Inside Cybersecurity

March 26, 2025

Home Page

Home Page

By Sara Friedman

The Defense Department’s plan to finalize the second rulemaking for the Cybersecurity Maturity Model Certification program by mid-2025 is starting to slip as the Pentagon works to meet requirements from President Trump’s Jan. 31 executive order on deregulation.

By Jacob Livesay

President Trump’s top intelligence officials offered a detailed look into international cyber threats at a Senate hearing where the administration revealed findings from the 2025 annual worldwide threats assessment report.

By Christian Robles

Major health care trade associations are urging the Trump administration update or rescind proposed Health Insurance Portability and Accountability Act cybersecurity requirements put forward by the Biden administration in a notice of proposed rulemaking from the Department of Health and Human Services.

By Jacob Livesay

The National Institute of Standards and Technology has released a draft guide for public comment focused on identifying and mitigating vulnerabilities when integrating applications in enterprise cloud environments, including applying zero trust principles.

By Sara Friedman

The Cyber Risk Institute is working on a profile of the National Institute of Standards and Technology’s artificial intelligence risk management framework to meet the needs of their financial sector members, according to a filing to NIST on the intersection of AI and cybersecurity.

By Sara Friedman

The General Services Administration has launched a new initiative to accelerate the adoption of cloud services through its Federal Risk and Authorization Management Program using automation to speed the authorization process.

By Sara Friedman

Cait Conley, a former CISA employee who led the agency’s 2024 election efforts, has announced a run for Congress in the upcoming election cycle in New York facing Rep. Michael Lawler (R-NY), who is currently in his second term.

RECENT NEWS

Contracting group seeks guidance from FAR Council on implementing controlled unclassified information rulemaking
Stakeholders call for funding to support agency needs in post-quantum cryptography migration
FCC Chairman Carr opens investigation into Chinese companies on covered list banned from operating in U.S.
Think tank offers strategies for mitigating artificial intelligence risk against ‘future failures’
Industry groups converge to advocate for CISA 2015 reauthorization in letter to congressional leadership
House Homeland Security Committee sees need for stronger info-sharing following Salt Typhoon campaign

MORE NEWS ›

Topics

Biden's Executive Order
Rep. Garbarino calls for DHS study on Cyber Safety Review Board efforts
Former NCD Inglis sees potential for moving Cyber Safety Review Board to White House cyber office
Former NSC official Clarke sees focus on nation state threats, federal cyber networks as priorities for Trump administration
House Homeland Security Chair Green highlights cyber workforce bill, other priorities at first hearing
Incident Reporting Law
Former acting NCD Walden highlights potential action on cyber regulatory harmonization under Trump administration
Noem moves to disband current structure for coordinating with critical infrastructure partners at CISA
Industry groups praise selection of Plankey to serve as CISA director
House panel weighs options for cyber regulatory harmonization amid CISA efforts to finalize incident reporting rule
SEC CYBER RULES
Outlook: Trump’s views on CISA incident report regime, SEC cyber rules and critical infrastructure regulations on the horizon
Industry evaluates impact of SEC cyber incident disclosure year one year later
Trump announces venture capitalist for ‘AI czar’ role at White House, SEC chair nominee
FCC, SEC chairs announce plans to leave government on Inauguration Day
CMMC
Stakeholders criticize incident reporting window in proposed rule to establish CUI requirements for federal contractors
Pentagon posts CMMC presentation slides on alignment with NIST standards, FedRAMP equivalency
Katie Arrington named acting chief information officer for Defense Department
Defense group raises concerns over cost of CMMC implementation as companies prepare for assessments
Zero Trust
FCC security advisory group to consider post-quantum cryptography as part of 6G security study
OMB memo for fiscal 2025 FISMA reporting builds on network visibility requirements, IoT responsibilities
OMB ‘impact’ report reflects progress on zero trust transition, post-quantum cryptography planning
House passes fiscal 2025 NDAA with agreement on fully funding FCC rip and replace program
National Cyber Strategy
NCD Coker: Chinese cyber threats require cross-sector engagements, partnership with OMB
ONCD plans to provide recommendations for incoming Trump administration on software liability schemes
ONCD official highlights efforts to build on threat disruption objectives in national cyber strategy
White House launches ‘Service for America’ sprint to step up cyber workforce development
CSF 2.0
Tech group encourages NIST to utilize existing standards when crafting AI-focused cybersecurity framework profile
NIST seeks input to inform updating cybersecurity framework profile on positioning, navigation and timing services
NIST seeks feedback on CSF 2.0 profile on semiconductor manufacturing
NIST releases draft updates to cyber enterprise risk management series aligned with CSF 2.0
Supply Chain
Democratic Commissioner Starks announces plans to leave FCC
NIST shares initial takeaways from 5G cybersecurity implementation project in draft executive summary
Solarium Commission highlights achievements on five-year anniversary of landmark report
State, local stakeholders identify need for supporting non-federal cyber efforts beyond CISA grant program