Inside Cybersecurity

November 29, 2025

Home Page

Home Page

By Sara Friedman

House Homeland Security Chairman Andrew Garbarino (R-NY) is asking Anthropic CEO Dario Amodei and Google Cloud CEO Thomas Kurian to testify at a Dec. 17 joint subcommittee hearing reviewing artificial intelligence capabilities and their cyber implications in the wake of an AI-assisted cyber attack disclosed on Nov. 13.

By Sara Friedman

A coalition led by the Information Technology Industry Council is urging the confirmation of Sean Plankey to be the next director of the Cybersecurity and Infrastructure Security Agency, in a recent letter to Senate leadership and Homeland Security Chairman Rand Paul (R-KY) and ranking member Gary Peters (D-MI).

By Sara Friedman

Senate appropriators are proposing a fiscal 2026 spending bill for two White Houses offices key to cybersecurity efforts, with stable funding that continues work to fulfill their missions.

By Sara Friedman

The National Institute of Standards and Technology has finalized a five-volume practice guide for a project to help organizations connect new Internet of Things devices onto networks in a secure manner, along with a publication on foundational concepts and an automating IoT security white paper.

By Jaden Beard

A cyber testing firm has published findings from a reassessment of Palo Alto Networks and Fortinet’s enterprise firewall products, based on software updates spurred by a report from the firm that discovered vulnerabilities in the ability of both products to block common evasion techniques.

By Jaden Beard

The National Institute of Standards and Technology is asking for input on the second draft of a cyber workforce quick start guide designed to help organizations understand how to make risk-based decisions using the NIST cybersecurity framework.

By Jaden Beard

The R Street Institute sees CISA’s Common Vulnerabilities and Exposures program as a national defense priority, amid concerns over the initiative’s funding and priorities, advocating in a recent blog post for continued investment by the federal government.

RECENT NEWS

CISA issues commercial spyware alert encouraging adoption of best practices for messaging apps
House lawmakers introduce bill requiring SEC to develop policies, procedures for handling sensitive information
SEC drops case against SolarWinds, outlines cyber examination plans for 2026
Microsoft pitches regulatory reforms to bolster open source artificial intelligence development
Democratic Commissioner Gomez highlights IoT cyber labeling program as FCC partnership, amid ongoing pause due to China ties
FCC Chair Carr calls rescinded declaratory ruling ‘ineffective’ in responding to cyber threats, open to new rules

MORE NEWS ›

Topics

CMMC
NIST extends comment period for CUI publication to January, allowing time for more input after government shutdown
National Defense ISAC leader raises questions over CMMC assessment capacity, controlled unclassified information
CMMC final rule goes into effect, kicking off four-phase timeline for contract requirements
National Defense ISAC publishes guide on using virtual desktops to support reaching compliance with CMMC requirements
Incident Reporting Law
Cybersecurity Coalition pushes regulatory alignment, legislative actions after government shutdown
Pipeline sector urges FAA to set cyber safeguards for traffic management systems as part of aircraft rulemaking
Energy sector coalition seeks harmonization of proposed FAA rules with FERC cyber standards
U.S. Chamber calls on FAA to harmonize cyber reporting requirements in unmanned aircraft rulemaking
Supply Chain
House panel examines DHS role in addressing cyber threats to subsea cable infrastructure
Sens. Young, Kelly introduce bill calling for NSA ‘playbook’ to guard U.S. artificial intelligence innovation
FCC approves order in split vote to reverse cyber declaratory ruling, citing actions taken by industry in response to Salt Typhoon
Democratic Commissioner Gomez criticizes order to roll back cyber declaratory ruling ahead of FCC meeting
Zero Trust
Zscaler report finds increase in cyber attacks against Internet of Things devices targeting energy sector
CISA publishes best practices security guide on Microsoft Exchange servers, following August emergency directive
Carnegie Mellon research hub considers zero trust implementation needs for weapon systems
Trump executive order renews efforts under national security advisory committee run by DHS
National Cyber Strategy
Security leader Clinton highlights benefits of virtual cyber academy under new ONCD leadership
Stakeholders consider ‘systemic defense’ framework to address cyber infrastructure issues
Former NCD Inglis optimistic about opportunities for cyber under Trump administration
OMB memo for fiscal 2025 FISMA reporting builds on network visibility requirements, IoT responsibilities
CSF 2.0
Nonprofit ransomware task force updates defense blueprint to align with CSF 2.0 functions
EPA publishes cyber procurement checklist targeted at water sector to protect supply chains
NIST seeks feedback on draft update to cybersecurity framework profile for manufacturing sector
U.S. Chamber raises concerns to New York regulators over proposed cyber requirements for public utilities, cable television providers
INTERNET OF THINGS
NIST extends comment periods for Internet of Things, differential privacy publications
Consumer tech group anticipates next steps in IoT cyber labeling program following FCC review
Sen. Cassidy introduces bill setting up privacy, data breach requirements for consumer health tech
Trump selects Purdue engineering dean Raman to serve as next NIST director
Artificial Intelligence
GOP leaders on House Homeland ask Anthropic, Google execs to testify on AI-assisted cyber attack
Senate appropriators introduce legislation to keep funding for ONCD, OMB stable in fiscal 2026
SEC drops case against SolarWinds, outlines cyber examination plans for 2026
National security think tank proposes strengthening federal incident response efforts to prepare for AI cyber risks