2021 Year in Review: The Biden Administration’s Efforts on Cybersecurity
The past year was prolific for cybersecurity. High profile cyberattacks such as the SolarWinds hack of government agencies and Colonial Pipeline ransomware attack greatly increased public awareness of cybersecurity and understanding of its national security implications. In the first year of the Biden Administration, significant policy strides were made through a variety of executive and legislative actions, including major personnel and reorganization efforts at federal agencies and new rulemaking.
Under the Trump Administration, the federal hiring freeze and elimination of key cyber positions weakened the federal government’s overall cybersecurity posture. The Biden Administration’s White House and federal agencies have demonstrated a commitment to combat cyberattacks as a top national security issue, prioritizing not only the government’s digital infrastructure, but also private institutions and everyday citizens.
The Biden administration’s first year in office included executive action taken by President Biden to address cybersecurity measures within the federal government, elevating seasoned cybersecurity experts and restructuring of agencies, agency rulemaking that impacted the private and public sector alike, as well as legislative efforts taken by the 117th Congress.
EO 14028: Improving the Nation’s Cybersecurity
On May 12, 2021, President Biden issued a comprehensive cybersecurity executive order in the wake of the Colonial Pipeline ransomware attack. The EO laid out several stronger cybersecurity standards for the US federal government, enhanced cyber threat intelligence sharing within the federal government and with federal contractors, hardened the government’s critical infrastructure by standardizing a zero trust protocol, and created clearer baseline response and after-action reporting guidance for cyber incidents.
In response to rising cyber supply chain attacks, the EO established the concept of “critical software” to identify important electronic systems and assist the federal government and civil society to safeguard data in the event of a supply chain vulnerability. The EO directed the National Institute of Standards and Technology (NIST) to issue guidance on critical software, including that a formalized Software Bill of Materials be available for each piece of critical software. A software bill of materials is a list of all the bespoke, open source, and third-party components, like a list of ingredients in a nutrition facts label. This initiative provides government IT suppliers greater visibility into the software supply chain and associated risks and vulnerabilities to the critical software.
The EO also tasked the Department of Homeland Security (DHS) to establish a Cybersecurity Safety Review Board that would convene a body of public and private sector representatives to provide advice following a significant cyber incident – such as on the scale of the Colonial Pipeline hack. Additionally, the EO uses contract compliance stipulations to set higher cybersecurity standards and expanded breach notification and information sharing requirements for federal contractors. This is critical after SolarWinds highlighted the government’s vulnerability to cyberattacks through outside contractors.1
In 2021, President Biden and his Administration supported an array of key legislative provisions that were enacted into law and strengthened the US government’s cybersecurity posture.
American Rescue Plan Act of 2021
On March 11, 2021, President Biden signed the Administration’s landmark COVID-19 recovery bill, appropriating $650 million in new funding for the Cyber Security and Infrastructure Agency (CISA) to implement new general risk mitigation programs. The law also appropriated $200 million in funds for the US Digital Service and $1 billion in new funding for the General Services Administration’s Technology modernization fund.2
K-12 Cybersecurity Act of 2021
On October 8, 2021, President Biden signed into law a study of the threat cyber operations pose to K-12 schools. The law assigns CISA to evaluate school data storage systems, as well as create an online training toolkit for school officials to adopt better cybersecurity protocols.3
Infrastructure Investment and Jobs Act
On November 15, 2021, President Biden signed into law a $550 billion bipartisan infrastructure bill. The massive modernization of American infrastructure included several provisions to improve cybersecurity, including over $1.49 billion in appropriated funds. The law commissioned several programs to assess cybersecurity risks across several agencies, train staff with cyber expertise, and generally strengthen the cybersecurity of critical infrastructure such as electricity and water utilities. The law also incentivized greater private sector cooperation, funded the National Cyber Director, authorized DHS to declare a major cyber incident and disperse assistance personnel and funds, and established a $1 billion grant program to upgrade state, local, territorial, and tribal governments’ cybersecurity infrastructure across the US.4
National Defense Reauthorization Act for Fiscal Year 2022
On December 27, 2021, President Biden signed into law this year’s National Defense Reauthorization Act (NDAA) for Fiscal Year 2022, authorizing $770 billion in spending. Among its new cyber policies, the NDAA expands cooperation with the private sector, investigates America’s current cyber posture, improves cyber personnel, and upgrades the Defense Department’s cyber infrastructure standards.
In collaborating with the private sector, the NDAA codified and expanded the Cybersecurity and Infrastructure Security Agency’s CyberSentry program. The CyberSentry initiative proactively monitors online traffic between critical infrastructure and private companies, helping to pre-empt a hack. The bill also established programs for voluntary collaboration between the private sector and US Cyber Command in combatting cyberattacks, as well as affirmed the Defense Department’s ability to help private sector firms in conjunction with government partners like CISA.
The NDAA commissioned several reports to study America’s current cyber posture, including a comparative analysis of American cyber power, a formal taxonomy of US cyber capabilities, what tools can be used to stop ransomware operators, and assessments of known cybersecurity vulnerabilities and the competitive advantage for America’s adversaries relating to their discovery. Notably, the NDAA also assigned the head of US Cyber Command direct control in its planning, programming, and budgeting, allowing for more tailored strategies in line with the findings of the reports.
For the development of Department of Defense (DOD) cyber personnel, the NDAA extends the cybersecurity training pilot program for the National Guard, assesses academic engagement regarding recruiting student cyber talent from universities and hiring professors as advisors, and examines current hiring and upskilling opportunities of DOD’s military and civilian cyber employees. The NDAA also creates a new national cyber exercise program to help prepare the whole of government and civil society to act in the event of a cyber incident.
Finally, the NDAA upgrades DOD’s cyber infrastructure by setting up a new program for enterprise-wide reviews of cyber and data product acquisition, initiating new efforts to eliminate unneeded legacy software systems from the military, and commissioning a report on adopting zero-trust infrastructure across the Defense Department. In general, there are many new programs and reports in this year’s NDAA to update DOD’s base cybersecurity procedures.5
The Trump Administration’s vacancies and elimination of senior-level positions left serious vulnerabilities in the government’s overall capacity to conduct effective cybersecurity operations. Positions such as the Chief Information Officer in the Office of Management and Budget (OMB) and the Director of CISA went without permanent appointees from January 2017 until January and November 2018 respectively. Former DHS acting undersecretary John Cohen noted this left the senior ranks of cybersecurity “pretty decimated” throughout the Trump Administration.6 President Trump and then-National Security Advisor John Bolton also eliminated the position of national cybersecurity coordinator from the National Security Council. Other cyber positions in DHS and the FBI were also left vacant or had personnel removed during the Trump Administration.7 The most notable of these vacancies coming with the firing of the first CISA director, Christopher Krebs, in 2020 for disputing President Trump’s false claims of election rigging.8
White House Leadership
The Biden Administration has filled top White House positions with deeply experienced cybersecurity veterans. Chris Inglis and Anne Neuberger were selected to serve in the new roles of National Cyber Director (NCD) and Deputy National Security Advisor for Cyber and Emerging Technology, respectively.9 Both Neuberger and Inglis spent years working on the NSA’s cybersecurity efforts before Neuberger served as the agency’s Director of Cybersecurity and Inglis became the Deputy Director.10
The NCD is the President’s chief advisor of cyber issues to help in constructing and implementing a national cyber strategy as well as coordinating interagency cyber efforts “except for Title 10 (offensive) and Title 50 (intelligence) cyber operations and programs.”11 President Biden was the first to fill the NCD position after the position was established in the National Defense Authorization Act for Fiscal Year 2021.12 As the “quarterback” of the federal government’s cybersecurity team, the NCD has an outsized role in creating and implementing the federal government’s cyber strategy in addition to advising agencies on how to carry out the President’s executive orders.13 The Deputy National Security Advisor for Cyber and Emerging Technology is also in the President’s circle of advisors and will be responsible for coordinating the cybersecurity efforts and national security and foreign policies across the federal government.14 The role also deals more broadly with emerging technologies like artificial intelligence and works directly with international partners on cybersecurity enforcement efforts.15 This focus on international cooperation comes at a crucial time as the federal government deals with the fallout from the SolarWinds and Microsoft Exchange cyberattacks.16
The Biden Administration also built out the cyber capabilities and resources across national security federal agencies. Secretary of State Antony Blinken announced the creation of the Bureau of Cyberspace and Digital Policy in late October 2021, signaling the Biden Administration’s intention to re-elevate the issue abroad.17 Seen as a step in the right direction by members of Congress in both parties, the new bureau will work with allies to combat foreign cyberattacks, ensure “digital freedom,” and tackle other potential consequences from new emerging technologies.18 The creation of the bureau comes at a critical time as countries like China and Russia try to increase their global digital footprint. While the Trump Administration had previously merged the State Department’s Office of the Cyber Coordinator with another office in 2017, it proposed of a new technology focused bureau in the State Department at the end of his presidency.19 A January 2021 report Government Accountability Office (GAO) report found that the Trump Administration “did not demonstrate that it used data and evidence to develop its proposal for establishing a new Bureau of Cyberspace Security and Emerging Technologies (CSET).”20
In October 2021, the Central Intelligence Agency (CIA) also announced the creation of the new China Mission Center and the Transnational and Technology Mission Center.21 The two mission centers will have natural overlap since technology is the main area of US-China competition, including a shared mission to gather intelligence and combat any malevolent cyber actions that might arise.22 Over the past year, the Biden Administration also established a Chief Digital and Artificial Intelligence Officer at the Defense Department and a Chief Technology Officer (CTO) at the CIA. The Chief Digital and AI Officer will be in charge in all data and AI-related work led by the Defense Department’s Joint AI Center, Office of the Chief Data Officer, and Defense Digital Service.23 The CIA’s new CTO position was the result of a series of strategic reviews with the purpose of restructuring the agency “to best position it to address current and future national security challenges.”24
Workforce Capacity Building
Cybersecurity is a constantly evolving issue that requires a robust workforce to protect digital infrastructure, especially recruiting talented cyber professionals and students to serve in government. The Trump Administration’s federal hiring freeze prevented federal agencies from hiring cybersecurity experts as well as shut off the university pipeline and created “surprise debt” for students who relied on federal scholarships in return for government service.25 While the Department of Defense was exempt from the hiring freeze, other agencies had to put a halt to any future hires in critical analyst-level positions at a time when cyberattacks were becoming more intricate and frequent.26 The Office of the Inspector General at the State Department released a report in August 2019 that pointed to the hiring freeze as the reason for delays in cybersecurity measures they wanted to implement and left classified information vulnerable.27 Congress and federal agencies were also at odds throughout the Trump Administration with Congress expecting federal agencies to close the workforce gap in the midst of the administration’s hiring freeze.28
Cybersecurity Hiring and Recruitment Efforts
The Biden Administration instituted numerous hiring initiatives with the intent of recruiting and cultivating the next generation of cybersecurity professionals. The Department of Homeland Security led the way with its Cybersecurity Talent Management System (CTMS) and its 60-day sprint focused on filling hundreds of cyber positions. The Department’s CTMS took steps to correct numerous issues with DHS hiring and recruiting practices. Potential applicants would no longer had to wait extended periods of time to hear back about a position with the Department’s new streamlined application and screening process for applicants.29 The CTMS will phase in to include the entirety of the DHS, but it currently serves to fill in roles in the newly created DHS Cybersecurity Service, CISA, and the Office of the Chief Information Officer.
The Department’s series of 60-day sprints under Secretary Alejandro Mayorkas was applauded as a necessary action to put our country’s cybersecurity back on track. Of those sprints, DHS focused on filling vacancies that were plaguing its cyber capabilities. The initiative proved successful and exceeded its initial hiring goal by nearly 50%, hiring 300 cybersecurity professionals and extending 500 job offers.30 This sprint coincided with another DHS recruiting effort, the Honors Program, that offers a one-year developmental program with the potential to join permanently at its completion.31
The Department of Justice (DOJ), CISA and the CIA also increased their efforts to recruit the new generation of cyber professionals. Last August, Deputy Attorney General Lisa Monaco announced that DOJ would be implementing a Cyber Fellowship program. The program allows attorneys to serve for three years and rotate serving under the Criminal Division, National Security Division, and US Attorneys’ offices with the potential for permanent employment at completion.32 The CIA announced a similar fellowship program to create a pipeline of recruits for its own cybersecurity positions. The CIA Technology Fellows Program will allow cybersecurity professionals to serve either one- or two-year terms with the potential for employment at completion as well.33 CISA also continued its pursuit of mentoring the next generation of cybersecurity professionals with the expansion of its K-12 Initiative. In July, Secretary Mayorkas announced CISA had “hosted more than 40 professional development events for over 1,500 educators to provide them with the resources and tools to incorporate critical cybersecurity concepts into their core curriculum.”34
The Biden Administration also directly invested in personnel capacity through increased agency funding across the board. The Department of Homeland Security’s budget for Fiscal Year 2022 set aside over $124 million specifically for capacity building, an increase of $3.2 million from FY2021, with the Hunt and Incident Response Team, Joint Cyber Planning Office, CyberSentry program, and National Risk Management Center also receiving bumps in their authorized funding.35 The DOJ also increased their proposed FY2022 budget for its National Security and Criminal Divisions, the two main divisions tasked with fighting cybercrime, by $17.9 million and $5.6 million, respectively. And at a time when state and local governments need more resources to grapple with cyberattacks, the $2.3 million increase in the U.S. Secret Service’s Computer Forensics Training program will better equip those governments to address cyberattacks.36
Rulemaking and Policy
Incident reporting to the proper authorities is critical in preventing ransomware attacks, but is not always practiced. While bipartisan cyber incident reporting mandates ultimately failed to be included in the final version of the NDAA, the Biden Administration initiated regulatory action to ensure that certain cyber incidents are reported in a timely manner.37
Banking Industry Incident Reporting
In late November 2021, the Federal Deposit Insurance Corporation, the Federal Reserve, and the Office of the Comptroller of Currency announced a new final rule that would require banking institutions to follow a set of steps in the event of a breach or ransomware attack.38 The rule requires banking services to disclose a “notification incident” to federal regulators within 36 hours of an incident. The rule defines a notification incident as any computer-security incident that has disrupted or disabled banking services from business operations.39 When it goes into effect in Spring 2022, this banking sector rule could be a useful model for breach disclosure requirements across various industries.
DOJ Enforcement Initiatives
On October 6, 2021, Deputy Attorney General Lisa Monaco announced two cyber-driven initiatives meant to crackdown on fraudulent activities.40 The Cyber Civil Fraud Initiative targets federal contractors that “fail to report cyber breaches in a timely manner, knowingly misrepresent their cybersecurity practices, or knowingly provide deficient cybersecurity products.”41 This initiative derives its authority under the False Claims Act to enact consequences for companies who fail to follow required federal cybersecurity standards. The other initiative creates the National Cryptocurrency Enforcement Team (NCET) within the Criminal Division to work on complex cases dealing with money laundering and illicit activities facilitated by cryptocurrency like drug and human trafficking.42 The NCET will also serve as advisors to federal prosecutors as well as state and local law enforcement agencies conducting investigations into illicit cryptocurrency activity.
2021 was a foundational year in the federal government’s fight against cybercriminals and protecting its own digital infrastructure. The Biden Administration came into office with a focused agenda to reinvigorate the federal government’s cybersecurity capabilities. In the past year, the government’s cybersecurity apparatus has become more dynamic than ever with new positions and bureaus as part of a comprehensive federal government effort to better manage cyber-related challenges. The Biden Administration must continue improving its efforts as cyberattacks and other illicit digital activities will pose a major threat going into 2022 and beyond, but the progress made this year has provided a strong foundation to further securing our critical cyber and national security interests.
United States, White House. Executive Order on Improving the Nation’s Cybersecurity. 12 May 2021. https://www.whitehouse.gov/briefing-room/presidential-actions/2021/05/12/executive-order-on-improving-the-nations-cybersecurity/. Accessed Jan. 19, 2022.
United States, Congress, House. American Rescue Plan Act of 2021. Congress.gov, https://www.congress.gov/bill/117th-congress/house-bill/1319/text?r=3&s=6, 117th Congress, House Resolution 1319, signed 11 Mar. 2021.
United States, Congress, Senate. K-12 Cybersecurity Act of 2021. Congress.gov, https://www.congress.gov/bill/117th-congress/senate-bill/1917?r=1&s=7, 117th Congress, Senate 1917, signed 8 Oct. 2021.
United States, Congress, House. Infrastructure Investment and Jobs Act. Congress.gov, https://www.congress.gov/bill/117th-congress/house-bill/3684?q=%7B%22search%22%3A%5B%22cyber%22%2C%22cyber%22%5D%7D&s=3&r=2, 117th Congress, House Resolution 3684, signed 15 Nov. 2021.
United States, Congress, Senate. National Defense Authorization Act for Fiscal Year 2022. Congress.gov, https://rules.house.gov/sites/democrats.rules.house.gov/files/BILLS-117S1605-RCP117-21.pdf, 117th Congress, Senate 1605, signed 27 Dec. 2021.
Starks, Tim. “Trump confronts global cyber crisis with a staff marked by vacancies.” Politico, 15 May 2017. https://www.politico.com/story/2017/05/15/trump-confronts-global-cyber-crisis-with-a-staff-marked-by-vacancies-238423. Accessed Jan. 19 2022.
Johnson, Alex. “Trump eliminates job of national cybersecurity coordinator.” NBC News, 15 May 2018. https://www.nbcnews.com/politics/white-house/trump-eliminates-job-national-cybersecurity-coordinator-n874511. Accessed Jan. 19 2022.
Collins, Kaitlin, and Paul LeBlanc. “Trump fires director of Homeland Security agency who had rejected President's election conspiracy theories.” CNN, 18 Nov. 2020. https://www.cnn.com/2020/11/17/politics/chris-krebs-fired-by-trump/index.html. Accessed 19 Jan. 2022.
Katz, Justin. “Biden's top cyber nominees face the Senate as the country reels from cyberattacks.” FWC, 10 Jun. 2021. https://fcw.com/security/2021/06/bidens-top-cyber-nominees-face-the-senate-as-the-country-reels-from-cyberattacks/258424/. Accessed 19 Jan. 2022.
“OUTGOING NSA DEPUTY DIRECTOR JOHN INGLIS INTERVIEWED ON NATIONAL PUBLIC RADIO.” Office of the Director of National Intelligence. https://www.intelligence.gov/index.php/ic-on-the-record-database/results/790-outgoing-nsa-deputy-director-john-inglis-interviewed-on-national-public-radio; “Ms. Anne Neuberger, Deputy Assistant to the President and Deputy National Security Advisor for Cyber and Emerging Technology Council on Foreign Relations, https://cdn.cfr.org/sites/default/files/pdf/anne-neuberger-bio.pdf. Accessed 19 Jan. 2022.
Costello, John, and Mark Montgomery. “How the National Cyber Director Position Is Going to Work: Frequently Asked Questions.” Lawfare Blog, 24 Feb. 2021. https://www.lawfareblog.com/how-national-cyber-director-position-going-work-frequently-asked-questions. Accessed 19 Jan. 2022.
Chesney, Robert. “The NDAA’s National Cyber Director: Justifications, Authorities and Lingering Questions.” Lawfare Blog, 7 Dec. 2021. https://www.lawfareblog.com/ndaas-national-cyber-director-justifications-authorities-and-lingering-questions. Accessed 19 Jan. 2022.
Costello and Montgomery, “How the National Cyber Director Position Is Going to Work: Frequently Asked Questions.” Lawfare Blog, Brookings Institution, 24 Feb. 2021, https://www.lawfareblog.com/how-national-cyber-director-position-going-work-frequently-asked-questions#:~:text=The%20office%20will%20be%20headed,senior%20adviser%20for%20cyber%20issues. Accessed 19 Jan 2022.
Bertrand, Natasha. “Biden taps intelligence veteran for new White House cybersecurity role.” Politico, 6 Jan. 2021. https://www.politico.com/news/2021/01/06/biden-white-house-cybersecurity-neuberger-455508. Accessed 19 Jan. 2022.
Dille, Grace. “Biden Officially Names Neuberger for Top NSC Position, Among Other Posts.” Meritalk, 13 Jan. 2021. https://www.meritalk.com/articles/biden-officially-names-neuberger-for-top-nsc-position-among-other-posts/. Accessed 19 Jan. 2022.
“JOINT STATEMENT BY THE FEDERAL BUREAU OF INVESTIGATION (FBI), THE CYBERSECURITY AND INFRASTRUCTURE SECURITY AGENCY (CISA), THE OFFICE OF THE DIRECTOR OF NATIONAL INTELLIGENCE (ODNI), AND THE NATIONAL SECURITY AGENCY (NSA).” Cybersecurity and Infrastructure Security Agency, 5 Jan. 2021. https://www.cisa.gov/news/2021/01/05/joint-statement-federal-bureau-investigation-fbi-cybersecurity-and-infrastructure. Accessed 19 Jan. 2022.
Miller, Maggie. “Lawmakers praise upcoming establishment of cyber bureau at State.” The Hill, 26 Oct. 2021. https://thehill.com/policy/cybersecurity/578508-lawmakers-praise-the-upcoming-establishment-of-cyber-bureau-at-state?rl=1. Accessed 19 Jan. 2022.
Miller, Maggie. “New State Department cyber bureau stirs opposition.” The Hill, 31 Jan. 2021. https://thehill.com/policy/cybersecurity/536579-new-state-department-cyber-bureau-stirs-opposition. Accessed 19 Jan. 2022.
“Cyber Diplomacy: State Should Use Data and Evidence to Justify Its Proposal for a New Bureau of Cyberspace Security and Emerging Technologies.” U.S. Government Accountability Office, 28 Jan. 2021. https://www.gao.gov/products/gao-21-266r. Accessed 19 Jan. 2022.
Marquardt, Alex. “CIA will focus on China with new mission center.” CNN, 7 Oct. 2021. https://www.cnn.com/2021/10/07/politics/cia-china-mission-center/index.html. Accessed 19 Jan. 2022.
Vincent, Brandi. “DOD to Hire First-Ever Chief Digital and Artificial Intelligence Officer, Form New Office.” NextGov, 8 Dec. 2021. https://www.nextgov.com/emerging-tech/2021/12/dod-hire-first-ever-chief-digital-and-artificial-intelligence-officer-form-new-office/187399/. Accessed 19 Jan. 2022.
“CIA Makes Changes to Adapt to Future Challenges.” Central Intelligence Agency, 7 Oct. 2021. https://www.cia.gov/stories/story/cia-makes-changes-to-adapt-to-future-challenges/. Accessed 19 Jan. 2022.
Conger, Kate. “Trump’s hiring freeze is taking jobs away from cybersecurity students.”Tech Crunch, 22 Feb. 2017. https://techcrunch.com/2017/02/22/trumps-hiring-freeze-is-taking-jobs-away-from-cybersecurity-students/?guccounter=1. Accessed 19 Jan. 2022.
Serbu, Jared. “Pentagon orders 16 specific exemptions to federal hiring freeze.” Federal News Network 2 Feb 2017. https://federalnewsnetwork.com/defense/2017/02/pentagon-orders-16-specific-exemptions-federal-hiring-freeze/. Accessed 19 Jan. 2022.
Mazmanian, Adam. “Watchdog: Hiring freeze increased cyber risk at State.” FCW, 15 Aug. 2019. https://fcw.com/security/2019/08/watchdog-hiring-freeze-increased-cyber-risk-at-state/210979/. Accessed 19 Jan. 2022.
Miller, Jason. “Congress wants more, better federal cyber workers despite hiring freeze.” Federal News Network, 27 Feb. 2017. https://federalnewsnetwork.com/reporters-notebook-jason-miller/2017/02/congress-wants-better-federal-cyber-workers-despite-hiring-freeze/. Accessed 19 Jan. 2022.
Miller, Maggie. “DHS announces new program to attract and retain cybersecurity talent.” The Hill, 15 Nov. 2021. https://thehill.com/policy/cybersecurity/581527-dhs-announces-new-program-to-attract-and-retain-cybersecurity-talent?rl=1. Accessed 19 Jan. 2022.
“Secretary Mayorkas Announces Most Successful Cybersecurity Hiring Initiative in DHS History.” U.S. Department of Homeland Security, 1 Jul. 2021. https://www.dhs.gov/news/2021/07/01/secretary-mayorkas-announces-most-successful-cybersecurity-hiring-initiative-dhs. Accessed 19 Jan. 2022.
“Deputy Attorney General Lisa Monaco Announces Creation of New Cyber Fellows Positions.” U.S. Department of Justice, 27 Aug. 2021. https://www.justice.gov/opa/pr/deputy-attorney-general-lisa-monaco-announces-creation-new-cyber-fellows-positions. Accessed 19 Jan. 2022.
Hamilton, Jillian. “CIA Wants to Speed up Hiring Process and Leidos Wins $300M NSA SIGINT Award.” ClearanceJobs, 8 Oct. 2021. https://news.clearancejobs.com/2021/10/08/cia-wants-to-speed-up-hiring-process-and-leidos-wins-300m-nsa-sigint-award/. Accessed 19 Jan. 2022.
“Secretary Mayorkas Announces Most Successful Cybersecurity Hiring Initiative in DHS History.” Press Release, U.S. Department of Homeland Security. 1 Jul. 2021, https://www.dhs.gov/news/2021/07/01/secretary-mayorkas-announces-most-successful-cybersecurity-hiring-initiative-dhs#:~:text=Secretary%20Mayorkas%20Announces%20Most%20Successful%20Cybersecurity%20Hiring%20Initiative%20in%20DHS%20History,-Release%20Date%3A&text=Mayorkas%20announced%20the%20Department's%20largest,additional%20500%20tentative%20job%20offers. Accessed 19 Jan. 2022.
Clarke, Aaron. “2021 Reader’s Guide to Understanding the Proposed US Cyber Enforcement Budget.” Third Way, 23 Sep. 2021. https://www.thirdway.org/memo/2021-readers-guide-to-understanding-the-proposed-us-cyber-enforcement-budget. Accessed 19 Jan. 2022.
Baksh, Mariam. “House Passes NDAA Without Cyber Incident Reporting Legislation.” Nextgov, 8 Dec. 2021, https://www.nextgov.com/cybersecurity/2021/12/house-passes-ndaa-without-cyber-incident-reporting-legislation/187380/. Accessed 19 Jan 2021.
“Federal Regulators Issue New Cyber Incident Reporting Rule for Banks.” Hunton Privacy Blog, Hunton Andrews Kurth LLP, 23 Nov. 2021, https://www.huntonprivacyblog.com/2021/11/23/federal-regulators-issue-new-cyber-incident-reporting-rule-for-banks/. Accessed 19 Jan 2021.
“Deputy Attorney General Lisa O. Monaco Announces New Civil Cyber-Fraud Initiative.” Press Release, Department of Justice, 6 Oct. 2021, https://www.justice.gov/opa/pr/deputy-attorney-general-lisa-o-monaco-announces-new-civil-cyber-fraud-initiative. Accessed 19 Jan 2021.
Jones, David. “DOJ cracks down on ransomware with cyber task force, civil fraud initiative.” CyberSecurity Drive, 7 Oct. 2021, https://www.cybersecuritydive.com/news/DOJ-ransomware-task-force-contractors-breach/607837/. Accessed 19 Jan 2021.
“Deputy Attorney General Lisa O. Monaco Announces National Cryptocurrency Enforcement Team.” Press Release, Department of Justice, 6 Oct. 2021, https://www.justice.gov/opa/pr/deputy-attorney-general-lisa-o-monaco-announces-national-cryptocurrency-enforcement-team. Accessed 19 Jan 2021.