Blog Home / ...

Cybersecurity News in Review

Robert DuPree
December 4, 2023 • 4 min read

This week’s Cybersecurity News in Review includes reports on cyber attacks affecting U.S. water systems, financial services firms and a DOE national laboratory, as well as new CISA cyber guidance for the healthcare and public health sector, artificial intelligence systems, and secure-by-design principles, and a new CISA pilot for critical infrastructure cybersecurity. There is also coverage of a new survey on how AI can help federal agency cybersecurity efforts, a congressional hearing on software supply chain risks and SBOMs, and how one federal official feels more funding is needed to update his department’s cybersecurity. Finally, there are articles about the secret delivery of cyber technology to protect the Ukrainian power grid, the Navy’s first-ever cybersecurity strategy, and how the Army is field-testing AI technology intended to prevent detection of wireless networks used by soldiers in combat areas.

PA water system hacked via ICS vulnerabilities

Security Week reports on a hack against an industrial control system (ICS) at a Pennsylvania water utility, and on the inherent vulnerabilities of certain products used by utilities. Read more…

Financial services firm hit by ransomware in latest attack against the sector

Cybersecurity Dive says a suspected financial services ransomware attack is part of a trend of such activity against the financial services industry. Read more…

Major data breach hits sensitive DOE facility

According to Dark Reading, the Department of Energy’s Idaho National Laboratory suffered a major data breach recently, compromising a host of employee personal information. Read more…

CISA issues cyber guidance for healthcare/public health sector

Security Week reports on new guidance from CISA designed to help healthcare and public health organizations better understand the cyber threats and risks they face and to mitigate cyber threats and incidents. Read more…

US, UK issue non-binding guidance for securing AI systems

Dark Reading says CISA and its UK counterpart have issued new “Guidelines for Secure AI System Development” that provide a four-section outline for building security into AI systems, but without imposing any mandatory rules or regulations. Read more…

CISA issues guidance on secure-by-design cybersecurity

Cybersecurity Dive reports on revised CISA guidance to help tech firms demonstrate they are abiding by secure-by-design principles, consistent with Biden Administration efforts to have software manufacturers assume greater responsibility for cyber security. Read more…

CISA unveils pilot for critical infrastructure cybersecurity

Dark Reading explores a new CISA pilot program to provide cybersecurity services to critical infrastructure entities, which the agency hopes to expand to 100 different entities across certain sectors. Read more…

Survey: Feds can use AI to sort flood of data and improve cybersecurity

C4ISRNet reports on a new survey of government leaders that indicates artificial intelligence can help federal agencies better deal with the overwhelming amount of cyber threat data they receive. Read more…

Congressional panel looks at software supply chain risks, SBOMs

Nextgov/FCW says a House subcommittee recently heard from expert witnesses on the cybersecurity risks of software supply chains, as well as the pros and cons of using software bills of materials (SBOMs). Read more…

Federal official says more funding needed for cyber modernization

FedScoop cites the Department of Labor’s CISO as voicing concern that adequate congressional appropriations have not been forthcoming to help meet the cybersecurity modernization requirements he feels are needed to fulfil President Biden’s May 2021 cyber executive order. Read more…

USAF used humanitarian flight to deliver cyber tech to protect Ukraine’s power grid

The Defense Post reports that an aircraft being used for United States Air Force humanitarian aid to Ukraine also secretly delivered cybersecurity technology to help that nation protect its power grid this winter against Russian hacking efforts. Read more…

What’s in the Navy’s inaugural cybersecurity strategy?

Nextgov/FCW looks at the U.S. Navy’s first cybersecurity strategy that was released Nov. 21 and outlines seven areas the service will focus on to boost its cybersecurity posture.  Read more…

AI technology to shield wireless networks being tested by Army

Stars and Stripes says U.S. soldiers have field-tested artificial intelligence technology in Europe that the Army hopes will thwart enemy detection of troops in contested areas while they are using wireless networks. Read more…

Cybersecurity
Robert DuPree
Manager of Government Affairs
Robert DuPree is the manager of government affairs at Telos Corporation. Follow him on Twitter: @RFDuPree
Read full bio

Related Posts

Recent Developments on Cybersecurity Laws Programs Regulations and Guidance
Recent Developments Regarding Cybersecurity Laws, Programs, Regulations and Guidance—Including FedRAMP, FISMA, NIST SP 800-53 Rev 5 and More
Robert DuPree • October 30, 2023
In recent months, there have been a number of articles and announcements on cybersecurity...
 Critical Importance of FedRAMP
The Critical Importance of FedRAMP: How it’s Evolved, Recent Developments and Paths to Authorization 
Patrick Sullivan • October 23, 2023
One of my first interactions with computer security history was a dusty set of books on a shelf in...
 Cybersecurity Best Practices as a Stepping-Stone to Success
National Cybersecurity Awareness Month: Best Practices as a Stepping Stone to Success
Josh Salmanson • October 17, 2023
Launched in 2004 by the National Cybersecurity Alliance (NCA) & the U.S. Department of Homeland...

Subscribe to Our Newsletter

Although we may use your information for targeted marketing and advertising, as described in the Privacy Policy, we will never sell your information to any third party.