The Biden cybersecurity executive order maps out how the U.S. government will implement cybersecurity requirements and standards – but it is just the beginning. The federal government won’t be the last entity demanding more security transparency from software vendors and this is likely a sign of what’s to come for any organization creating software in any industry.

The Federal Bureau of Investigation (FBI) is engaged in a nationwide effort to build public awareness of hate crimes and encourage reporting to law enforcement.

The U.S. Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Justice’s Federal Bureau of Investigation (FBI) announced a new pilot program called “Operation Flashpoint” to build awareness in communities across the U.S. about how to prevent bomb attacks. 

D3FEND, a framework for cybersecurity professionals to tailor defenses against specific cyber threats is now available through MITRE. The National Security Agency funded MITRE’s research for D3FEND to improve the cybersecurity of National Security Systems, the Department of Defense, and the Defense Industrial Base.

The International Security Foundation (ISF) announced that Secretary Madeleine Albright is the ISF 10th Anniversary Speaker for the ISF Virtual Reception on Wednesday, November 17, 2021, 5 PM EDT. The global virtual event, hosted by the ISF during OSAC’s virtual Annual Briefing week, celebrates OSAC’s private-public partnership with the OSAC Awards and celebrates the ISF’s 10th anniversary.

Just as organizations require a show of security and compliance due diligence for their enterprise applications, so should they be doing for their IoT devices. They should also be putting this same pressure on their suppliers.

The National Security Agency (NSA) released the Cybersecurity Advisory, “Stop Malicious Cyber Activity Against Connected Operational Technology.” The CSA details how to evaluate risks to systems and improve the security of connections between OT and enterprise networks. Information technology (IT) exploitation can serve as a pivot point for OT exploitation, so carefully evaluating the risk of connectivity between IT and OT systems is necessary to ensure unique cybersecurity requirements are met.

U.S. President Biden has signed a new executive order imposing new sanctions on Russia for actions by "its government and intelligence services against the U.S. sovereignty and interests." The administration formally named Russian Foreign Intelligence Service (SVR), also known as APT 29, Cozy Bear, and The Dukes, as the perpetrator of the broad-scope cyber espionage campaign that exploited the SolarWinds Orion platform and other information technology infrastructures. 

NSA released the first video of its new Cybersecurity Collaboration Center speaker series. In these talks, NSA experts will share insights, lessons, and contributions of their cybersecurity work. The Center works with government and industry partners to protect U.S. National Security Systems, the Department of Defense (DoD) and the Defense Industrial Base (DIB).

The final rules requiring remote identification of drones and allowing some flights over people, over moving vehicles and at night under certain conditions will go into effect on April 21, 2021, the Federal Aviation Administration (FAA) announced.