News out of the Australian government this month provided a glaring reminder that the weakest link in the cybersecurity chain isn’t software vulnerabilities or patching cycles, it’s the person behind the keyboard. […]
Email authentication technologies provider Valimail said today it will provide its email anti-fraud service free of charge to state boards of election, voting system vendors, and major-party U.S. election campaigns. […]
The ransomware attack on the city of Atlanta in March of this year, which brought down numerous online city services for several days, should be seen as a warning for similar attacks on municipalities in the future with even more drastic impacts as city services become more reliant on IT systems, a senior Department of Homeland Security official said Tuesday. […]
Matthew Travis, deputy undersecretary of the Department of Homeland Security’s National Programs and Protection Directorate (NPPD), said today that DHS’s recently-established National Risk Management Center (NRMC) represents the agency’s plan to play “the long game” in defending U.S. critical infrastructure sectors from attacks. […]
Members of the House Committee on Energy and Commerce called on the Department of Homeland Security (DHS) to conduct biennial reviews and provide dedicated funding to the Common Vulnerabilities and Exposures (CVE) program after finding erratic contracts and little planning documentation. The request was made via a letter to DHS Sec. Kirstjen Nielsen on Monday. […]
The Department of Homeland Security (DHS), the Federal Bureau of Investigation (FBI), Facebook, and Microsoft hosted a joint briefing on Friday, Aug. 24, for the National Association of Secretaries of State (NASS) and the National Association of State Election Directors (NASED) regarding “actions being taken to combat malicious interference operations.” […]
La’Naia Jones, Deputy CIO of the Intelligence Community, said today that the commoditization of hacking capabilities, expansion of IT supply chain exploits, and nation-state use of ransomware have come to the attention of the IC as primary areas of interest in the fight for better cybersecurity. […]
The Department of Homeland Security is working with multiple Federal agencies to develop a new “risk radar” that will help agencies’ top executives contextualize cybersecurity risk and clarify where they need to apply focus and resources, according to Mark Kneidinger, director of the Federal Network Resilience division of DHS’ Office of Cybersecurity and Communications (CS&C). […]
Thomas Fanning, chief executive officer of Atlanta-based electric utility holding company Southern Co. and a key player in developing private-sector cybersecurity policy, said today at a Senate subcommittee hearing that he has begun to have interactions with senior Federal government military leaders about capabilities to “hack back” at cyber attackers, but emphasized he believes that those types of retaliatory capabilities need to remain in the hands of the military rather than become a corporate function. […]
The Department of Homeland Security today released a request for information (RFI) calling on the private sector to provide DHS with information on strategies and tools to augment its cyber supply chain risk management program. […]
The Defense Department is pushing full speed ahead on modernization efforts, with recent strides made on a $28 billion R&D project, a $10 billion cloud infrastructure proposed contract, efforts to move cyber defense infrastructure to the cloud, along with myriad advanced research and futuristic projects. They’re even working to overhaul their travel planning system. Call it AirDoD, perhaps? […]
Federal Communications Commission Chairman Ajit Pai today defended his year-long public insistence that the FCC was the victim of a distributed-denial-of-service (DDoS) attack which impacted its electronic comment filing system during the agency’s net neutrality rulemaking proceeding last year, but admitted to having his own doubts about the cause of the system problem. […]
Cybersecurity solutions provider Cylance today announced that it is offering free artificial intelligence-based antivirus software “to support all 2018 U.S. political campaigns” in the wake of pervasive election security concerns across the Federal government. […]
The information security market will grow 8.7 percent, to $124 billion, in 2019, according to a forecast released today by research firm Gartner. […]
In advance of his appearance before the Senate Commerce, Science, and Transportation Committee scheduled for tomorrow, four House Democrats hammered Federal Communications Commission Chairman Ajit Pai over statements he made in 2017 that the FCC was a victim of a distributed-denial-of-service (DDOS) attack which impacted its electronic comment filing system during the agency’s net neutrality rulemaking proceeding last year. […]
The idea that you can’t trust everything you see on the Internet is a conventional, if sporadically followed, wisdom. But as hackers become increasingly skilled and sneaky, as “fake news” officially enters the dictionary, and as fake video and fake audio become more of a thing, you might not necessarily be paranoid to wonder if you can trust anything. […]
The Federal Bureau of Investigation (FBI) welcomed several new faces to cybersecurity and IT leadership positions on Monday, as FBI Director Christopher Wray announced four appointments to leadership positions. […]
The National Security Agency published a news feature today that provides a new, NSA-developed resource for organizations looking to promote the well-being of their cybersecurity personnel. Dr. Celeste Lyn-Paul, senior researcher and technical advisor at NSA Research, and Dr. Josiah Dykstra, deputy technical director of NSA Cybersecurity Operations, developed the Cyber Operations Stress Survey (COSS) to help gauge stress levels of security personnel in high-risk environments. […]
Sen. Edward Markey, D-Mass., is pressing major electric utility companies for details about whether and when their systems have been penetrated by Russian-affiliated hackers, and at the same time is querying several Federal agencies about what they are doing to help utilities recognize and prevent attempts to break into their networks and control systems. […]
The state of Maryland is not properly securing Medicaid data and information systems, according to a Department of Health and Human Services (HHS) Office of Inspector General (OIG) report released today that found “numerous significant system vulnerabilities” in the state’s IT systems. […]
MITRE, a manager of Federally-funded research and development centers targeting Federal defense, intelligence, and cybersecurity functions, recommended in a new report released today that the Defense Department (DoD) undertake a sweeping menu of actions to improve military supply chain security, and warned that maintaining the status quo of current security policy may have ruinous consequences. […]
As Federal agencies adopt DevOps practices to shorten development cycles and increase deployment frequency, security must be interwoven into every aspect of the process from design, through coding, testing, release, and operation. […]
A bipartisan group of House Intelligence Committee members today introduced the Secure Elections Act that would help state and local governments apply for Federal grants to modernize their election systems and receive relevant cyber threat information. […]
People power took the stage during a panel on Thursday at FCW’s Cybersecurity Summit as participants emphasized the importance of supporting cybersecurity personnel to ensure quick and effective responses to threats. […]
A former top White House cybersecurity policymaker and IT systems manager at the Department of Education said today at the FCW Cybersecurity Summit that Federal agencies should expect to become targets of sophisticated cyber attacks and should count on assistance from other entities including their cloud service providers to meet those assaults. […]
Welcome to MeriTalk News Briefs, where we bring you all the day’s action that didn’t quite make the headlines. No need to shout about ‘em, but we do feel that they merit talk. […]
The Department of Veterans Affairs (VA) is working to ensure robust cybersecurity across multiple cloud providers, said an agency cybersecurity leader at FCW’s Cybersecurity Summit on Thursday. […]
The Small Business Administration’s (SBA) Deputy CIO Guy Cavallo and CTO Sanjay Gupta said today at the FCW Cybersecurity Summit that their agency’s unorthodox approach to the Continuous Diagnostics and Mitigation (CDM) Program is yielding a ton of practical benefits, even though it required a bit of a departure from CDM’s initial guidelines. Now, SBA is providing a new potential model for other agencies – many struggling with the first of CDM’s four phases – to use when considering how to achieve the outcomes the program intends. […]
Agencies have 68 days remaining to achieve compliance with the Department of Homeland Security’s (DHS) binding operation directive (BOD) 18-01, which requires the active enforcement of the Domain Message Authentication, Reporting, and Conformance (DMARC) protocol. […]
Federal agencies should reduce complexity to fight back against cybersecurity threats, government and private sector participants said during a panel at FCW’s Cybersecurity Summit. […]