A new survey from Tripwire, a security and compliance automation software provider, found that organizations need to go back to basics and make sure they are properly implementing and maintaining cybersecurity fundamentals. The survey, released today, found that organizations are not focusing on basic security controls that the Center for Internet Security (CIS) refers to as “cyber hygiene.” […]

The U.S. Cyber Command (Cybercom) and the National Security Agency have joined the effort to protect the integrity of this year’s midterm elections, which are occurring under the shadow of Russia’s meddling in the 2016 election and warnings from U.S. intelligence agencies that 2018 is seeing more of the same. […]

Federal CIO Suzette Kent said today at the FCW Cybersecurity Summit that continuous dialogue and attention on cybersecurity priorities are working to move the Federal government collectively in the right direction at a time when the need for unified effort is paramount. […]

Officials in government, the private sector, and academia discussed their efforts to establish a defensive posture and use technology-augmented programs to deter and detect insider threats, at an event hosted by Nextgov and Equifax Tuesday. […]

The Pentagon is looking to get into the weeds with cyber defense, using artificial intelligence to hunt down attacks that may use the size and complexity of its systems to hide out while waiting to strike. […]

Welcome to MeriTalk News Briefs, where we bring you all the day’s action that didn’t quite make the headlines. No need to shout about ‘em, but we do feel that they merit talk. […]

Wayne Belk, director of the National Insider Threat Task Force (NITTF), said today at an event hosted by Nextgov and Equifax that his unit in the Office of the Director of National Intelligence is now working with the Defense Department to clarify and strengthen the roles of the Federal government’s insider threat staff, beginning with its security analysts. […]

Carol Harris, director for information technology acquisition management issues at the Government Accountability Office (GAO), will take over the FITARA-related responsibilities of Dave Powner–GAO’s departing director of IT issues–while Nick Marinos, director of cybersecurity and information management at GAO, will pick up Powner’s responsibilities on Census issues, GAO confirmed to MeriTalk.   […]

The Department of Homeland Security (DHS) on Monday convened a conference call with the National Association of Secretaries of State (NASS) and the National Association of State Election Directors (NASED) regarding cybersecurity and ongoing threats to the 2018 midterm elections. […]

Bill Evanina, director of the National Counterintelligence and Security Center (NCSC) in the Office of the Director of National Intelligence, said today that the billions of dollars the U.S. government and private sector spend each year on cybersecurity are not being properly and efficiently utilized unless government and industry wrap human resources departments tightly into security discussions. […]

Federal agencies must build “identity-aware” infrastructures to effectively monitor and manage user access to information and information systems across their enterprise for more secure and efficient operations, according to cybersecurity experts. […]

U.S. Census Bureau CIO Kevin Smith said that the Department of Homeland Security performed penetration tests this year that were unable to break through Census’ data safeguards, confirming the strength of Census’ cybersecurity programs for both its self-response website and in-field mobile devices. […]

The Department of Defense is getting on board with some critical website and email protections that have been mandated across civilian Federal government agencies, even if it is lagging somewhat behind other departments in applying encryption and anti-phishing measures. […]

Department of Homeland Security Under Secretary Chris Krebs, head of the agency’s National Protection and Programs Directorate (NPPD), has named Bob Kolasky to serve as director of the newly-established National Risk Management Center (NRMC), a DHS official confirmed to MeriTalk today. […]

Brad Nix, senior advisor at the Department of Homeland Security’s National Cybersecurity and Communications Integration Center (NCCIC), said Thursday at MeriTalk’s Cyber Security Brainstorm that DHS’s establishment earlier this week of its new National Risk Management Center represents “an acknowledgement on our end that there is more to be done” to assess risk faced by critical infrastructure sectors–some of whom have less-well developed abilities to detect and respond to threats. […]

The NIST Small Business Cybersecurity Act, S. 770, is heading to President Trump’s desk where he is expected to sign it into law soon. […]

Federal IT leaders discussed the ways their organizations are tackling the proliferation of more and more endpoints on Federal networks at MeriTalk’s Cyber Security Brainstorm Thursday. In particular, ever-increasing mobile connectivity is creating the potential for further headaches, but the officials advised that next-gen technologies and proper network and data governance provide avenues to expand the ways employees work without compromising security at the network edge. […]

Sen. Ron Wyden, D-Ore., wants to understand what the Department of Homeland Security (DHS) has learned from Domain-based Message Authentication, Reporting, and Confirmation (DMARC) reports about cyber criminals using email to impersonate Federal agencies. […]

Paul Beckman, chief information security officer at the Department of Homeland Security, said Thursday at MeriTalk’s Cyber Security Brainstorm that software-defined networking, adopting a zero-trust model, and optimizing DHS’ security operations centers (SOC) are his biggest emerging priorities to promote better security across the department. […]

Welcome to MeriTalk News Briefs, where we bring you all the day’s action that didn’t quite make the headlines. No need to shout about ‘em, but we do feel that they merit talk. […]

Former U.S. Chief Information Security Officer Greg Touhill today called on Congress and the Trump administration to work together to take “bold action” to advance Federal government IT modernization, arguing that investments in modernization would pay off with a host of benefits including better IT security. […]

Federal CIO Suzette Kent, chair of the Technology Modernization Fund (TMF) board, said today she recognizes the imperative to share data with Congress on TMF progress, as the opportunity to secure […]

Federal CIO Suzette Kent said today at MeriTalk’s Cyber Security Brainstorm that the Federal government needs to possess a “never done” mindset when it comes to tackling persistent cyber threats and the related imperative to modernize Federal agency IT environments in order to address the threats. […]

Sens. Lindsey Graham, R-S.C., Sheldon Whitehouse, D-R.I., and Richard Blumenthal, D-Conn., introduced two pieces of legislation on Tuesday designed to improve cybercrime prevention and strengthen U.S. election infrastructure. […]

Panelists at MeriTalk’s Cyber Security Brainstorm on Thursday will shed light on a host of vital cybersecurity issues, including threats to control systems, the foundational importance of security to IT modernization efforts, and the keys to success in risk-based security practices, according to a sneak peek into the thinking of just a few of the 25 experts scheduled to speak. […]

Vice President Mike Pence, speaking at the Department of Homeland Security National Cybersecurity Summit today, called upon Congress to pass long-delayed legislation that would officially create the Cybersecurity and Infrastructure Security Agency (CISA) under DHS. […]

Speaking at the Department of Homeland Security’s (DHS) inaugural National Cybersecurity Summit, Christopher Krebs, under secretary for DHS’ National Protection and Programs Directorate, announced formation of the Information Communications Technology Supply Chain Task Force. […]

Following the Department of Homeland Security’s announcement of a new National Risk Management Center, critical infrastructure executives along with Federal agency leaders hailed the new coordinating wing of DHS as a way to harness the collective strengths of both government and industry to address cyber concerns that have the potential to hobble the nation’s critical functions. […]

The Department of Homeland Security (DHS) will launch a National Risk Management Center this week to provide a first response outlet for private sector critical infrastructure companies that are targeted by cyberattacks, DHS Secretary Kirstjen Nielsen announced today. […]

Security in the cloud is a shared responsibility between cloud service providers (CSPs) and government organizations. CSPs provide agencies with a secure platform to operate on, but it is the responsibility of agency security leaders to ensure the applications that are being hosted have been hardened, according to security experts. […]