The hybrid work environment has created a previously unheard-of number of new endpoints that agencies need to protect. Federal officials examined the unique challenges that now exist as everything from computers to printers, mobile devices, and even sensors reside in and outside an agency’s walls during a September 1 GovLoop webinar. […]
The Office of Inspector General (OIG) at the Department of Homeland Security (DHS) determined that DHS achieved three out of five cybersecurity functions in the Top Secret/Sensitive Compartmented Information intelligence systems for DHS. But the evaluation found deficiencies in the programs protect and recover operations. Due to the Top Secret nature of the intelligence systems, the OIG only released a brief unclassified summary of its report. […]
The House Armed Services Committee passed the fiscal year 2022 (FY2022) National Defense Authorization Act (NDAA) on Sept. 1 by a bipartisan vote of 57-2. The bill will now move to the full chamber for consideration. […]
A draft bill that would establish a mandatory cyber incident reporting framework at the Cybersecurity and Infrastructure Security Agency (CISA) received praise from stakeholders and industry leaders during a hearing on Sept. 1 from the House Committee on Homeland Security’s Subcommittee on Cybersecurity, Infrastructure Protection, and Innovation. […]
In order to launch a robust DevSecOps (Development, Security, and Operations) effort, Department of Defense (DoD) leaders agree that organizations need to undergo a culture shift and learn to be comfortable with the uncomfortable to achieve the best results. […]
Today, the Cybersecurity and Infrastructure Security Agency (CISA) and the FBI published a cybersecurity advisory, warning public and private sector organizations to stay vigilant for ransomware attacks ahead of the Labor Day holiday weekend. […]
The only way to successfully build software now and in the future at scale while moving at a pace of relevance is with development, security, and operations (DevSecOps), the chief software officer (CSO) at the U.S. Air Force (USAF) said during a virtual summit held by ATARC on August 31. […]
Deputy Attorney General Lisa Monaco announced the creation of the Department of Justice’s (DoJ) new Cyber Fellowship program. The fellowship is designed to develop a new generation of prosecutors and attorneys equipped to handle emerging national security threats. […]
Registration for the third annual President’s Cup Cybersecurity Competition opened today, the Cybersecurity and Infrastructure Security Agency (CISA) announced today in a press release. […]
The White House Office of Management and Budget (OMB) issued a memorandum for agencies to improve investigative and remediation capabilities related to cybersecurity incidents, as directed by Executive Order (EO) 14028, Improving the Nation’s Cybersecurity. […]
The United States Air Force (USAF) announced that Mansfield-Lahm Air National Guard Base in Ohio is its preferred location for a new cyber warfare wing at the department. […]
A group of 17 tech-sector and other trade groups urged House and Senate leaders in an August 27 letter to consider a 72-hour reporting requirement for cyber incident breach reporting in any legislation that they may consider on the issue. […]
The Federal Acquisition Security Council (FASC) published a final rule in the Federal Register this week to assess Federal government supply chain risk information, as well as remove and exclude IT products, systems, or services that pose a national security risk. […]
The Federal Bureau of Investigation (FBI) has identified a cyber-criminal group that calls itself the “OnePercent Group,” and has carried out ransomware attacks against U.S. companies since November 2020 utilizing double-extortion tactics, according to an FBI flash report released on August 23. […]
The White House’s August 25 cybersecurity meeting between administration officials, tech-sector and other private-company CEOs, and representatives of the education and insurance sectors yielded a long list of big-dollar corporate commitments to improve security, and the pledges of educational institutions to offer programs that aim to help swell the size of the U.S. cybersecurity workforce. […]
The Biden administration has tasked the National Institute of Standards and Technology (NIST) to work with industry and other parties to come up with a new framework “to improve the security and integrity of the technology supply chain.” […]
President Biden on August 25 gathered Federal government cybersecurity leaders and a deep roster of corporate leaders at a White House meeting that he said aimed to “raise the bar” on cybersecurity across the government, critical infrastructure, and private sectors. […]
The Cybersecurity and Infrastructure Security Agency (CISA) has agreed to work with Singapore’s Cyber Security Agency (CSA) to expand cybersecurity research and development and critical technologies. […]
The Cybersecurity and Infrastructure Security Agency (CISA) is seeking information on support services for the President’s Cup Cybersecurity Competition (PCCC) – a competition to reward top cybersecurity professionals in the Federal government. The competition gets underway next week and wraps up in December. […]
The Cybersecurity and Infrastructure Security Agency (CISA) has released a fact sheet that offers recommendations on how to protect sensitive and personal information from ransomware-related data breaches. […]
Wireless service provider T-Mobile USA today increased its reported totals for customer accounts affected by a cyberattack that the company disclosed earlier this week. […]
The Department of the Army has appointed Angelica Phaneuf – who has spent the last few years doing cybersecurity for the Air Force’s Kessel Run detachment – as the next chief information security officer (CISO) for the Army Software Factory. […]
As the first-ever appointed and confirmed National Cyber Director (NCD), Chris Inglis is responsible for coordinating the nation’s cyber strategy. But first, he’ll have to build out his office. […]
The Department of Commerce (DOC) Office of Inspector General (OIG) reported that the Census Bureau was hacked in early 2020 via a publicly available exploit. But the attack was only partially successful in that the attackers’ attempts to maintain access to the system by creating a backdoor in the affected servers were unsuccessful. […]
The United States Air Force (USAF) on August 17 named Jay Bonci – a private sector cybersecurity veteran – as the service branch’s next chief technology officer (CTO), according to a post by Bonci. […]
With the COVID-19 pandemic changing the work landscape, potentially forever, cybersecurity officials are advising that workplaces prepare to build resiliency into these hybrid work landscapes and make sure they are working strategically to secure the connections. […]
As the school year gets underway, the K-12 Cybersecurity Act passed in the Senate. […]
Wireless service provider T-Mobile USA confirmed reports that hackers succeeded in gaining unauthorized access to some of its data, but said it was too early to tell whether that involved any “personal customer data.” […]
Ransomware attacks are on the rise and as adversaries mount more sophisticated attacks, government and private institutions need to advance their cyber strategies as well in order to not become easy targets. […]
The Department of Homeland Security (DHS) is launching a “pathfinder assessment” to look into a cybersecurity compliance program for its supply chain base – similar to the Department of Defense’s (DoD) Cybersecurity Maturity Model Certification (CMMC) program that has been in the works for more than two years. […]