The Office of the Director of National Intelligence, alongside the Justice Department, Federal Bureau of Investigation, and Department of Homeland Security, released a joint statement today that expresses their concern over election interference and calls identification and prevention of interference a “top priority for the Federal government.” […]

With critical infrastructure emerging as a major concern for the U.S. government, cybersecurity efforts must account for critical infrastructure’s interdependent and connected nature, and make sure to address the linkages between industries, said experts from the private and public sector at a Wednesday event hosted by the Atlantic Council. […]

Current and retired Defense Department IT officials today discussed cost and opportunity implications of further cloud adoption by the military and potential payoffs including acceleration of artificial intelligence (AI) technologies. […]

Yesterday two academics proposed creating an international organization modeled after the International Committee of the Red Cross (ICRC), that would “provide assistance and relief to vulnerable citizens and enterprises affected by serious cyberattacks.” […]

Data from the Federal government’s IT Dashboard website appear to indicate that Federal CFO Act agencies have made some progress but are still more than 1,000 data centers short of their intended closure goals for 2020 under the Data Center Optimization Initiative (DCOI). […]

The Food and Drug Administration (FDA) released new draft guidance for the cybersecurity of medical devices on Wednesday, with a focus on risk management and applying the cybersecurity framework from the National Institute of Standards and Technology (NIST). […]

In a report released today, the International Information System Security Certification Consortium, (ISC)², a nonprofit association of certified cybersecurity professionals, found a global cybersecurity workforce shortage of 2.93 million people as of August 2018. […]

At the request of several Federal agencies, the Intelligence and National Security Alliance (INSA) has created and released a framework for organizations to better share indications and warnings (I&W) of cyberattacks and deconstruct that data into indicators that can be monitored. […]

Federal Deputy CIO Margie Graves said today that the forthcoming update to the Trusted Internet Connections (TIC) Initiative is coming “extraordinarily soon.” With the update, there seems to be an acknowledgment that the former ways of TIC–now over a decade old–will be yielding, including the TIC architecture often seen as expensive and inflexible to cloud technologies. […]

Health insurance provider Anthem has agreed to pay the Department of Health and Human Services’ Office of Civil Rights (OCR) $16 million to settle what HHS called “potential violations” of the Health Insurance Portability and Accountability Act (HIPAA) in connection with an Anthem data breach in late 2014 and early 2015 in which cyber criminals stole data on nearly 79 million individuals including names, Social Security numbers, medical identification numbers, and email addresses, among others.   […]

Following the fifth EU-U.S. Cyber Dialogue last month in Brussels, the United States and the European Union today released a statement reaffirming their “strong partnership in favour of a global, open, stable and secure cyberspace where the rule of law fully applies, where the same rights that individuals have offline are protected online, and where the security, economic growth, prosperity, and integrity of free and democratic societies is promoted and preserved.” […]

Cloud-based agility promises Federal agencies ease, efficiency, and transparency, but the road to the promised land is anything but linear. The reason for gridlock? Network complexity delays progress, and those in the front seat struggle to maintain momentum while shifting to cloud. […]

As Federal agencies continue to amass vast amounts of data, it’s inevitable that some portion of it won’t hold a ton of value to an agency’s mission. It could be a simple email to schedule your next meeting, or it could be notes scribbled on a Word document and stashed on an agency server. Outside of its immediate use at that point in time, there’s not a strong need to store it in perpetuity. […]

A bipartisan group of three senators–Sens. Chris Van Hollen, D-Md., Susan Collins, R-Maine, and Ben Cardin, D-Md.–last week introduced Protect Our Elections Act, which aims “to amend the Help America Vote Act of 2002 to require states to take steps to ensure domestic ownership and control of election service providers.” […]

The Pentagon confirmed on Friday a cyber breach that compromised personal and credit card information of military and civilian personnel. […]

A new report from MeriTalk finds that Federal legacy network infrastructure may be struggling to keep pace with the growing demands of agency cloud migrations, next-generation technology, and the continued push to modernize IT systems. […]

If Federal agencies want to succeed in the cloud, they must first tackle the chaos and complexity of current legacy networks. What impact are today’s network challenges having on government cloud adoption? Where are agencies successfully prioritizing modernization, and where are they falling behind? […]

The Department of Homeland Security’s National Cybersecurity & Communications Integration Center (NCCIC) released a new alert yesterday highlighting five publicly available tools frequently observed in cyber incidents worldwide. […]

Later this month government and private sector leaders will gather for a frank discussion about redefining government cybersecurity. The conversation could hardly be more timely: the Federal government is facing seemingly endless challenges, from evolving threats and aging legacy systems to budget constraints and workforce gaps. […]

Three senators asked President Trump in an Oct. 11 letter to provide information on whether the U.S. government operates any equipment using motherboards supplied by Super Micro Computer, Inc., which was the subject of a recent article by Bloomberg Businessweek reporting that Super Micro equipment had chips secretly implanted in the equipment that enabled backdoor data transmissions to China. Super Micro has strongly denied the claims of that report. Sens. Edward Markey, D-Mass., Sherrod Brown, D-Ohio, and Catherine Cortez Masto, D-Nev., also asked what steps the U.S. has taken to ensure that Federal government equipment does not contain illicit chips, and whether the White House knows other instances of the Chinese government infiltrating technology made for end users in the U.S. They asked for a reply by Nov. 2. […]

With new guidance released Thursday offering more direct hire authority to agencies, including in cybersecurity and IT areas, the Office of Personnel and Management (OPM) is aiming to fill positions that are critical to meeting the missions of agencies, said OPM Deputy Director Michael Rigas during a Thursday interview with Government Matters. […]

The recent Department of Homeland Security alert describing ongoing cyberattacks on global managed service providers highlights the need for the U.S. government to take a lead role in protecting internet infrastructure, according to some industry cybersecurity experts. […]

Senators Richard Blumenthal, D-Conn., and Marco Rubio, R-Fla., asked the chief executive officer of Super Micro Computer in an Oct. 9 letter whether the company has ever found evidence of tampering of components or firmware that targeted the company’s products, among other questions stemming from a Bloomberg Businessweek article reporting that chips made by a Chinese firm and allegedly used by numerous U.S. companies and government agencies were engineered to enable backdoor data transmissions to China.  […]

Mike Duffy, acting deputy director for the Department of Homeland Security’s Federal Network Resilience Division, said today that many Federal agencies are expecting to have all of their .gov domains protected from email spoofing campaigns, ahead of an October 16 deadline to do so. […]

Three Senate Democrats asked Federal Trade Commission (FTC) Chairman Joseph Simons in an Oct. 10 letter to open an investigation into Google’s disclosure earlier this week that it discovered and patched in March a vulnerability in its Google+ social media platform that may have exposed profile data on up to 500,000 accounts, but did not inform users of the vulnerability in a timely way. […]

The Department of Justice (DoJ) announced yesterday that Yanjun Xu, a Chinese Ministry of State Security (MSS) operative, was extradited to the United States Tuesday on charges of conspiring and attempting to commit economic espionage and steal trade secrets from U.S. aviation and aerospace companies–including GE Aviation. […]

The Federal government is seeing progress in seven out of 10 key cybersecurity metrics that are being tracked quarterly as part of the President’s Management Agenda (PMA), Federal CIO Suzette Kent said today. […]

McAfee and the Center for Strategic and International Studies (CSIS) today released a new report about modernizing Social Security Numbers (SSN) in light of growing privacy and security concerns over using SSNs as a de facto personal identifier. The […]

The Department of Justice (DoJ) announced today that Romeo Vasile Chita, a Romanian national, was returned to the United States last Friday to face Federal charges of racketeering, wire fraud conspiracy, conspiracy to launder money, and conspiracy to traffic in counterfeit services charges. […]

A new survey from One Identity, a maker of identity and access management (IAM) solutions, finds that 77 percent of IT security professionals polled in the United states, Europe, and elsewhere said it would be “easy” for them to steal sensitive information from their companies if they were to leave those organizations. […]