The Department of Defense (DoD) has had an ongoing problem – the cybersecurity of its defense industrial base contractors. An interim rule scheduled to be published in the Federal Register tomorrow is the department’s next step in addressing that problem. […]
A recent review by the Department of Homeland Security (DHS) Office of Inspector General (OIG) found that Customs and Border Patrol (CBP) did not adequately protect sensitive data on an unencrypted device used during its Vehicle Face System pilot—a facial recognition technology pilot. […]
Rep. Lauren Underwood, D-Ill., became the chair today of the House Committee on Homeland Security’s Subcommittee on Cybersecurity, Infrastructure Protection, and Innovation, one of the chamber’s primary panels with jurisdiction over cybersecurity issues. […]
Data from a Federal agency has been stolen in a cyber theft, according to an analysis report released Sept. 24 by the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency. The specific agency, timeframe of the intrusion, and thief are not identified in the report. […]
To combat phishing attacks that could crumble an entire agency’s cybersecurity safeguards at one employee’s incorrect click, the National Institute of Standards and Technology (NIST) has launched a new method to understand why individuals fall for the malicious links. […]
Former government officials from the United States and around the world joined with technology companies and non-profit organizations in a call to prioritize digital trust and security addressed to the President of the United Nations General Assembly. […]
The Government Accountability Office said in a report that in order to fully implement the White House’s National Cyber Strategy a “clarity of leadership” is “urgently needed.” […]
On Sept. 23, the National Institute of Standards and Technology (NIST) released a “historic” update to its flagship security and privacy guidance, Special Publication (SP) 800-53, Security and Privacy Controls for Information Systems and Organizations. […]
As the U.S. faces increased foreign cyber threats, the Department of State said in 2019 that it would stand up a Bureau of Cyberspace Security and Emerging Technologies (CSET) to address these threats, but according to the Government Accountability Office (GAO), State hasn’t informed or involved other partners in the bureau planning, which could increase risks of duplicating efforts. […]
On Friday, Assistant Director for the Cybersecurity and Infrastructure Security Agency (CISA) Bryan Ware announced that the agency was issuing Emergency Directive 20-04, which instructs Federal Civilian Executive Branch agencies to apply a security update for Microsoft’s Windows Servers to all domain controllers. […]
A key Congressman on the House Armed Services Committee spoke in support of three technology bills Friday, expressing optimism with the “bipartisan and bicameral” legislation as the legislative calendar for this session of Congress winds down. […]
The Government Accountability Office (GAO) is recommending that the Treasury Department take steps – in coordination with the Department of Homeland Security and others – to better track and prioritize cyber risk mitigation efforts across the financial services sector. […]
In a coordinated effort across three district courts, the Department of Justice unsealed indictments this week in three separate cases against Iran-based individuals all alleged to have committed cyber intrusions on U.S.-based networks. […]
The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have identified an Iran-based cyber actor that is exploiting a virtual private network and targeting several Federal agencies, according to a joint advisory released this week. […]
A Government Accountability Office (GAO) official said on Sept. 16 that the Department of Veterans Affairs (VA) is taking action on several major IT modernization and cybersecurity issues that GAO has flagged in recent years, but that the agency still has a lot of work to do to address many of them. […]
Secretary of Defense Mark Esper said today that new technologies are changing the “character of warfare” – a shift that he said requires adjustments both abroad and at home to funding priorities. […]
One of the Licensed Partner Publishers selected last week to provide training materials for the Cybersecurity Maturity Model Certification Accreditation Body told MeriTalk this week he expects that some of the training materials will be publicly released beginning next month. […]
Threat detection and response services provider Trustwave has launched its Trustwave Fusion platform on Amazon Web Services GovCloud – letting Federal agencies and government contractors take advantage of the cloud-native cybersecurity platform to combat ever-changing security threats. […]
The House passed the Internet of Things (IoT) Cybersecurity Improvement Act of 2020 yesterday and as it moves to the other chamber with support from bipartisan senators, leaders of the IoT cyber legislation are looking ahead to what this legislation could mean for IoT manufacturers and American privacy. […]
The Internet of Things (IoT) Cybersecurity Improvement Act of 2020 passed the House today and is moving to the Senate for consideration. The legislation would set a minimum-security standard for all IoT devices purchased by government agencies. […]
Air Force Maj. Gen. Robert Skinner has been nominated by President Trump to lead the Defense Information System Agency, according to an announcement the Secretary of Defense Mark Esper. His appointment to that post requires Senate confirmation. […]
The Cybersecurity and Infrastructure Security Agency (CISA) revealed today that malicious actors affiliated with the Chinese Ministry of State Security (MSS) are using open-source information plans and readily available exploits to attack networks. […]
In preparation for Federal efforts in outer space, the Trump Administration is calling on leaders across government to prepare space IT systems against cyberattacks before launch. […]
Nearly two years into an ambitious overhaul of the National Oceanic and Atmospheric Administration (NOAA) Cyber Security Center (NCSC), brighter horizons are in sight for the agency in the form of improved cyber analytics capabilities. From the start, NOAA took a holistic approach to the NCSC transformation that encompasses people, process, and technology – in equal parts. […]
Ron Ross has seen a lot during his 30-year career in cybersecurity, so asking him to pinpoint new cyber threats is a little like asking Tom Brady to talk about a blitz he has not faced during his NFL tenure. […]
The vice chair of the board of directors of the CMMC-AB said that 25 assessors have been provisionally trained, and estimated that certified assessors for the open market will be released in the first quarter of calendar year 2021. […]
The Department of Homeland Security’s (DHS) effort to consolidate its network and security operations centers into a Network Operations Security Center (NOSC) model will improve the agency’s continuity of operations efforts, CIO Karen Evans said today. […]
The new cybersecurity standard for contractors in the Department of Defense’s (DoD) supply chain ecosystem is soon to have regulatory backing, according to Katie Arrington, CISO for Acquisition and Sustainment at the DoD. […]
Assessing the current threat landscape six months into the COVID-19 pandemic, Director of the Cybersecurity and Infrastructure Security Agency Christopher Krebs listed nation-state spies, cybercriminals committing fraud, and the spread of disinformation as top cyberattack vectors. […]
Deputy Federal CIO Maria Roat asserted at the Billington Cybersecurity Summit that the Federal government is using a DevSecOps approach to integrate security into every aspect of modernization, but she insisted that the workforce must be cyber ready to be entirely secure. […]