Attackers are focusing their attention on critical infrastructure operators, and building resilience into those networks is a key to defending them, experts say.
The Government Accountability Office criticized the National Nuclear Security Administration's mixed risk management practices around operational technology devices and its lax oversight of subcontractor cybersecurity practices.
A new report by the CSC 2.0 pointed to both progress and "unfinished business" in the government's implementation of its recommendations for bolstering its cybersecurity strategy.
The Biden administration issued new guidance on software supply chain security for federal agencies, which includes requirements for self-attestations and SBOMs.
Whistleblower disclosures by former Twitter security executive Peiter Zatko have spurred Congress to consider new regulations of platform providers and social media companies.