Inside Cybersecurity

October 23, 2025

Home Page

Home Page

By Sara Friedman

Cuts to the Cybersecurity and Infrastructure Security Agency’s workforce loomed large over an annual event to assess the results of the Cyberspace Solarium Commission’s work, with concerns over ongoing operations and refocusing the agency’s mission.

By Jaden Beard

The Foundation for Defense of Democracies is asking the White House to oppose a controversial United Nations cybercrime treaty expected to be finalized this month, citing issues over a lack of protection for critical cyber research and vague definitions of cyber crime.

By Charlie Mitchell

The Business Software Alliance in a letter to congressional leaders identifies its artificial intelligence preferences in the House and Senate versions of the annual defense policy bill, while calling for tweaks and more significant changes in multiple areas including software security and restrictions targeting “countries of concern.”

By Jaden Beard

Maryland is launching a vulnerability disclosure program under the state’s Department of Information Technology, as part of efforts to invest in the cyber capabilities of state services and improve information sharing.

By Sara Friedman

The New York Department of Financial Services has published guidance on the security risks of using third party service providers, while maintaining compliance with cyber regulations in place for covered entities.

By Jaden Beard

Democrats on the House Oversight Committee are urging Homeland Security Secretary Kristi Noem to bring back employees from the Cybersecurity and Infrastructure Agency who have been subject to layoffs and reassignments, in a letter raising questions about impacts during the ongoing government shutdown.

By Jaden Beard

The Business Software Alliance encourages the use of backups and recovery techniques to foster cyber resilience in a new position paper, along with recommendations to assist with preparedness in the event of a cyber attack.

RECENT NEWS

Trump selects Purdue engineering dean Raman to serve as next NIST director
Microsoft encourages governments to adopt cyber procurement requirements for AI tools
Former CISA official Friedman joins supply chain firm NetRise as strategic advisor in first move
Former DOJ cyber official details considerations for ‘hack back’ tactics, in Aspen Digital series
Former NIST Director Locascio emphasizes importance of standards in innovation, under industry strategy update
Cyber threat intelligence firms provide details on F5 product vulnerabilities following CISA emergency directive

MORE NEWS ›

Topics

CMMC
NIST publishes final draft for advanced persistent threats publication update, accompanying assessment guide
DOD CIO nominee Davies identifies opportunities for realignment to meet zero trust goals
Pentagon considers costs for small businesses to comply with CMMC acquisition requirements in final rule
CMMC accreditation body expects to update assessment process guide in December
Incident Reporting Law
Pipeline sector urges FAA to set cyber safeguards for traffic management systems as part of aircraft rulemaking
Energy sector coalition seeks harmonization of proposed FAA rules with FERC cyber standards
U.S. Chamber calls on FAA to harmonize cyber reporting requirements in unmanned aircraft rulemaking
Easterly emphasizes power of artificial intelligence for software security
Supply Chain
EPA publishes cyber procurement checklist targeted at water sector to protect supply chains
FCC Chair Carr announces national security initiative encouraging online retailers to remove Huawei, ZTE equipment sales from their sites
Moody’s finds insurance firms utilize cyber risk assessment strategies to combat threats in software supply chains
Open source groups identify areas for refinement in CISA update to SBOM minimum elements report
Zero Trust
Trump executive order renews efforts under national security advisory committee run by DHS
Lawfare project poses research questions to guide future secure by design work
Arrington: Defense Dept. guidance on ‘blowing up’ risk management framework expected by Nov. 30
OMB’s Duffy discusses efforts to advance zero trust, find efficiencies across agencies
National Cyber Strategy
Stakeholders consider ‘systemic defense’ framework to address cyber infrastructure issues
Former NCD Inglis optimistic about opportunities for cyber under Trump administration
OMB memo for fiscal 2025 FISMA reporting builds on network visibility requirements, IoT responsibilities
NCD Coker: Chinese cyber threats require cross-sector engagements, partnership with OMB
CSF 2.0
NIST seeks feedback on draft update to cybersecurity framework profile for manufacturing sector
U.S. Chamber raises concerns to New York regulators over proposed cyber requirements for public utilities, cable television providers
NIST seeks input on guidance mapping post-quantum cryptography capabilities to key agency publications
Security pros eager for scoping in NIST’s cyber AI ‘profile’ as businesses press for deployment
INTERNET OF THINGS
NIST releases second draft of update to foundational Internet of Things guidance
NIST finalizes IoT characterization report, supplementing MUD project
NIST publishes draft quick start guide for managing emerging cyber risks using CSF 2.0
Former NSC cyber leader Neuberger joins tech-focused investment firm a16z
Artificial Intelligence
Leading software group identifies priority AI provisions in defense policy legislation
New York regulator releases cyber guidance to financial services entities for using third party providers
Trump selects Purdue engineering dean Raman to serve as next NIST director
Microsoft encourages governments to adopt cyber procurement requirements for AI tools