The CyberPeace Institute, an independent non-governmental organization (NGO), launched Sept. 26 with the mission to “assist vulnerable communities, promote transparency, and advance global discussions on acceptable behavior in cyberspace.” […]
The Federal Deposit Insurance Corporation (FDIC) took quick action to secure Domain Name System (DNS) services on its websites, meeting the deadlines set out in Emergency Directive 19-01, according to an audit conducted by FDIC’s inspector general and released September 24. […]
A bill that would amend the Federal Power Act to bolster the defense of the U.S. electric grid was introduced to the U.S. Senate on Sept. 26. […]
The Government Accountability Office (GAO) identified in a new report several cybersecurity risks to the U.S. electric grid and called upon the Department of Energy (DoE) to develop an improved Federal strategy to protect against cyber threats to the grid. […]
The House Homeland Security Committee approved legislation on Sept. 25 a cyber committee within the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA). […]
The Senate on Sept. 24 passed a bill that would increase the Federal government’s ability to respond to and aid government agencies and private-sector companies that are involved in major cyber incidents. […]
Through the adoption of modern security technologies, Federal agencies are adopting security solutions that map to a Zero Trust architecture, even if the agency isn’t yet ready to pursue a full Zero Trust model, according to new research from MeriTalk. […]
Rep. Patrick McHenry, R-N.C., on Sept. 24 introduced H.R. 4458, the Cybersecurity and Financial System Resilience Act of 2019, to combat cybersecurity threats facing the Federal Reserve System. […]
The National Institute of Standards and Technology (NIST) and its National Cybersecurity Center of Excellence (NCCoE) have released a draft cybersecurity guide for energy sector asset management. NCCoE is seeking comments on the draft through Nov. 25. […]
Amidst the United Nations (UN) General Assembly, the United States and 26 other countries released a joint statement on advancing responsible state behavior in cyberspace on Sept. 23. […]
A new report from the Federal Housing Finance Agency (FHFA) Office of Inspector General (OIG) finds that FHFA doesn’t have an agency-wide cybersecurity incident data analysis program based on a consistent data set, and that it lacks sufficient information to conduct trend or other time-series analyses for security purposes. […]
Microsoft announced Sept. 20 that it is extending free security support for Federally certified voting systems running Windows 7 through the 2020 election. Microsoft had previously announced it was ceasing to support Windows 7. […]
The National Institute of Standards and Technology (NIST), in collaboration with the Federal CIO Council’s architecture subgroup, released a draft report on zero-trust architectures and the use cases and deployment models where zero-trust can improve cybersecurity. […]
In the President’s Management Agenda (PMA), the Justice Department was tasked with combating cyber-enabled threats and attacks by “conducting 8,400 computer intrusion program deterrences, detections, disruptions, and dismantlements, while successfully resolving 90 percent of its cyber defendant cases.” According to a Q3 FY2019 update, the Justice Department has not only met its quarterly targets, but it has also exceeded them. […]
While the Department of Education is somewhat on track to meet its goal of improving student privacy and data security at institutions of higher education, it still has room to improve, according to an update to the Department of Education’s agency priority goals – part of the President’s Management Agenda (PMA) – released September 19. […]
In a panel at the Cybersecurity and Infrastructure Security Agency (CISA) Cybersecurity Summit today, House Committee on Homeland Security (CHS) Aide Moira Bergin stressed Chairman Bennie Thompson’s, D-Miss., desire to reestablish the White House cybersecurity advisor position. […]
The U.S. Department of Homeland Security’s (DHS Cybersecurity and Infrastructure Security Agency (CISA) released the Information and Communications Technology (ICT) Supply Chain Risk Management Task Force’s first interim report, which details the groups’ progress since its formation. […]
Sen. Mark Warner, D-Va., ranking member of the Senate Intelligence Committee, said today that the threat posed by Chinese government-supported network equipment makers including Huawei to the global 5G communications ecosystem is unprecedented. One solution to displace Huawei equipment from communications networks, the senator said, may be government-industry cooperation to make cheaper communications gear available to carriers. […]
Federal cyber officials from the Office of Management and Budget (OMB), National Institute of Standards and Technology (NIST), and the Cybersecurity of Infrastructure Security Agency (CISA) highlighted today that IT modernization and implementing OMB’s guidance are some of their biggest priorities. […]
As the 2020 election cycle revs up, Cybersecurity and Infrastructure Security Agency (CISA) Director Christopher Krebs said today that he believes new National Security Advisor Robert O’Brien will take security seriously and will allow CISA a great opportunity to continue improving cybersecurity efforts. […]
More than a year after the White House Cybersecurity Coordinator position was eliminated, Rep. Bennie G. Thompson, D-Miss., is urging the Trump administration to reestablish the role, according to a statement released Sept. 18. The recent push comes as President Trump named Robert O’Brien as his new National Security Advisor, following the resignation of John Bolton. […]
Federal cybersecurity officials spoke about the strategies they’re pursuing to address workforce issues within their agencies during a Sept. 18 Cybersecurity and Infrastructure Security Agency (CISA) Cybersecurity Summit panel. […]
A Social Security Administration (SSA) audit to determine the effectiveness of controls identifying potentially fraudulent Internet Claims (iClaims) found the controls to be “generally effective,” but also said that the number of undetected fraudulent iClaims is unknown. […]
The head of the Cybersecurity and Infrastructure Security Agency (CISA) said today that the spate of ransomware attacks that hit school systems in Texas and Louisiana over the past month “got pretty close” to qualifying as a “large-scale cyber event,” which he said begs the need to further develop Federal doctrine about how to respond to major events. […]
The Cybersecurity and Infrastructure Security Agency (CISA) announced the first-annual President’s Cup Cybersecurity Competition, an interagency effort to identify, challenge, and reward the “best personnel supporting cybersecurity and cyber excellence” in the government. […]
The Belfer Center for Science and International Affairs at Harvard Kennedy School announced today the appointment of directors for its cyber-related projects: Lauren Zabierek will run the Center’s Cyber Project; Maria Barsallo Lynch will head its Defending Digital Democracy Project; and Julia Voo will run its China Cyber Policy Initiative. […]
The Congressional Budget Office (CBO) said in a Sept. 13 report that implementing the Internet of Things (IoT) Cybersecurity Improvement Act of 2019 will cost $35 million over the 2019-2024 period, and an additional $11 million in 2020 to develop the IoT guidelines and standards mandated in the legislation. […]
Employees who stop working before their termination date or take vacation days prior to their separation date can bring risk to an agency if their access to agency systems isn’t removed in a timely manner, according to a report from the Tennessee Valley Authority’s (TVA’s) inspector general, released September 11. […]
The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced sanctions today that will target “three North Korean state-sponsored malicious cyber groups responsible for North Korea’s malicious cyber activity on critical infrastructure.” […]
The Office of Management and Budget (OMB) has finalized its update to the Trusted Internet Connections (TIC) initiative in a memo released today. The final version of the policy opens the door for new approaches to network security, and retains most elements of the draft framework released in December 2018. […]