The State Department released a fact sheet highlighting the United States’ support for digital transformation and cybersecurity in Latin America and the Caribbean. […]
The Cybersecurity and Infrastructure Security Agency’s (CISA) Continuous Diagnostics and Mitigation (CDM) program is employing a multi-year view on helping Federal agencies to better protect their high-value assets (HVA), CDM Program Manager Kevin Cox indicated today. […]
A new bill introduced in the House and Senate by two recognized congressional cybersecurity leaders would push Federal agencies to further adopt cybersecurity best practices by making it more difficult to obtain waivers under the Federal Cybersecurity Enhancement Act of 2015. […]
The Senate on Nov. 17 approved the Internet of Things Cybersecurity Improvement Act (H.R. 1668) by unanimous consent, sending the bill to the White House for President Trump’s signature. The House approved the bill in September. […]
The National Security Agency (NSA) announced it has designated the U.S. Naval Academy’s cyber operations program as a Center of Academic Excellence in Cyber Operations (CAE-CO). […]
As the Federal Election Commission (FEC) dealt with oversight of a massive increase in campaign donations during a presidential election cycle, the agency at the same time struggled with its cybersecurity and the absence of a full-time CIO, the FEC’s Office of the Inspector General found in a report released November 13. […]
The Department of Justice (DoJ) announced earlier this month that a Federal judge sentenced Aleksandr Brovko, a Russian national, to eight years in prison for his role in a botnet scheme that resulted in an estimated loss of over $100 million. […]
The U.S. Department of Energy (DoE) has launched the Operational Technology (OT) Defender Fellowship, which is intended to help strengthen critical infrastructure cybersecurity. […]
The U.S. Navy and its revitalized CIO office is looking to modernize its systems and capabilities, with artificial intelligence (AI) as a tool to tackle a complicated environment, said Christopher Cleary, Navy CISO, in a November 12 speech. […]
Cyberattacks that use encrypted channels to bypass legacy security controls rose by 260 percent from the beginning of 2020 through September, with the healthcare sector seeing the biggest industry-specific jump in targeted attacks, according to research released this week by cloud security provider Zscaler based on insights sourced from 6.6 billion encrypted threats across the Zscaler cloud. […]
Election security leaders including Bob Kolasky, Director of the National Risk Management Center at the Cybersecurity and Infrastructure Security Agency (CISA), late Thursday pronounced the November 3 election as “the most secure in American history,” and said they found no evidence of voting system compromises, or changed votes. […]
The U.S. Army has launched Hack the Army 3.0, a bug bounty program that is intended to help safeguard the Department of Defense (DoD) and Army networks, systems and data. […]
The General Services Administration’s (GSA) mismanagement of Federal contract employees Personal Identity Verification (PIV) cards has put GSA personnel, Federal property, and data at risk, according to a report from the Office of Inspector General’s (OIG). […]
The Treasury Department is proposing a new rule that would make definitional changes to incorporate cyber coverage guidance in Terrorism Risk Insurance Program (TRIP) regulations. […]
The Treasury Department’s Office of Inspector General (OIG) said in a new information memorandum that IT Acquisition, and Project Management and Cyber Threats, remain from the previous year as two of five management and performance challenges for the agency. […]
The Office of Personnel Management’s (OPM’s) cybersecurity fell under scrutiny in two audits by the agency’s inspector general, with both identifying issues in OPM’s controls and security practices. […]
Confirmation of the appointment of Camilo Sandoval as the new Federal CISO has emerged in the form of his listing on the Office of Management and Budget’s (OMB) CIO.gov website as holding the Federal CISO title. […]
The Department of Homeland Security (DHS) Science and Technology Directorate (S&T), in partnership with the Cybersecurity and Infrastructure Security Agency (CISA), announced Oct. 30 that it has awarded $2 million to an initiative that will build a national network of cybersecurity technical institutes. […]
Simple, easy to guess passwords are the scourge of cybersecurity staff. On the flip side, many users struggle to remember lengthy and complicated passwords that pass muster with cybersecurity standards. To help bridge the gap between security and useability, Carnegie Mellon’s CyLab Security and Privacy Institute has developed a policy for creating passwords. […]
The Federal Labor Relations Authority (FLRA) scored well on its fiscal year 2020 Federal Information Security Modernization Act (FISMA) audit, with only four areas noted as weaknesses and no carry-over weaknesses from prior year audits. […]
The Federal Maritime Commission (FMC) inspector general flagged several IT security policy issues at the agency in a recent FISMA compliance audit, which FMC pledged to address over the next few months. […]
The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS) are warning hospitals and the public health sector at large that they face an “imminent” threat of malware attacks. […]
Rep. Jim Langevin, D-R.I., long a leading voice on cybersecurity policy and a member of the Cyberspace Solarium Commission, argued this week that the establishment of internationally accepted norms of behavior in cyberspace is one of the keys to improving the United States’ cybersecurity posture. […]
John Sherman, Principal Deputy CIO at the Department of Defense (DoD), said Oct. 28 that the Pentagon is making progress with IT modernization activities for the parts of the agency known as “the Fourth Estate” – offices that are not military services or intelligence community agencies. […]
The Defense Department’s (DoD) current interim rule for the Cybersecurity Maturity Model Certification (CMMC) will take full effect on December 1, said Katie Arrington, CISO for DoD’s acquisition office, at an October 28 virtual event organized by C4ISRNET. […]
Federal officials this week discussed how they can support new approaches like zero trust and SD-WAN in an efficient and secure way by leveraging the Enterprise Infrastructure Solutions (EIS) contract along with security requirements of the Trusted Internet Connections (TIC) 3.0 policy. […]
The Department of Defense (DoD) Office of Inspector General (OIG) is canceling its audit of corrective actions taken by DoD in response to cybersecurity vulnerabilities identified during operational testing and evaluation of acquisition programs, citing the COVID-19 pandemic. […]
The Cybersecurity and Infrastructure Security Agency (CISA) and FBI issued a joint cybersecurity advisory on Oct. 22 to warn operators of state, local, territorial, and tribal (SLTT) government networks that they may be targeted by Russian state-sponsored advanced persistent threat (APT) actors. […]
The National Cybersecurity Center of Excellence (NCCoE) is looking for industry partners to support its efforts to build exemplar zero-trust architectures that meet the standards set out by NCCoE’s parent organization, the National Institute of Standards and Technology (NIST). […]
Officials from the Pentagon’s Defense Logistics Agency (DLA) said this week that two of their top concerns for further improving supply chain security are getting better end-to-end visibility of supply chains and integrating more threat intelligence into the picture. […]