The Internet of Things (IoT) Cybersecurity Improvement Act of 2020 passed the House today and is moving to the Senate for consideration. The legislation would set a minimum-security standard for all IoT devices purchased by government agencies. […]
Air Force Maj. Gen. Robert Skinner has been nominated by President Trump to lead the Defense Information System Agency, according to an announcement the Secretary of Defense Mark Esper. His appointment to that post requires Senate confirmation. […]
The Cybersecurity and Infrastructure Security Agency (CISA) revealed today that malicious actors affiliated with the Chinese Ministry of State Security (MSS) are using open-source information plans and readily available exploits to attack networks. […]
In preparation for Federal efforts in outer space, the Trump Administration is calling on leaders across government to prepare space IT systems against cyberattacks before launch. […]
Nearly two years into an ambitious overhaul of the National Oceanic and Atmospheric Administration (NOAA) Cyber Security Center (NCSC), brighter horizons are in sight for the agency in the form of improved cyber analytics capabilities. From the start, NOAA took a holistic approach to the NCSC transformation that encompasses people, process, and technology – in equal parts. […]
Ron Ross has seen a lot during his 30-year career in cybersecurity, so asking him to pinpoint new cyber threats is a little like asking Tom Brady to talk about a blitz he has not faced during his NFL tenure. […]
The vice chair of the board of directors of the CMMC-AB said that 25 assessors have been provisionally trained, and estimated that certified assessors for the open market will be released in the first quarter of calendar year 2021. […]
The Department of Homeland Security’s (DHS) effort to consolidate its network and security operations centers into a Network Operations Security Center (NOSC) model will improve the agency’s continuity of operations efforts, CIO Karen Evans said today. […]
The new cybersecurity standard for contractors in the Department of Defense’s (DoD) supply chain ecosystem is soon to have regulatory backing, according to Katie Arrington, CISO for Acquisition and Sustainment at the DoD. […]
Assessing the current threat landscape six months into the COVID-19 pandemic, Director of the Cybersecurity and Infrastructure Security Agency Christopher Krebs listed nation-state spies, cybercriminals committing fraud, and the spread of disinformation as top cyberattack vectors. […]
Deputy Federal CIO Maria Roat asserted at the Billington Cybersecurity Summit that the Federal government is using a DevSecOps approach to integrate security into every aspect of modernization, but she insisted that the workforce must be cyber ready to be entirely secure. […]
The Federal Communications Commission said on Sept. 4 that the total cost of removing and replacing telecommunications equipment made by China-based Huawei and ZTE from the networks of smaller U.S. carriers could be more than $1.6 billion. […]
With no U.S.-based companies dominating the worldwide market for network equipment that underlies 5G wireless services, and with the U.S. in the midst of a years-long campaign to ban Chinese network equipment makers from U.S. and allies’ markets, perhaps the most important battle for the longer-term future of 5G network infrastructure is gearing up now in and near the halls of power in Washington, D.C. […]
The Information Technology Industry Council this week released its guide for cybersecurity certification, which includes a warning against a “one-size-fits-all solution” in certification. […]
The Cybersecurity Maturity Model Certification Accreditation Body announced the addition of two new members to its Board of Directors on Sept. 2, a move which comes just months after the board’s establishment in January. Sheryl Hanchar and Charlie Williams, Jr. were added to the board to serve terms beginning immediately, a CMMC-AB news release said. […]
While Congress has been slow to act on privacy issues, the National Institute of Standards and Technology (NIST) is getting out ahead of any Federal legislation when it comes to addressing the matter. […]
The Office of Management and Budget (OMB) has finalized vulnerability disclosure policies (VDPs) for the Federal government and issued a memorandum to agencies today establishing the processes for identification, management, and remediation of security vulnerabilities. […]
CenturyLink said on Sept. 1 that the company has attained FISMA (Federal Information Security Management Act) High certification for its federal network operations centers and security operations centers. […]
Shane Barney, Chief Information Security Officer (CISO) at the Department of Homeland Security’s U.S. Citizenship and Immigration Services (USCIS) component, on Sept. 1 credited increased use of data automation for improving security operation center (SOC) operations at the agency. […]
Cybersecurity agencies of the nations in the “Five Eyes” intelligence alliance released a joint cybersecurity advisory to serve as a “playbook” for investigating incidents and highlight technical approaches to uncovering malicious activity. […]
The Department of Health and Human Services has appointed Perryn Ashmore acting CIO, following the departure of former CIO Jose Arrieta on August 28. […]
The first group of assessors for the Department of Defense’s new cybersecurity standard will begin training today, according to a press release from the Cybersecurity Maturity Model Certification Accreditation Body. […]
In the 20th century, literacy in reading, writing, and mathematics might have been the requisites to inform participation in democratic and economic systems, but over the past half century, a new form of necessary literacy has been emerging – cyber literacy. […]
As large scale telework continues across the Federal government, the Cybersecurity and Infrastructure Security (CISA) released a remote vulnerability and patch management guide yesterday to supplement the Trusted Internet Connection (TIC) 3.0 Interim Telework Guidance released in April. […]
For agencies looking to implement cybersecurity solutions, Terry Kalka, Chief of Mission Support at the Department of Defense Cyber Crime Center, emphasized that basic cyber hygiene practices will block a majority of cyberattacks unless those attacks stem from a particularly advanced threat actor. […]
According to a new report by NASA’s Office of Inspector General (OIG), NASA is not adequately securing its networks from unauthorized access by IT devices, and has not fully implemented controls to remove or block unauthorized IT devices from accessing the agency’s networks and systems. […]
Software Development Operations, or DevOps, can go by many names. DevSecOps, inserts Security into the equation while DevSecEthOps throws ethics into the mix, but ultimately the goal of the process is to build secure software – fast. […]
While the Cybersecurity and Infrastructure Security Agency’s Trusted Internet Connections (TIC) 3.0 guidance was finalized in late July, Program Manager Sean Connelly reiterated at an August 26 FedInsider webinar that the documents are only the first steps of TIC 3.0 efforts. […]
With artificial intelligence applications still being developed, the chief technology officer of the nation’s primary cyber agency said “a new cadre of data professionals” is needed in order to prepare cyber information for analysis. […]
John Felker, a 30-year Coast Guard veteran and a vital force in building mission capabilities of the Cybersecurity and Infrastructure Security Agency over the past several years, said he plans to retire from government service on Sept. 25. […]