The proliferation of digital platforms within the government–including mobile devices, cloud computing and the Internet of Things–has increased the sprawl of the computing landscape and with it new vulnerabilities for potential cyber attacks. […]

Reports surfaced five years ago that the Kremlin had started buying typewriters to avoid computer leaks. Suffice to say, it’s a complicated cyber world out there today–from nation states to cyber criminals to organized crime to 400lbs guys in their bedrooms in New Jersey. And, in this dynamic environment, the only thing we know for sure is that the way we’ve done things before won’t protect us anymore. Trustwave Government Solutions is debuting its new Threat Hunting service for forward-leaning government agencies that are tired of having their cyber clocks cleaned. […]

Pentagon and allied leaders agree that future conflicts will likely take the shape of a “hyperwar” –a fast-paced clash guided via cyberspace and accelerated by artificial intelligence, but with real, even possibly nuclear, consequences. NATO’s most recent risk report, the GLOBSEC NATO Adaptation Initiative, states that the next world war could come as a hyperwar, and says North Korea, China, and Russia are working on the capability. Speakers on a panel at this month’s AFCEA West 2018 conference in San Diego agreed, emphasizing that the United States needs to keep up with technological developments being adopted by other countries, particularly with regard to artificial intelligence (AI). […]

With the passion of an evangelical, Deputy Defense Secretary Patrick Shanahan preached the Defense Department’s (DoD) “uncompromising” approach to cybersecurity last month at the AFCEA West conference in San Diego. And, his sermon included spreading the responsibility for cybersecurity to industry as a condition of winning contracts. […]

The Department of Justice (DOJ) announced a new Cyber-Digital Task Force on Tuesday. The group will examine both how DOJ currently combats cyber threats and ways it could improve its cyber threat response. […]

The Trump Administration’s proposed $4.4 trillion budget for FY2019 would add some money to the cybersecurity pot, supporting ongoing programs and manpower levels, while cutting back on cybersecurity research and redistributing where the research money goes. Administration budget requests are largely political documents whose numbers won’t hold up once Congress gets done with making the sausage, but they do reflect White House priorities. […]

Smart devices, emerging technologies, automated processes, cloud, mobile, IoT – all connected and programmable. This is the modern era of government – and the new, elastic, attack surface to defend. How can agencies efficiently adopt Cyber Exposure, an emerging discipline for managing and measuring every aspect of your modern computing environment to accurately understand and reduce cyber risk? […]

In an interview with MeriTalk’s Steve O’Keeffe, Powner shares more on his role at the GAO and the direction he thinks Federal IT needs to take in the New Year.  […]

It’s no secret that phishing attacks give hackers access to sensitive government data and credentials. With an increasingly mobile Federal workforce, and the introduction of new vectors for phishing including SMS and messaging apps, how do Federal cyber teams develop a comprehensive strategy to protect against potentially catastrophic data loss from phishing? […]

Agencies undergoing digital transformation are combining on-premise, hybrid, and multiple cloud solutions into their environments. To that end, agencies need to weave cloud security and protection of on-premise systems into their broader security strategy for a true, defense-in-depth approach. […]

We tend to think of international cyber attacks as a new phenomenon: threats only created by recent mass digitalization. But, in reality, they have been around since the Cold War. Back in 1982, the CIA accessed the control system for a Soviet gas pipeline and triggered a massive explosion. At the time, such events were known as ‘logic bombs’. […]

The Pentagon and White House are chewing over what to do about fitness tracking apps, in wake of the news last week that a global heat map posted online by Strava could be used to identify the whereabouts and activities of military personnel, including those in conflict zones and other sensitive areas such as the halls of the National Security Agency. A heat map transforms data into a map in which values are represented by colors, which in this case includes the location of fitness trackers carried by government employees. […]

As we barrel into Valentine’s Day, seems industry is falling in love again with NIST’s cyber framework makeover. Business groups and the tech sector reacted favorably to the latest update to the National Institute of Standards and Technology (NIST) Framework for Improving Critical Infrastructure, but noted more work needs to be done in several key areas. […]

MeriTalk has confirmed ringside rumors that Jeff Eisensmith is looking to hang up his gloves at DHS.  After more than five years going toe-to-toe with America’s cyber adversaries, we’d like to wish America’s leading CISO the very best as he punches out.  […]

CDM & Eggs is back. With Phase 3 just getting underway, a new task order on the street, and a dashboard making headlines, the CDM program continues to support agencies’ ability to identify risks, prioritize vulnerabilities, and mitigate threats in real time. […]

The FBI fell far short of its own goals for fighting cybercrime in 2017, according to a Department of Justice (DOJ) audit. The FBI reported disrupting or dismantling 262 high-level criminal operations targeting global U.S. interests, only about half of its goal of 500, and roughly one-tenth of the 2,492 cybercrime operations it broke up in 2014. […]

The Department of Defense (DoD) would like to get rid of the Common Access Card (CAC), but the problem–finding a suitable replacement. It turns out that the replacement won’t be one thing, but multiple biometric identifiers that combine to make out a person’s identity. […]

The idea of a scorecard seems like a quaint notion, conjuring black and white photos of somebody’s grandad in a fedora, licking the pencil tip before recording the latest play at the old ballgame in his program. […]

The Army’s work on the Internet of Battlefield Things (IoBT) is more than just a way to carve out a catchy name for the proliferation of smartphones, tablets, wearable devices, cameras and embedded devices that take the field with military forces. It also underscores the most important element of having those connected devices–the data collection and automated analytics capabilities required to make good use of the information they provide. […]

House Cybersecurity and Infrastructure Protection Subcommittee chairman Rep. John Ratcliffe, R-Texas, put the Continuous Diagnostics and Mitigation (CDM) program under the microscope in a hearing with industry experts last week. […]

Thousands of Federal contractors could find themselves scrambling to comply with stringent cybersecurity requirements after the General Services Administration (GSA) announced it is tightening the rules for protecting sensitive, non-classified data. […]

The Department of Defense (DoD) says it’s getting ready for the big one, but in this case, it’s not talking about a kinetic attack measured in megatons. It’s referring to a cyberattack measured in terabits. […]

Russian hackers might get all the attention these days, but the Department of Defense (DoD) hasn’t forgotten about WikiLeaks and Edward Snowden. […]

As the new year gets underway, MeriTalk is looking back to some of the top innovators in Federal, state, and local cybersecurity. At the Symantec Government Symposium, MeriTalk’s founder Steve O’Keeffe sat down with the 2017 Cyber Award winners to discuss their success, and what they learned as they worked to stay ahead of cyber threats.   […]

The Federal government wants to speed up adoption of cloud email and collaboration systems. But first it needs an accurate measure of how many agencies have not yet migrated to cloud email. There is definitive data on the benefits of cloud-based email solutions among CFO Act agencies, but no clear data regarding the adoption of cloud-based solutions at small and independent agencies, according to the Report to the President on Federal IT Modernization. […]

A bipartisan bill introduced in the Senate just before the Christmas break aimed at protecting American elections from foreign cyberattacks has been getting generally positive reviews from security professionals. […]

The rising frequency and intensity of cyberattacks on information technology systems that support the government, military, businesses, and critical infrastructure has raised awareness among senior Federal agency managers that security controls cannot be bolted on to systems as an afterthought. Security must be a core part of the design of systems from the beginning, and considered throughout the development lifecycle. […]

In the domain of warfare known as cyberspace, the Air Force’s cyber warriors naturally play a lot of defense, but they do it with the help of cyber weapons designed to add an important layer to the protection of the service’s operations and data. One example is the Air Force Cyberspace Defense (ACD) weapon system, a custom-built, $543 million suite that automates monitoring and analysis of activity on the Air Force Network (AFNET). […]

In 2015, Defense Department (DoD) contractors that handle sensitive DoD information were given extra time to comply with new department cybersecurity regulations. That grace period now is up, and companies must meet these requirements in 2018. […]

The computing world has mobilized en masse in response to the revelation of Meltdown and Spectre, vulnerabilities in computer processors that could open most of the world’s PCs and mobile devices to “side-channel attacks” that could steal data. […]