Blog Home / ...

Cybersecurity News in Review

Robert DuPree
March 28, 2023 • 6 min read

This week’s Cybersecurity News in Review includes coverage of various CISA initiatives, including warnings on ICS vulnerabilities, an upcoming Zero Trust Maturity Model update, revised baseline cyber goals, and a budget proposal to begin a shift from EINSTEIN to a new Cyber Analytics and Data System.  

There are also reports on NSA guidance on ICAM zero trust, an FTC request for information on cloud computing security practices, announcement of an anticipated June release of the White’s implementation plan for its updated National Cybersecurity Strategy, new SEC cyber proposals for financial entities, and an executive order on spyware.

For the defense sector, there are articles about expanding Air Force weapons system cybersecurity acquisition process efforts to U.S. Space Force, cybersecurity budget requests which didn’t make the President’s proposed budget but are now part of “unfunded priorities” lists for congressional consideration, and how the National Cybersecurity Strategy aligns with ongoing DoD cyber initiatives.

Finally, there are stories about requests by the healthcare sector for minimum cyber standards and help, feedback on CISA’s joint public-private cyber risk collaborative effort, the opportunities and challenges posed by zero trust, reports on businesses failure to prepare for cyber incidents and prioritization of security when purchasing software, and where the government’s new state and local cyber grant program’s first year funding stands and what to look for in the year ahead.

Feds post warnings on multiple industry control system vulnerabilities

CSO reports CISA has issued advisories on nearly fifty vulnerabilities in different industrial control systems used by various critical infrastructure sectors. Read more…

Official: CISA update to Zero Trust Maturity Model is imminent

FedScoop quotes a CISA official as saying March 23 that the agency plans to issue an updated version of its Zero Trust Maturity Model within days, which will revise some key definitions and metrics. Read more…

CISA announces new cyber committee members, updated baseline cyber goals

Security Week reports on the new members named to CISA’s Cybersecurity Advisory Committee (CSAC) and the agency’s updates to baseline cybersecurity performance goals to better tie them to NIST’s Cybersecurity Framework. Read more…

Budget proposes funds for CISA to move from EINSTEIN to new Cyber Analytics and Data System

According to Federal News Network, CISA’s FY 2024 budget request seeks $425 million for a new “Cyber Analytics and Data System” as part of a restructuring of its EINSTEIN cybersecurity protection system. Read more…

NSA issues ICAM guidance incorporating zero trust

Security Week says new NSA guidance is out to aid system operators mature identity, credential, and access management (ICAM) capabilities to improve their cybersecurity via zero trust. Read more…

FTC issues RFI on cloud computing provider practices, cybersecurity

According to FCW, a request for information from the Federal Trade Commission is looking for comments on commercial cloud providers’ business practices and how they notify customers of cybersecurity risks. Read more…

June release projected for White House’s cyber strategy implementation plan

Federal News Network quotes a key White House official as saying the Biden Administration is looking for a June release of the implementation plan for its recently updated National Cybersecurity Strategy. Read more…

New SEC proposals target cybersecurity of certain financial entities

SC Magazine says the Securities and Exchange Commission recently announced three new proposed cybersecurity regulations affecting broker-dealers that seek to standardize cyber risk disclosure. Read more…

Executive order aims at commercial spyware “misuse” by agencies

Nextgov reports President Biden has signed an executive order banning government use of commercial spyware products which threaten national security and human rights.  Read more…

Air Force office on weapons systems cybersecurity wants to do the same for Space Force

C4ISRNet says the Air Force Cyber Resiliency Office for Weapons Systems is looking to expand its cyber defense efforts to the U.S. Space Force.  Read more…

Unfunded budget list for U.S. Indo-Pacific Command includes $274 million for cyber

C4ISRNet reports on the DoD Indo-Pacific Command’s FY 2024 unfunded priorities request for $274 million for offensive ($184 million) and defensive ($90 million) cyber capabilities. Read more…

Space Command wants more funding beyond official budget request for cyber

Breaking Defense says U.S. Space Force’s unfunded priorities list includes an additional $43 million beyond its official $76 million request for accelerating acquisition of new defensive cybersecurity software. Read more…

DoD official links National Cyber Strategy to Pentagon efforts

Breaking Defense quotes Pentagon CIO John Sherman as saying the Biden Administration’s updated National Cybersecurity Strategy “directly aligns” with DoD’s zero trust cloud and software modernization efforts. Read more…

Healthcare sector testify on the need for cyber standards, assistance

GovInfoSecurity reports healthcare industry officials asked Congress to set minimum cybersecurity standards for their sector because voluntary efforts are not enough, and they also asked for cyber financial and technical support. Read more…

Private sector witnesses applaud, offer suggestions to scale public-private cyber collaboration

FCW cites industry witnesses at a congressional hearing on how CISA’s Joint Cyber Defense Collaborative for cyber risk information sharing with the private sector has been beneficial, and their ideas on scaling the effort. Read more…

Zero trust can provide opportunities or difficulties

CRN reports that zero trust can be either a massive growth opportunity for solution providers or a source of additional pressure, or both.  Read more…

Study: Cyber attacks expected, but most businesses aren’t ready

Cybersecurity Dive cites new research showing that while 80 percent of security leaders anticipate business disruption from cyber attacks in the next two years, very few are fully prepared for it. Read more…

Security in software is key purchasing factor for one-half of companies surveyed

Cybersecurity Dive cites a new report that finds security is the most influential factor in the software purchasing process for roughly fifty percent of U.S. companies, and that such firms will pay a premium for secure software. Read more…

Federal program for state/local cyber grants – where it stands, where it may go

Government Technology provides an update on the federal government’s new State and Local Cybersecurity Grant Program, looking at how standing up the first year funding process is going, and plans and wants for year two. Read more…

Cybersecurity
Robert DuPree
Manager of Government Affairs
Robert DuPree is the manager of government affairs at Telos Corporation. Follow him on Twitter: @RFDuPree
Read full bio

Related Posts

Utilities are targets for cyber attacks
Utilities are still prime targets for cyber attacks
Tom Badders • March 24, 2023
It is essential for utilities and other organizations to begin implementing security strategies...
 Intellectual Property Theft
Intellectual property theft: A threat to the U.S. economy and national security
Tom Badders • February 22, 2023
Network obfuscation is a proven strategy for cordoning off research and researchers in an...
 Touchless Fingerprinting
An Overview of Mobile Touchless Fingerprint Biometrics
Christina Spaulding • February 7, 2023
In today’s cyber world, digital fingerprinting has become the primary data standard for proving...

Subscribe to Our Newsletter

Although we may use your information for targeted marketing and advertising, as described in the Privacy Policy, we will never sell your information to any third party.