Sen. Sheldon Whitehouse, D-R.I., said that he is concerned about the Trump administration’s widespread adoption of the NIST Cybersecurity Framework. “The NIST Framework has never been adequately validated,” he said, adding that he wonders whether agencies have accepted it because it’s effective or because “compliance demands so little effort.” […]
Representatives from Facebook, Twitter, and Google told Congress on Oct. 31 that they’ve had to learn how to combat nontraditional cyberattacks, like the spread of disinformation, rather than focusing on malware attacks alone to protect consumers. […]
As hospital chief information security officers report that their networks are under constant attempts at intrusion, the Food and Drug Administration (FDA) is taking a look at how medical devices can be used as access points into the larger networks. […]
Following a House hearing on the cyber workforce shortage, the Department of Homeland Security released information about cyber training programs. […]
Cybersecurity experts offered solutions to protect the U.S. electric grid, including moving the grid off of the public Internet, and using quantum encryption capabilities. “The nation’s electrical grid is a vital resource upon which our economy and our citizens’ daily lives depend,” said Richard Raines, director of the Electrical and Electronics Systems Research Division at Oak Ridge National Laboratory. “It is also a system that is highly vulnerable to cyber intrusions as more and more utility controls and ‘smart’ technologies rely on public Internet connections.” […]
Many Federal agencies still struggle with overcoming security concerns when transitioning to the cloud, according to a MeriTalk report, To Cloud or Not to Cloud? That Isn’t the Question. Thirty-five percent of Federal IT leaders said that the security of their existing private cloud environments is excellent, compared to 21 percent for public cloud security. […]
The Department of Homeland Security published tips on Staying Safe in a ‘Smart’ World, which tells citizens how to navigate an environment full of the Internet of Things. […]
Jeff T.H. Pon, the nominee for director of the Office of Personnel Management, said that his top priority for the agency will be IT modernization. “Outside of work, Federal employees are able to access nearly any piece of information they need, from their bank accounts to student loans to car insurance, all on their phone,” he said. “We need to work toward providing the employees of the Federal government with the same conveniences with regards to their employment within the Federal government, with appropriate attention to information security.” […]
The Inspector General of the Small Business Administration (SBA) found that the agency’s IT leadership needs to address the Federal Information Technology Acquisition Reform Act (FITARA) and cybersecurity threats. […]
Federal IT leaders are shifting focus from trying to secure every system to prioritizing the systems that need the most security controls. “We realized that no matter how much we protected our systems, something could happen,” said Thresa Lang, deputy director of the Navy Cybersecurity Division, at CISQ’s Cyber Resilience Summit on Oct. 19. […]
The Department of Homeland Security’s National Protection and Programs Directorate is standing up shared Continuous Diagnostics and Mitigation cloud security resources for small agencies. “That’s a rock star idea that’s coming to a government near you,” said Jeffrey Eisensmith, chief information security officer for DHS. […]
Federal agencies are focusing on ways they can leverage new technologies, such as automation, to improve IT service management and streamline cybersecurity processes, as they work to keep up with a threat landscape that changes constantly. ServiceNow’s Bob Osborn said that ServiceNow is integrating artificial intelligence capabilities into its platform so that agencies can use the newest automation technologies as they become available. […]
Sen. Sheldon Whitehouse, D-R.I., told Attorney General Jeff Sessions on Oct. 18 that he has found it impossible to talk to anyone from the Department of Justice about cybersecurity legislation. Whitehouse said during a hearing before the Senate Judiciary Committee that intelligence officials have told the committee that the election systems could be hacked by foreign actors. Whitehouse is interested in working with different agencies to develop legislation on cybersecurity. […]
The Department of Homeland Security met with the Election Infrastructure Coordinating Council to discuss risk management tactics for election cybersecurity. The council is working to build partnerships to keep election systems secure. […]
When Maria Roat became the chief information officer of the Small Business Administration, she had a few goals to accomplish in the first year: Get on Microsoft Office 16 and Windows 10, get to four racks on the agency’s data center, and move from copper to fiber. For a small government agency, these goals were ambitious. In Roat’s first month at SBA, a third of the agency’s network was saturated. Roat partnered with Microsoft to make these goals a reality. […]
The Department of Defense is recognizing National Cybersecurity Month by expanding cybersecurity education to families of service members. “This is not just an IT issue,” said Essye Miller, deputy CIO for cybersecurity and chief information security officer for DoD. “Everyone that’s operating on the network has a responsibility.” […]
The FBI needs access to encrypted files in order to protect the nation against cyber crime, according to Deputy Attorney General Rod Rosenstein. “Encryption is essential,” Rosenstein said “It is a foundational element of data security and authentication. It is central to the growth and flourishing of the digital economy. We in law enforcement have no desire to undermine encryption. But ‘warrant-proof’ encryption poses a serious problem.” […]
The FirstNet national communications network for first responders still faces challenges to ensure the network’s reliability, security, and interoperability. Mark Goldstein, director of physical infrastructure issues at the Government Accountability Office, said that FirstNet struggles with providing network coverage to rural and hard-to-reach areas, ensuring the network’s overall resiliency and cybersecurity, managing frameworks for verifying user identity, and prioritizing the users on the network. […]
Rep. Will Hurd, R-Texas, is working on the text of his bill to create the Cyber National Guard, a scholarship program that will help train students for cybersecurity jobs in the Federal government. Students who apply for the Cyber National Guard would receive scholarship money for cybersecurity training programs. Once the students graduate, they would spend the same number of years working for a Federal agency as they did receiving scholarship money to attend school. […]
The State Department is seeking to use blockchain technology to improve its IT platforms and to restructure the agency. The reorganization plan seeks to reduce the workforce, save Federal money, and maximize employee productivity. […]
With the new focus on innovation in Federal IT, agency CIOs said they will modernize whether they like it or not. The increased conversations about modernization have changed the way agency CIOs talk to their leadership about IT, according to Pamela Dyson, CIO of the Securities and Exchange Commission (SEC). […]
The Department of Homeland Security has confirmed to MeriTalk that Barry West will serve as the acting deputy CIO, as well as be appointed to a limited-term senior executive service position as senior adviser. […]
South Korean officials announced that they suspect that North Korean hackers stole U.S. and South Korean military documents. A South Korean newspaper reported that hackers stole 235 gigabytes of documents from South Korean military networks in August and September of 2016. The documents included U.S. and South Korea personnel reports and a plan to assassinate North Korean leader Kim Jong Un. […]
The Federal Deposit Insurance Corporation collection of personally identifiable information was hacked 54 times between Jan. 1, 2015, and Dec. 1, 2016, according to an Inspector General report. […]
Former Secretary of State Hillary Clinton said on Oct. 6 that the Federal government needs to classify cyberattacks on the United States as acts of war. Clinton referred to the Russian hacks on the Democratic National Committee as a reason for the U.S. to retaliate against such breaches. […]
President Donald Trump issued a memorandum on Oct. 5 that requires Federal agencies to set up an information sharing network to correspond about threats to national security. […]
Senators in hearings this week denounced Equifax’s handling of the data breach that is now estimated to have affected 145 million Americans. Equifax Chairman and former CEO Richard Smith testified before the Senate Committee on Banking, Housing, and Urban Affairs on Oct. 4. […]
Industry experts told Congress on Oct. 3 that regulations are necessary to secure the Internet of Things. “Is the industry doing enough to ensure the security of IoT devices?” Rep. Jamie Raskin, D-Md., asked at the IT Subcommittee hearing on the Cybersecurity of IoT. […]
Rep. Will Hurd, R-Texas, called for the administration to nominate more permanent agency chief information officers. “I’m worried that we don’t want to stall some of the progress that we’ve achieved over the last couple of years,” Hurd said. […]
The Department of Homeland Security plans next month to stand up a governmentwide dashboard that will give the agency visibility into all of the Federal networks. The dashboard is part of the Continuous Diagnostics and Mitigation program, which was supported in the White House’s IT Modernization report. […]