Cybersecurity News in Review

Robert DuPree
August 5, 2022 • 4 min read

This week’s Cybersecurity News in Review includes coverage of OMB’s cybersecurity direction to agencies for next year’s budget, EPA’s plans to address water sector cyber issues, TSA’s updated cybersecurity requirements for pipelines, initial efforts to harmonize federal cyber incident reporting requirements, and updated healthcare cyber guidance from NIST tied to the CSF and SP 800-53. There are also articles about how Congress and the White House are both working to prioritize critical infrastructure cyber defense, the latest on DoD’s CMMC cyber certification initiative, and an upcoming solicitation from U.S. Space Force for cybersecurity services. Finally, there are stories about CISA warnings of the far-reaching impact of a successful cyber attack against even smaller critical infrastructure organizations, a new report on increasing costs from data breaches worldwide and especially in the U.S., and a new study on cyber attacks and vulnerabilities in the healthcare sector.

OMB memo gives agencies cyber direction for next year’s budget

FedScoop reports on an OMB memo to federal agencies laying out the Biden Administration’s cybersecurity priorities for them to incorporate in developing theior respective FY 2024 budget requests for OMB to review later this year. Read more…

EPA to examine water facility cybersecurity, seek authority to issue mandatory requirements

Nextgov quotes a Biden White House official as saying the EPA will issue a new rule to include cybersecurity as a factor it considers when reviewing U.S. water facilities, and that it wants congressional action to give EPA authority to impose mandatory cyber requirements for the water sector. Read more…

TSA updates cyber requirements for pipelines after industry complaints

FedScoop reports that the TSA has modified cybersecurity requirements it issued in July 2021 for oil and natural gas pipeline owners and operators in order to provide requested greater flexibility to those affected.  Read more…

Government starts process to harmonize cyber incident reporting efforts

Nextgov says a new council of federal officials has held its first meeting to develop recommendations for better coordinating cyber incident reporting requirements across the government. Under a law enacted in March, DHS now has six months to provide such recommendations to Congress. Read more…

NIST updates healthcare cyber guidance

According to FedScoop, NIST has published a revision to its cybersecurity guidance for healthcare entities’ protected electronic information to better align the guidance with the more recent Cybersecurity Framework and SP 800-53 security controls. Read more…

Washington looks to prioritize cyber targets to better protect them

The Washington Post’s  The Cybersecurity 202 examines how both Congress and the White House are simultaneously working to prioritize possible critical infrastructure targets of hackers, taking into account the larger impact on the U.S. of a successful cyberattack on those enterprises.  Read more…

Initial voluntary cyber assessment effort announced for military contractors

FedScoop says the Cyber AB, an independent organization established to handle accreditations for DoD’s Cybersecurity Maturity Model Certification (CMMC) program, has issued a draft document detailing the assessment process the organizations will follow on a voluntary basis for now to certify DoD contracts can securely handle sensitive information.  Read more…

Space Force looks to issue solicitation for multi-year cyber services contract by Dec. 31

Washington Technology reports U.S. Space Force has begun to develop a seven-year cybersecurity services contract, dubbed “Digital Bloodhound,”  to protect its ground networks, and a solicitation is expected by the end of the current year.  Read more…

CISA director warns of multiplier effect of ransomware attacks on smaller critical infrastructure

Nextgov cites CISA’s executive director as warning that ransomware actors will continue to go after smaller critical infrastructure organizations, and that a successful attack on a small company could have far-reaching effects, given how most U.S. infrastructure is interconnected.  Read more…

Study: Data breach average costs up 13 percent worldwide since 2020; U.S. costs more than double world average

According to Dark Reading, a new report has found that the average cost of a data breach has continued to rise this year to an average of $4.4 million globally (which is 13 percent above the level two years ago), and is even higher in the U.S. at $9.4 million.  Read more…

Report: Healthcare sector data at risk to cyber attacks, must act to protect information looks at a new report that finds the healthcare sector is increasingly at risk of cyberattacks, citing state-sponsored hacking from Russia, North Korea, and Iran as prime culprits, and that at least 45 million Americans had their personal health information exposed by breaches. The report also gives some key ways hospitals can better protect their data.  Read more…

Robert DuPree
Manager of Government Affairs
Robert DuPree is the manager of government affairs at Telos Corporation. Follow him on Twitter: @RFDuPree
Read full bio
Notify of
Inline Feedbacks
View all comments

Subscribe to Our Newsletter

Although we may use your information for targeted marketing and advertising, as described in the Privacy Policy, we will never sell your information to any third party.