CISA Affirms 2035 Quantum Encryption Target Feasible Despite Technological Advancements Chris Riotta (@chrisriotta) • December 19, 2024 Experts believe the 2035 requirement for federal agencies to implement quantum-resistant cryptography is still feasible. (Image: Shutterstock) The Cybersecurity and Infrastructure Security Agency (CISA) maintains that the 2035 deadline for federal entities to…
Federal Agencies Mandated to Implement New Cloud Security Policies by 2025 In a significant move aimed at enhancing cybersecurity across the federal landscape, the Cybersecurity and Infrastructure Security Agency (CISA) has announced that U.S. civilian agencies will be required to adopt secure configuration baselines for key software-as-a-service (SaaS) platforms beginning…
Governance & Risk Management, Government, Industry Specific Proposed National Response Plan Enhances Inter-Sector Collaboration Strategies Chris Riotta (@chrisriotta) • December 16, 2024 The public has until Jan. 15, 2025, to submit feedback on the proposed updates to the National Cyber Incident Response Plan. The federal government announced on Monday its…
A recent analysis from a CISA employee suggests that future compliance initiatives, particularly those aimed at ensuring security by design, may face diminishing support. This change in corporate oversight is expected to be a key focus for tech leaders like Elon Musk, especially as they align themselves with figures such…
An FBI official recently highlighted the advantages of utilizing cellphones that receive regular operating system updates, employ responsibly managed encryption, and leverage phishing-resistant multifactor authentication for crucial online accounts. This recommendation comes amid concerns over a significant cyber espionage campaign attributed to state-affiliated actors in China, who have reportedly infiltrated…
CISA Issues Guidance Following Salt Typhoon Cyber Attacks on Telecommunications The Cybersecurity and Infrastructure Security Agency (CISA) has released a series of recommendations aimed at bolstering defenses against cyber attacks linked to the Salt Typhoon threat group, which is believed to have infiltrated major global telecommunications providers earlier this year.…
T-Mobile Resists State-Sponsored Cyberattack, Warns of Broader Threats to U.S. Networks T-Mobile has publicly refuted claims that its security systems were breached by Chinese state-sponsored hackers, asserting that it has successfully blocked their attacks. However, the telecom company cautions that various communications networks across the United States may still be…
Healthcare, Industry Specific, Standards, Regulations & Compliance Watchdog Agency Report Highlights Inaction on Cybersecurity Recommendations Marianne Kolbasuk McGee (HealthInfoSec) • November 21, 2024 The GAO report indicates that the HHS has yet to implement critical recommendations aimed at improving its leadership role in healthcare cybersecurity. (Image: GAO) The U.S. Department…
Breach Notification, Fraud Management & Cybercrime, Healthcare Ransomware Attack Exposes Personal Data of Over 133,000 at Small Oklahoma Hospital Marianne Kolbasuk McGee (HealthInfoSec) • November 19, 2024 Image: Great Plains Regional Medical Center Great Plains Regional Medical Center, a 62-bed facility in Elk City, Oklahoma, experienced a significant ransomware attack…
