The Federal District Court for the Northern District of Ohio announced lengthy U.S. prison sentences for two Romanian nationals for their roles in infecting more than 400,000 computers with malware in order to steal and resell data resulting in financial losses of about $4 million. […]

While figures vary across industry and government as to the size of the “phishing-prone” population in any organization, both sides agree that sustained internal employee training efforts are necessary to cut the success rate of spear-phishing exploits down to more manageable levels. […]

map global connected network world globe-min
cyber workforce
Cybersecurity cyber

The Office of Management and Budget (OMB) released draft guidance for Federal agencies on vulnerability disclosure that would require clear vulnerability disclosure policies and create a Federal-wide strategy for implementation. […]

Department of Commerce

The Department of Commerce released a draft regulation for a case-by-case process of banning Americans from buying IT equipment from companies controlled by foreign interests, a power granted by May’s executive order on supply chain security. […]

Department of Homeland Security DHS

The Cybersecurity and Infrastructure Security Agency (CISA) released a draft version of Binding Operational Directive (BOD) 20-01, which would require Federal agencies to establish a vulnerability disclosure policy for internet-connected systems. […]

USPS Postal Service

The United States Post Office’s (USPS) Office of the Inspector General (OIG) Semiannual Report to Congress lists infrastructure modernization, IT, and cybersecurity as some of the agency’s most critical management challenges. […]

cybersecurity chip AI
.gov website cybersecurity government
elections, voting, election security, midterms

The Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) announced Nov. 21 that it is developing and piloting a new open-source post-election auditing tool for use in the 2020 elections. […]

jeanette manfra dhs nppd oc&c assistant secretary

With election security firmly in place as the popular policy de jour on Capitol Hill in the ramp-up to the 2020 election cycle, House members from both sides of the aisle voiced support at a Nov. 19 hearing for more focus on cyberattacks targeting election infrastructure, with a particular focus on ransomware exploits. […]

An annual report issued by the Department of Homeland Security’s (DHS) Office of Inspector General (OIG) flags leadership stability and cybersecurity issues among the “most serious management and performance challenges” facing the agency currently. […]

cybersecurity
cybersecurity chip AI
Cybersecurity cyber

Rep. Bennie Thompson, D-Miss., chairman of the House Homeland Security Committee, suggested on Nov. 14 that Congress and the Trump administration could get more done to improve Federal cybersecurity if more agencies critical to that effort were headed by Senate-confirmed secretaries, rather than acting secretaries. […]

CDM Central - CDM Keynote - Kevin Cox

Kevin Cox, program manager for the Department of Homeland Security’s (DHS) Continuous Diagnostics and Mitigation (CDM) program, today discussed the program’s progress in generating AWARE (Agency-Wide Adaptive Risk Enumeration) algorithm scores for Federal agencies to track relative security status, and about how the program plans to refine the scoring process in the future. […]

NASA

The National Aeronautics and Space Administration (NASA) is a target for cybercriminals, but the agency is failing to adequately protect itself, according to a Nov. 13 report by the NASA Office of the Inspector General (OIG). […]

The Senate Commerce, Science, and Transportation Committee approved by voice vote today the Harvesting American Cybersecurity Knowledge through Education Act (HACKED Act) (S 2775), which aims to boost the Federal cybersecurity workforce with new guidelines for agencies, clearer career paths for the workforce, and improved coordination between agencies. […]

Cyber workforce

A Cybersecurity Infrastructure and Security Agency (CISA) interagency workgroup – focused at least in part on supply chain and control systems security issues – aims to have an executive committee meeting early next year to discuss cybersecurity challenges in both the public and private sectors. […]

Categories