CISA director warns

Ransomware actors target infrastructure organizations of all sizes, making cybersecurity best practices imperative, CISA Executive Director Brandon Wales said.

How local governments are handling a threat they can’t even see

The proliferation of cyberattacks has prompted Pennsylvania municipalities to take extra steps to secure their systems. Here's what they're doing.