Policy & Regulation
-
Luke Sharrett via Getty Images
TSA rolls out rail cyber requirements, targeting prevention and rapid response
The directives, with immediate implementation expected, are primarily for higher-risk freight railroads, passenger rail, and rail transit, DHS said.
By Samantha Schwartz • Dec. 3, 2021 -
DKosig via Getty Images
Insurer Lloyd's slashes coverage on state-sponsored cyberattacks, reflecting battered market
The limits for state-sponsored attack coverage comes at a time when nation-state activity and ransomware linked to foreign threat actors is surging.
By David Jones • Dec. 3, 2021 -
Dan Kitwood via Getty Images
Crypto becoming the preferred currency of cybercriminals and rogue governments
Authorities are turning the tables on cybercriminals by tracing the steps of illicit transactions and making it more difficult for ransomware operators to evade detection.
By David Jones • Nov. 24, 2021 -
Chip Somodevilla / Staff via Getty Images
Recovering ransom payments could become routine for law enforcement
Backed by blockchain analysts and crypto-tracers, law enforcement agencies want to become more proficient in seizing ransomware-related funds.
By Samantha Schwartz • Nov. 23, 2021 -
Dan Kitwood/Getty Images News via Getty Images
Companies urged to alert federal law enforcement in ransomware cases
A key official with the U.S. Secret Service says companies need to work with law enforcement agencies, who can help make critical decisions in disrupting illicit transactions.
By David Jones • Nov. 17, 2021 -
Getty via Getty Images
FBI justifies its decision to withhold Kaseya decryptor
The law enforcement agency prioritized the long-term benefits of a delay over the immediate decryption key release.
By Samantha Schwartz • Nov. 17, 2021 -
Jon Cherry via Getty Images
K-12's decade-old cyber guidance needs updating, watchdog says
With K-12 considered critical infrastructure, the Government Accountability Office is calling for more guidance on the federal government's role in protecting schools.
By Roger Riddell • Nov. 15, 2021 -
Michael M. Santiago via Getty Images
Banks outpace other industries in cyber investments, defense strategies: report
The banking industry is actively investing in cyber defense and employing sound corporate governance practices to combat threats, Moody's found.
By David Jones • Nov. 15, 2021 -
Leon Neal via Getty Images
US backs Paris-led effort on cybersecurity cooperation
After sitting on the sidelines for three years, the U.S. is joining an international effort to create stability and order in cyberspace.
By David Jones • Nov. 11, 2021 -
Chip Somodevilla via Getty Images
DOJ unveils charges, money seizures in multinational crackdown against REvil
The Justice, Treasury and State departments led an international effort to crack down on ransomware, money laundering and illicit trading of cryptocurrency connected to the gang linked to the Kaseya attack.
By David Jones • Nov. 9, 2021 -
Mark Makela/Getty Images via Getty Images
State Department to add cyber bureau, tackle tech diplomacy
The additions could help streamline coordination and eliminate the simultaneous — and sometimes redundant — efforts of global partners.
By Samantha Schwartz • Nov. 9, 2021 -
Sarah Silbiger via Getty Images
$1.2 trillion infrastructure bill passes House, tying cyber to physical investments
The bill, which awaits President Joe Biden's signature, invests $2 billion in cybersecurity and formalizes the national cyber director's budget.
By Samantha Schwartz • Nov. 8, 2021 -
Getty Images / Staff via Getty Images
Pentagon revamps CMMC program to help SMBs meet compliance standards
Critics have decried the cybersecurity program as far too expensive and complex for thousands of defense contractors struggling to shield data from nation states.
By David Jones • Nov. 5, 2021 -
SEC to 'dig deeper' in cybersecurity enforcement
The commission's guidance from 2018 foreshadowed many recent cybersecurity enforcement actions by the agency's Cyber Unit.
By Jim Tyson • Nov. 5, 2021 -
Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by yucelyilmaz via Getty Images
CISA wants to identify the most vulnerable critical infrastructure
The agency is basing its analysis on economic and network centrality, as well as "logical dominance in the national critical functions," Director Jen Easterly said.
By Samantha Schwartz • Nov. 1, 2021 -
Chris Krebs, former CISA director and founding partner of Krebs Stamos Group, speaking with Gartner Distinguished VP Analyst Neil MacDonald during the virtual Gartner IT Symposium/Xpo Wednesday. Retrieved from Gartner IT Symposium/Xpo on Oct. 20, 2021
Government can demand stronger product security, Krebs said. It could help private sector, too
The federal government can use the power of the purse to leverage security improvements, which could benefit businesses at large, according to former CISA Director Chris Krebs.
By Samantha Schwartz • Oct. 22, 2021 -
Cyberattacks spur demand for cyber insurance: Moody's
"This is a critical area that we're challenged with," Securities and Exchange Commission Chair Gary Gensler said, describing the agency’s sharper focus on cyber risk.
By Jim Tyson • Oct. 22, 2021 -
Photo illustration by Danielle Ternes/Cybersecurity Dive; photograph by yucelyilmaz via Getty Images
Federal agencies warn of ransomware targeting water, wastewater treatment plants
Months after the attack on a Florida water treatment plant, the FBI, CISA and other agencies are concerned about a new round of threats to vulnerable municipal sites.
By David Jones • Oct. 18, 2021 -
Dan Kitwood/Getty Images News via Getty Images
2021 ransomware bitcoin activity eclipses last year, Treasury finds
The number of suspicious activity report transactions is already up 30% over 2020 numbers and the agency has tracked billions of dollars in outgoing bitcoin payments potentially linked to ransomware.
By Samantha Schwartz • Oct. 18, 2021 -
Chip Somodevilla / Staff via Getty Images
Ransomware summit takeaways: Pledges to disrupt safe havens, money laundering
The State Department is in talks with Russia, however, some U.S. experts warn the Biden administration needs to take more forceful action out in the open.
By David Jones • Oct. 15, 2021 -
Sean Gallup via Getty Images
Biden administration seeks international progress on ransomware fight
Russia, China and North Korea were left out of the virtual summit, while officials from 30 nations look to combat ransomware and illegal crypto transactions.
By David Jones • Oct. 14, 2021 -
Chip Somodevilla / Staff via Getty Images
White House tackles endpoint security in federal agencies, tees up CISA
Agencies should have "enterprise-level visibility" across bureaus and sub-agencies, a Friday memo said.
By Samantha Schwartz • Oct. 13, 2021 -
Anna Moneymaker via Getty Images
DOJ cracks down on ransomware with cyber task force, civil fraud initiative
Federal authorities will target illegal crypto trading platforms and pursue federal contractors that fail to report breaches.
By David Jones • Oct. 7, 2021 -
Ransomware attacks put availability of medical devices at risk: FDA cyber chief
Industry reached a "watershed moment" earlier this year when a device outage caused by malware endangered patient lives, said the acting director of cybersecurity at CDRH.
By Greg Slabodkin • Oct. 4, 2021 -
Stefan Zaklin / Stringer / via Getty Images via Getty Images
How CISA's head wants to reform federal cybersecurity
Without a federal incident reporting law, CISA and the private sector lack efficient information-sharing capabilites, Director Jen Easterly said.
By Samantha Schwartz • Sept. 23, 2021
