Secretary of State Mike Pompeo said that a cyberattack could, “in certain circumstances, constitute an armed attack under Article 5 of the U.S.-Japan Security Treaty,” and that the United States would defend Japan in that circumstance. […]

Since FedRAMP introduced the Tailored baseline for Low-Impact Software-as-a-Service (Li-SaaS) in 2017, 11 cloud services at 10 Federal agencies – accounting for 25 percent of all services authorized in 2018 – have achieved Tailored authorizations which has allowed the project management office (PMO) to identify best practices for Cloud Service Providers (CSP) and agencies who may consider a FedRAMP Tailored authorization. […]

Boosting the use of cloud services may be the answer to expanding implementation of zero-trust models of cybersecurity across Federal agencies and departments, Education Department CISO Steven Hernandez said at an ACT-IAC meeting today. […]

Starting next week, David Forscey will join think tank Aspen Cybersecurity Group as its new managing director. […]

The Center for Long-Term Cybersecurity at the University of California-Berkeley released a report on April 15 discussing the importance of improving cybersecurity awareness in underserved populations,  which face “higher-than-average risks of being victims of cyberattacks.” […]

The Internet Society’s Online Trust Alliance (OTA) has released its 2018 Online Trust Audit and Honor Roll results of best adoption practices that build consumer confidence in the internet, and has found that U.S. government entities were the most improved with their honor roll achievement – increasing from 39 percent in 2017 to 91 percent in 2018. […]

The Pentagon’s top research arm is working to build a hack-proof voting machine by combining something brand new with something old – specifically, secure open-source hardware and software using advanced cryptography on one end, and good old paper on the other. […]

The U.S. Chamber of Commerce and FICO released their Q1 Cyber Risk Assessment Report, which found that the “level of cyber risk to the U.S. business community is holding steady.” […]

Sen. Ed Markey, D-Mass., introduced the Privacy Bill of Rights Act, a piece of “comprehensive” Federal privacy legislation on April 12. […]

The Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) released a Malware Analysis Report (MAR) on Wednesday warning industry about cyberattacks from the Lazarus Group, which is widely believed to be backed by the North Korean government. […]

Despite the near constant threat of a cyberattack, 77 percent of organizations do not have a cybersecurity incident response plan that is applied consistently across their enterprise, according to a study released today from IBM Security. […]

Help could be on the way for state and local governments grappling with defending against cyber attacks, in the form of bipartisan legislation introduced in the House and Senate that would authorize the Department of Homeland Security (DHS) to operate a grant program for states looking to implement better cybersecurity and recovery measures. […]

For agencies looking at a multi-cloud strategy, managing different vendors and gaining expertise in different clouds is key to take advantage of the nuanced differences and prevent cloud sprawl, said Sanjay Gupta, chief technology officer for the Small Business Administration (SBA). […]

Nearly a dozen Federal agencies and prominent tech-focused companies are joining forces to bring recent college graduates into government cybersecurity positions for two-year terms as part of the Cybersecurity Talent Initiative announced today by the Partnership for Public Service. […]

While some may question the rationale behind indicting people in countries that are unlikely to extradite to the U.S., the Federal Bureau of Investigations (FBI) sees value in the activity as one aspect in a national strategy of deterrence, said Tonya Ugoretz, deputy assistant director in the Cyber Division of the FBI. […]

Sens. Marco Rubio, R-Fla., and Chris Van Hollen, D-Md., on April 3 introduced an updated version of their Defending Elections from Threats by Establishing Redlines Act (DETER Act), which they said promises “swift and severe consequences” to Russia and other “foreign actors” if they attack U.S. political candidates, campaigns, or voting infrastructure. […]

As Tax Day approaches, Proofpoint called attention to an increase in tax-related malware and phishing campaigns in a blog post on Wednesday. […]

In a blog post Thursday, Trustwave detailed a new sextortion scam making the rounds. […]

Defense Department (DoD) officials today underscored the importance of the agency’s ongoing electronic health records (EHR) modernization efforts at a Senate Appropriations Committee Defense Subcommittee hearing on the Defense Health Program FY2020 budget request. […]

One of the major wrinkles to iron out in the Federal government’s move to the cloud has been security. Concerns regarding security have prompted some agencies to move cautiously, and the government to create whole programs dedicated to ensuring it. But cloud also provides some security advantages, which the Department of Defense (DoD) is taking advantage of to provide services to warfighters and small-business contractors. […]

The Office of Personnel Management (OPM) will increase the authority CIOs have over direct hiring decisions, according to a post on Federal Register. […]

The Federal Bureau of Investigation’s (FBI) Cyber Guardian program, which provides cyber-attack victim notification services, is operating with “incomplete and unreliable” data, and as a result the FBI is unable to determine whether all such victims are being notified, according to a report released April 1 by the Justice Department’s Office of Inspector General. […]

The General Services Administration (GSA) announced today that it has modernized the Highly Adaptive Cybersecurity Services (HACS) Special Item Number (SIN) to include additional cybersecurity services. […]

It’s been a long road, winding through swaths of government data, unstructured and unrefined, toward a new vision of public service where government anticipates the needs of its citizenry. There’s been a lot of downtime and detours in between for technology and mission to catch up with that vision. […]

With the U.S. decennial census set to begin gathering data in one year, the focus on new technology involved in the effort is increasing, along with security questions. The coming census has a reference date of April 1, 2020. […]

The city of Albany, N.Y., confirmed on March 30 that it was hit by a ransomware attack that affected municipal government computers. […]

The Federal Trade Commission (FTC) announced Wednesday that Office Depot agreed to pay $25 million to settle allegations that the company “tricked customers into buying millions of dollars’ worth of computer repair and technical services by deceptively claiming their software had found malware symptoms on the customers’ computers.” Support.com, Office Depots’ software supplier, agreed to pay $10 million to settle the same allegations. […]

Women make up less than a quarter of the cybersecurity workforce and while efforts are underway to boost that number, success has been limited. New America, a non-partisan think tank, released a report on Thursday detailing the current status of women in the cyber workforce, efforts to increase the number of women in the field, and steps that can be taken to improve hiring and retention across the industry. […]

In a report released Wednesday, Kaspersky Lab found that malicious activity targeting industrial control systems (ICS) impacted nearly half (47.2 percent) of all computers under its protection in 2018, up from 44 percent in 2017. […]

In the race to exascale computing, it looks like the Department of Energy (DoE) will be the first to reach the pole. In a couple of years, the department plans on opening a supercomputer, known as Aurora, capable of performing a quintillion calculations per second, five times faster than the current champ. But in addition to beating the Chinese and everyone else to the exascale summit, Aurora will be significant for incorporating artificial intelligence into its repertoire, while pursuing a range of scientific and real-world problems. […]