State Department

The Cybersecurity and Infrastructure Security Agency’s (CISA) Continuous Diagnostics and Mitigation (CDM) program is employing a multi-year view on helping Federal agencies to better protect their high-value assets (HVA), CDM Program Manager Kevin Cox indicated today. […]

A new bill introduced in the House and Senate by two recognized congressional cybersecurity leaders would push Federal agencies to further adopt cybersecurity best practices by making it more difficult to obtain waivers under the Federal Cybersecurity Enhancement Act of 2015. […]

Washington DC capitol federal government-min

As the Federal Election Commission (FEC) dealt with oversight of a massive increase in campaign donations during a presidential election cycle, the agency at the same time struggled with its cybersecurity and the absence of a full-time CIO, the FEC’s Office of the Inspector General found in a report released November 13. […]

DOJ Department of Justice
Navy seal

The U.S. Navy and its revitalized CIO office is looking to modernize its systems and capabilities, with artificial intelligence (AI) as a tool to tackle a complicated environment, said Christopher Cleary, Navy CISO, in a November 12 speech. […]

Cybersecurity

Cyberattacks that use encrypted channels to bypass legacy security controls rose by 260 percent from the beginning of 2020 through September, with the healthcare sector seeing the biggest industry-specific jump in targeted attacks, according to research released this week by cloud security provider Zscaler based on insights sourced from 6.6 billion encrypted threats across the Zscaler cloud. […]

Election security leaders including Bob Kolasky, Director of the National Risk Management Center at the Cybersecurity and Infrastructure Security Agency (CISA), late Thursday pronounced the November 3 election as “the most secure in American history,” and said they found no evidence of voting system compromises, or changed votes. […]

Army
General Services Administration GSA Headquarters 1800 F St 18F TTS FAS
Treasury
OPM Office of Personnel Management

The Office of Personnel Management’s (OPM’s) cybersecurity fell under scrutiny in two audits by the agency’s inspector general, with both identifying issues in OPM’s controls and security practices. […]

Cyber workforce
security

The Department of Homeland Security (DHS) Science and Technology Directorate (S&T), in partnership with the Cybersecurity and Infrastructure Security Agency (CISA), announced Oct. 30 that it has awarded $2 million to an initiative that will build a national network of cybersecurity technical institutes. […]

password IAM ICAM easy pwd admin priviliges identity access management authentication credential

Simple, easy to guess passwords are the scourge of cybersecurity staff. On the flip side, many users struggle to remember lengthy and complicated passwords that pass muster with cybersecurity standards. To help bridge the gap between security and useability, Carnegie Mellon’s CyLab Security and Privacy Institute has developed a policy for creating passwords. […]

The Federal Labor Relations Authority (FLRA) scored well on its fiscal year 2020 Federal Information Security Modernization Act (FISMA) audit, with only four areas noted as weaknesses and no carry-over weaknesses from prior year audits. […]

security

The Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Department of Health and Human Services (HHS) are warning hospitals and the public health sector at large that they face an “imminent” threat of malware attacks. […]

Rep. Jim Langevin, D-R.I., long a leading voice on cybersecurity policy and a member of the Cyberspace Solarium Commission, argued this week that the establishment of internationally accepted norms of behavior in cyberspace is one of the keys to improving the United States’ cybersecurity posture. […]

Cyber

John Sherman, Principal Deputy CIO at the Department of Defense (DoD), said Oct. 28 that the Pentagon is making progress with IT modernization activities for the parts of the agency known as “the Fourth Estate” – offices that are not military services or intelligence community agencies. […]

DoD Pentagon Military

The Defense Department’s (DoD) current interim rule for the Cybersecurity Maturity Model Certification (CMMC) will take full effect on December 1, said Katie Arrington, CISO for DoD’s acquisition office, at an October 28 virtual event organized by C4ISRNET. […]

Federal officials this week discussed how they can support new approaches like zero trust and SD-WAN in an efficient and secure way by leveraging the Enterprise Infrastructure Solutions (EIS) contract along with security requirements of the Trusted Internet Connections (TIC) 3.0 policy. […]

The Department of Defense (DoD) Office of Inspector General (OIG) is canceling its audit of corrective actions taken by DoD in response to cybersecurity vulnerabilities identified during operational testing and evaluation of acquisition programs, citing the COVID-19 pandemic. […]

The Cybersecurity and Infrastructure Security Agency (CISA) and FBI issued a joint cybersecurity advisory on Oct. 22 to warn operators of state, local, territorial, and tribal (SLTT) government networks that they may be targeted by Russian state-sponsored advanced persistent threat (APT) actors. […]

NIST

The National Cybersecurity Center of Excellence (NCCoE) is looking for industry partners to support its efforts to build exemplar zero-trust architectures that meet the standards set out by NCCoE’s parent organization, the National Institute of Standards and Technology (NIST). […]

DoD Pentagon Military

Categories