The NIST issued new guidelines to help federal agencies and their private sector contractors better protect sensitive unclassified information, known as Controlled Unclassified Information (CUI), from cyber threats, particularly supply chain risks.

Artificially Intelligent — a team of four Army servicemembers and one from the Air Force — won the 2024 President’s Cyber Cup Challenge, a five-year-old competition open to federal government and U.S. military personnel.

The Library of Congress was targeted in a cyberattack that occurred in parallel with a high-profile intrusion into the British Library in October 2023 but it was a failed attempt, according to internal documents obtained by Nextgov/FCW.

Despite the progress in improving cybersecurity posture, the United States still faces various threats, including ransomware attacks, cyberattacks on critical infrastructure, and the growing use of artificial intelligence in malicious activities.

The White House is engaging with the tech industry to establish a legal framework for software liability as part of a broader cybersecurity strategy, aiming to incentivize software developers to create products without exploitable security flaws.

The new strategy of the U.S. government aims to defend against cyberattacks on critical infrastructure, prevent surveillance misuses, and promote digital solidarity among global partners.

NASA has been cautioned by the Government Accountability Office (GAO) for not having mandatory security guidance in place for its spacecraft acquisition policies and standards.

The alert says that water operators are employing poor security standards that have allowed the hackers to breach their networks, including the use of default passwords that are included when the water system management tools are first installed.

The Cybersecurity and Infrastructure Security Agency is targeting a September 30 deadline to give federal agencies a list of example software products deemed critical for the federal government’s cyber posture.

A measure led by two House Republicans would enable the Environmental Protection Agency to certify a governing body to develop and recommend cybersecurity requirements for water treatment and wastewater systems.