The Census Bureau did not implement security baselines and basic security practices for its cloud implementation, leading to “severe risks to 2020 Census cloud environments,” according to an audit from the Department of Commerce Inspector General released June 19. […]
In its June update to its agency goals under the President’s Management Agenda, the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) revealed it is unlikely to meet goal on cyber hygiene scanning, intrusion detection, and high value asset vulnerability mitigation. […]
Sens. Gary Peters, D-Mich., and Rob Portman, R-Ohio, introduced the State and Local Government Cybersecurity Act on June 18. […]
The National Institute of Standards and Technology (NIST) released a draft of a new publication offering additional guidance for securing Controlled Unclassified Information (CUI) in non-Federal systems, aimed at protecting high value assets from foreign adversaries. […]
Sens. Cory Gardner, R-Colo., and Ed Markey, D-Mass., introduced the Hack Your State Department Act on June 12. […]
The National Institute of Standards and Technology (NIST) released the finalized version of Special Publication (SP) 800-205 today, offering a guide for implementing attributes in Federal access control systems. […]
A new zero-day flaw has been discovered in a TP-Link Wi-Fi extender, according to an IBM blog post published today. […]
The United State Patent and Trademark Office (USPTO) did not properly manage its active directory, leaving multiple vulnerabilities and showing little improvement from previous audits of the agency’s cybersecurity posture, according to a Department of Commerce Office of Inspector General (IG) report released June 13. […]
Among the many amendments that representatives will pitch next week to adjust the House spending package, Reps. Anthony Brown, D-Md., and Tim Walberg, R-Mich., look to introduce amendments to increase cybersecurity funding. […]
Today, Reps. Jim Himes, D-Conn., and John Ratcliffe, R-Texas introduced new legislation that would establish election interference as a Federal crime. The bipartisan bill, dubbed the Defending the Integrity of Voting Systems Act, would make it a Federal crime to hack a voting system used in a Federal election. […]
The latest survey by Unisys of consumer security concerns found that Americans are more alarmed about the possibility of identity theft and bankcard fraud than they are about national security in general. […]
The Congressional Budget Office (CBO) estimated on June 7 that H.R.1648, the Small Business Advanced Cybersecurity Enhancements Act of 2019, will cost about $2 million annually to implement, and $11 million in total between 2019 and 2024, if the bill is enacted. […]
Sen. Ron Wyden, D-Ore., requested information on how the Department of Justice (DoJ) is securing its offensive cyber tools in a June 5 letter to Attorney General William Barr. […]
The Congressional Budget Office (CBO) released its cost estimate for the Small Business Administration (SBA) Cyber Awareness Act, H.R. 2331 and S. 772, on May 20, and said the bill would cost nothing to implement. […]
The Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA) published a list of best practices for securing election systems on May 21. […]
A bipartisan group of Federal legislators wrote Secretary of State Mike Pompeo and Director of National Intelligence Dan Coats on May 20 urging “greater scrutiny and regulation of private companies providing highly advanced surveillance capabilities to governments with troubling human rights records.” […]
President Trump was a victim of hacking on May 17 when four false scores were posted to Trump’s United States Golf Association-administered Golf Handicap and Information Network (GHIN) system. The scores were middling by golf standards (101, 100, 108 and 102), and deviated from Trump’s typical reported scores which fall in the 70s and 80s. […]
President Donald Trump declared a “national emergency” when he signed an executive order (EO) on May 15 that would grant Federal authority to prohibit the adoption of foreign adversaries’ telecom suppliers. Though the order was signed only a day ago, both legislators and trade groups have already weighed in and the EO has received mostly positive reviews. […]
The vast majority of security IT decision makers are willing to share threat intelligence data with the government to help improve decision making when it comes to cyberattacks, according to an IronNet survey release today. […]
North Korean-state sponsored hackers, known as ScarCruft, are targeting Bluetooth devices with a new strain of malware. […]
A Russian hacker collective known as Fxmsp claimed on April 24 that it breached three large U.S.-based antivirus companies. […]
The Cybersecurity Tech Accord (CTA) announced May 9 that 16 new companies have signed on to the agreement, bringing the total to more than 106 signatories one year after its creation. […]
Sen. Angus King, I-Maine, and Rep. Mike Gallagher, R-Wis., announced the formal launch of the Cyberspace Solarium Commission (CSC) on May 8. The two lawmakers will lead the 14-person Commission. […]
Federal CIO Suzette Kent met with members of the National Association of State Chief Information Officers (NASCIO) today to discuss strengthening the partnerships between Federal and state governments. […]
In honor of World Password Day on May 2, OneLogin released a new report on corporate password practices. […]
While few can pronounce the Air Force CTO’s name – zero can spell it – which leads us in nicely to Frank Konieczny’s presentation on Zero Trust at Akamai’s event on Tuesday, April 30, “Zero Trust: Moving Beyond Perimeter Security.” […]
The Department of Justice announced May 3 that it, in partnership with German authorities, has charged three German nationals with operating Wall Street Market (WSM), “which was one of the world’s largest dark web marketplaces that allowed vendors to sell a wide variety of contraband,” including malware. […]
The Executive Order on America’s Cybersecurity Workforce, released by the White House on Thursday, May 2, is earning mostly positive reviews from both sides of the aisle on Capitol Hill, as well as industry. […]
On the Hill, Cybersecurity and Infrastructure Security Agency Chris Krebs made the case for his agency’s FY2020 $3.17 billion budget request – which represents a cut over FY2019 funding levels – during an April 30 House Committee on Homeland Security Subcommittee on Cybersecurity, Infrastructure Protection, and Innovation hearing. In a rare move, there was strong bipartisan support for increasing the funding request and providing more funding to help improve the nation’s cybersecurity posture. […]
From the still-budding promise of automation technologies to the ever-growing threat of cyber vulnerabilities, partnerships both within the private sector and with the Federal government will shape the contours of large-scale IT advancement in the coming years, explained Yogesh Khanna, CTO at General Dynamics Information Technology, at GDIT’s Emerge event in Washington on Tuesday. […]