Two House subcommittees will convene a hearing tomorrow, Nov. 14, at 3 p.m., to hear officials from the Departments of Defense (DoD) and Homeland Security (DHS) discuss how the two agencies cooperate on cybersecurity issues. […]

The ability of adversaries to attack in cyberspace with low consequence creates the need to impose friction and leads to the tenants of defending forward and continuous engagement with adversaries in cyberspace espoused in the National Cyber Strategy and the Department of Defense (DoD) Cyber Strategy, said Rob Joyce, senior adviser for cybersecurity strategy to the Director of the National Security Agency (NSA). […]

The United States, Russia, and China did not sign the Paris Call for Trust and Security in Cyberspace, a global cyber pact, released Tuesday at Paris Peace Forum by French President Emmanuel Macron. […]

During MeriTalk’s Data Center Brainstorm event on Nov. 7, Steve Rice, deputy CIO at the Department of Homeland Security, highlighted the importance of mobility and how improving access to mobile platforms can further the missions of DHS and its sub-agencies.   […]

A new report released today from One Identity found that Federal agencies lack basic elements of cyber hygiene. The study, conducted by Dimensional Research and sponsored by identity and access management (IAM) solutions provider One Identity found that “while agency leaders recognize IAM’s importance, the majority of agencies have yet to fully adopt recommended guidelines into their cybersecurity program and some even feel their current approach distracts from agency missions.” […]

As Federal agencies seek to incorporate an application programming interface (API) strategy into their IT modernization initiatives, a word of caution: make sure you have API-specific security integrated into your IT infrastructure. […]

The Aspen Cybersecurity Group (ACG), which was formed last year by the Aspen Institute think tank to “translate pressing cybersecurity conversations into action,” has issued several policy recommendations to bolster the security of internet of things (IoT) devices including suggesting that device manufacturers invest more in building in better security, and that manufacturers be held accountable for the security of devices that they make. […]

The North Korean hackers known as Lazarus Group are now stealing from ATMs to the tune of tens of millions of dollars, according to research Symantec released Thursday. […]

Synack, a crowdsourced security testing firm, announced Thursday the launch of its Synack Veterans Cyber Program which will “recruit, empower, and deploy veterans in the cybersecurity industry.” […]

Dana Deasy, CIO at the Department of Defense, detailed this week how the Pentagon is adapting to the realities of using mobile devices and turning them into an advantage for the agency. […]

The Global Commission on the Stability of Cyberspace (GCSC)–a group formed last year to promote international stability by developing policy proposals and norms to guide responsible state and non-state behavior in cyberspace–on Thursday issued a set of six global norms that the group hopes will promote “the peaceful use of cyberspace.” […]

Following President Trump’s proclamation of November as National Critical Infrastructure Security and Resilience Month, Secretary of Homeland Security Kirstjen M. Nielsen released a statement on Wednesday saying she and DHS are “committed to strengthening our efforts to protect and secure the infrastructure on which Americans rely, in close partnership with other Federal agencies, state, local, territorial and tribal governments, and the private sector.” […]

The National Cybersecurity Center of Excellence (NCCoE), a partnership of the National Institute of Standards and Technology (NIST) and the state of Maryland, is seeking public comment by Dec. 6 on a draft report (NISTIR 8219) detailing cybersecurity guidance aimed at the manufacturing sector that employs industrial control systems to monitor and control physical processes. […]

A report from the Carnegie Endowment for International Peace released Wednesday found that “harnessing the full potential of cyber insurance will be imperative for preventing systemic cyber incidents of concern for governments and the private sector alike.” […]

The Department of Homeland Security (DHS) Science and Technology Directorate (S&T) announced today that it issued $1,272,320 of funding awards to develop new solutions to “improve the capability of organizations to understand and improve their cybersecurity control investment decisions.” The funding will be split between University of California, San Diego and University of Illinois, Chicago. […]

The demand for cybersecurity professionals is growing, according to data published Wednesday on CyberSeek, a free online resource from the National Institute of Standards and Technology (NIST), Burning Glass, and CompTIA. […]

The United States is finally making no bones about its willingness to go after adversaries in cyberspace. […]

As Federal government agencies continue their methodical march to IT modernization spurred on by congressional and administration mandates, two senior Department of Homeland Security (DHS) IT officials emphasized today the importance of the needs of core agency missions in leading those efforts. […]

New guidance for the Data Center Optimization Initiative (DCOI) will likely include revised performance goals for agencies, revised metrics for energy metering and virtualization, and new metrics for under-utilized servers, availability, and old hardware, said Jake Wooley, IT sustainability program manager at the Department of Energy (DoE), during MeriTalk’s 2018 Data Center Brainstorm. […]

On Nov. 5, the United States implemented sanctions against Iran, which the Treasury Department described as the “largest ever single-day action targeting the Iranian regime.” While the sanctions were ostensibly targeting Iran’s growing nuclear program, the Foundation for Defense of Democracies (FDD), a think tank which vacillates between nonpartisan, hawkish, and neoconservative in terms of its political leanings, argued in a report released Tuesday that the United States should be concerned about the cybersecurity implications of the new sanctions. […]

Cybersecurity firm Morphisec said that 63 percent of 1,000 Americans that it surveyed in late October regarded the threat of “adversaries propagating misinformation on social networks” as a “more significant threat” to the U.S. midterm elections than possible cyber attacks against voting infrastructure. […]

A new report on FISMA compliance from the Office of the Inspector General (OIG) for the Board of Governors of the Federal Reserve System and the Bureau of Consumer Financial Protection (CFPB) found that the bureau has consistently implemented its information security programs but also called on CFPB to strengthen its enterprise risk management program, among other recommendations. […]

The White House is looking to finalize its new Cloud Smart policy following the release of a draft at the end of September. Agencies and other stakeholders have been given just over a month to express how to make improvements to the new policy. […]

Wisconsin Gov. Scott Walker last Friday requested that Maj. Gen. Donald Dunbar, adjutant general of Wisconsin, put the state’s National Guard cyber response teams on standby ahead of the midterm elections. […]

A majority of surveyed U.S. information and technology professionals–86 percent–are concerned about the public sector’s ability to conduct secure, reliable, and accurate elections, according to a new study from ISACA released today. […]

Vice Admiral Nancy Norton, head of the Defense Information Systems Agency (DISA) and commander of the Joint Force Headquarters Department of Defense Information Network (JFHQ-DODIN), today described DISA’s efforts going into milCloud 2.0 and how they support Federal data center optimization goals. […]

Leveraging the cloud is key to the success of new programs and modernization efforts at the Pentagon, said Department of Defense CIO Dana Deasy and Defense Information Systems Agency (DISA) Chief Vice Admiral Nancy Norton during DISA’s Forecast to Industry conference on Monday. […]

Hybrid clouds can be an integral part of government agencies’ information technology modernization strategies by helping to provide consistency across on-premise and public cloud platforms to ease migration, integration, and operation across the platforms. […]

A new report from the Commerce Department Office of the Inspector General (OIG) determined that the Census Bureau must improve the implementation of its risk management framework. […]

In a memo dated Oct. 24, Secretary of Defense James Mattis established the Protecting Critical Technology Task Force (PCTTF) to protect the Department of Defense’s (DoD) “critical technology.” The task force will work to prevent the loss of classified and controlled unclassified information–the loss of which is “putting the Department’s investments at risk and eroding the lethality and survivability of our forces.” […]