The Federal District Court for the Northern District of Ohio announced lengthy U.S. prison sentences for two Romanian nationals for their roles in infecting more than 400,000 computers with malware in order to steal and resell data resulting in financial losses of about $4 million. […]
While figures vary across industry and government as to the size of the “phishing-prone” population in any organization, both sides agree that sustained internal employee training efforts are necessary to cut the success rate of spear-phishing exploits down to more manageable levels. […]
New research shows that email is still a weak link in U.S. election infrastructure, with only five percent of the nation’s largest counties protecting election officials from impersonation attempts. […]
The Cybersecurity Tech Accord (CTA), an international, industry-led effort by technology and security companies to combat cyberattacks, today announced a new contest to improve internet cybersecurity. […]
U.S. Election Assistance Commissioner Thomas Hicks said on Dec. 3 that election security in the U.S. is “light years” ahead of where it was in 2016, but also emphasized there’s plenty more to do to ensure good security for the 2020 election cycle. […]
The Department of Homeland Security (DHS) is seeking feedback on program objectives for implementation of a new cybersecurity-focused personnel system. […]
The U.S. Department of Education is investigating whether the University of Maryland and the Massachusetts Institute of Technology (MIT) properly reported contracts from foreign governments and IT-related companies. […]
The Office of Management and Budget (OMB) released draft guidance for Federal agencies on vulnerability disclosure that would require clear vulnerability disclosure policies and create a Federal-wide strategy for implementation. […]
The Department of Commerce released a draft regulation for a case-by-case process of banning Americans from buying IT equipment from companies controlled by foreign interests, a power granted by May’s executive order on supply chain security. […]
The Cybersecurity and Infrastructure Security Agency (CISA) released a draft version of Binding Operational Directive (BOD) 20-01, which would require Federal agencies to establish a vulnerability disclosure policy for internet-connected systems. […]
The United States Post Office’s (USPS) Office of the Inspector General (OIG) Semiannual Report to Congress lists infrastructure modernization, IT, and cybersecurity as some of the agency’s most critical management challenges. […]
Phishing activity increased 400 percent as consumers began their holiday shopping over the first two week of November, according to a new report by Zscaler. […]
The Congressional Budget Office estimated in a Nov. 21 report that the DOTGOV Online Trust in Government Act would cost very little to implement. […]
The Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) announced Nov. 21 that it is developing and piloting a new open-source post-election auditing tool for use in the 2020 elections. […]
The Network Security Information Sharing Act of 2019 cleared the House Energy and Commerce Committee via a voice vote on Nov. 20. […]
An Office of the Inspector General (OIG) report cites prosecuting cybercrime in the age of encryption, maintaining election security, and protecting its own IT systems as areas of top management and performance challenges facing the Department of Justice (DOJ). […]
Jeanette Manfra, assistant director for cybersecurity at the Cybersecurity and Infrastructure Security Agency (CISA), is leaving CISA at the end of the year, an agency official confirmed to MeriTalk. […]
With election security firmly in place as the popular policy de jour on Capitol Hill in the ramp-up to the 2020 election cycle, House members from both sides of the aisle voiced support at a Nov. 19 hearing for more focus on cyberattacks targeting election infrastructure, with a particular focus on ransomware exploits. […]
An annual report issued by the Department of Homeland Security’s (DHS) Office of Inspector General (OIG) flags leadership stability and cybersecurity issues among the “most serious management and performance challenges” facing the agency currently. […]
To improve the future of cybersecurity posture for the United States, experts agree that improving on basic security measures and shifting culture to compete with industry in the workforce are essential elements. […]
The House Science Committee voted to approve H.R. 4990, the Election Technology Research Act of 2019, on Nov. 14. […]
Rep. Jim Langevin, D-R.I., a co-chair of the House Cybersecurity Caucus and one of the few widely acknowledged experts in Congress on cybersecurity, said on Nov. 14 that a lack of data “baselines” on security issues continues to hamper efforts in Congress – and the nation as a whole – to improve security. […]
Rep. Bennie Thompson, D-Miss., chairman of the House Homeland Security Committee, suggested on Nov. 14 that Congress and the Trump administration could get more done to improve Federal cybersecurity if more agencies critical to that effort were headed by Senate-confirmed secretaries, rather than acting secretaries. […]
Kevin Cox, program manager for the Department of Homeland Security’s (DHS) Continuous Diagnostics and Mitigation (CDM) program, today discussed the program’s progress in generating AWARE (Agency-Wide Adaptive Risk Enumeration) algorithm scores for Federal agencies to track relative security status, and about how the program plans to refine the scoring process in the future. […]
The National Aeronautics and Space Administration (NASA) is a target for cybercriminals, but the agency is failing to adequately protect itself, according to a Nov. 13 report by the NASA Office of the Inspector General (OIG). […]
The Senate Commerce, Science, and Transportation Committee approved by voice vote today the Harvesting American Cybersecurity Knowledge through Education Act (HACKED Act) (S 2775), which aims to boost the Federal cybersecurity workforce with new guidelines for agencies, clearer career paths for the workforce, and improved coordination between agencies. […]
A bill introduced by Rep. Mikie Sherrill, D-N.J., on Nov. 8 would establish a new Center of Excellence (CoE) and fund elections systems research at the National Institute of Standards and Technology (NIST) and the National Science Foundation (NSF). […]
Election security will remain an operational priority for the Cybersecurity Infrastructure and Security Agency (CISA) “for the foreseeable future,” a CISA official said at a Nov. 12 event. […]
A Cybersecurity Infrastructure and Security Agency (CISA) interagency workgroup – focused at least in part on supply chain and control systems security issues – aims to have an executive committee meeting early next year to discuss cybersecurity challenges in both the public and private sectors. […]
The Brennan Center for Justice argued in a Nov. 12 report that the Federal government needs to hold election technology vendors to higher cybersecurity standards in order to receive Federal certification. To that end, the Center offered up a new framework for oversight. […]