Department of Homeland Security officials told 21 states on Sept. 22 that their election systems were breached by Russian hackers. This is the first instance that the Federal government told states whether they were targeted. […]

A memorandum issued by Deputy Secretary of Defense Patrick Shanahan establishes an initiative to move many DoD IT systems to the cloud, a move that members of industry are applauding for its potential to open the department to faster innovation.

The Federal Aviation Administration issued a total of 132 airspace authorizations to drone users as of Sept. 15 to assist in Hurricane Irma recovery efforts, and 137 authorizations to assist in Hurricane Harvey recovery efforts. The Air National Guard used drones to assess disaster-stricken areas quickly and decide where to send resources.

Rep. Jim Langevin, D-R.I., reintroduced legislation this week that would require companies that experience a breach to notify affected individuals within 30 days of the breach’s discovery and that they coordinate with the Federal Trade Commission to do so.

The Securities and Exchange Commission (SEC) released a statement on Sept. 20, which said that it learned in August 2017 of a cyberattack previously detected in 2016 might have allowed illicit gain through trading. In May 2017, SEC Chairman Jay Clayton initiated an assessment of the agency’s internal cybersecurity risk profile and approach to cybersecurity. […] […]

The Internet of Things has spawned many changes within the Federal government, including new methods of data collection at the Department of Agriculture (USDA), new policy considerations at the National Institute of Standards and Technology (NIST), and a realignment of the Office of the CIO (OCIO) at the Department of Commerce.

Information sharing about cybersecurity threats has to go beyond fulfilling requirements and instead include informal relationships and discussions between agencies, according to government experts who spoke at the MeriTalk Cyber Security Brainstorm on Sept. 20.

One of the most important aspects of the Continuous Diagnostics and Mitigation Program is making sure that the dashboard is flexible and able to display metrics that the specific agencies want to track.

A report with information from all of the agencies’ risk management reports will be sent to President Donald Trump to review by Oct. 8, even though the government still lacks a Federal CIO. Barry West, senior adviser and senior accountable official for risk management at the Department of Homeland Security, said that the goals of the Cyber Executive Order in May could still be met without a Federal CIO.

Comodo Threat Intelligence Labs investigated the Equifax data breach and found Equifax executives’ passwords available for sale on the Dark Web. Comodo found that more than 388 instances of Equifax user and employee endpoint data available for sale. This information includes usernames, titles, passwords, and login URLs, and the dates on which they were stolen.