A Cybersecurity Infrastructure and Security Agency (CISA) interagency workgroup – focused at least in part on supply chain and control systems security issues – aims to have an executive committee meeting early next year to discuss cybersecurity challenges in both the public and private sectors. […]
The Brennan Center for Justice argued in a Nov. 12 report that the Federal government needs to hold election technology vendors to higher cybersecurity standards in order to receive Federal certification. To that end, the Center offered up a new framework for oversight. […]
In a Nov. 7 letter, Sen. Ron Wyden, D-Ore., urged Secretary of Defense Mark Esper and National Security Agency (NSA) Director Gen. Paul Nakasone to conduct a cybersecurity audit of mobile voting app Voatz to “determine whether it can reliably protect the votes of U.S. servicemembers against foreign hacking.” […]
The U.S. Election Assistance Commission Office of the Inspector General (OIG) on Nov. 1 released an audit plan for $380 million grant funding appropriated in 2018, which includes audits of election security grant funds for six states. […]
A new study suggests that organizations should shift their cybersecurity focus to defending non-Windows infrastructure, such as Linux, while deemphasizing attribution of Advanced Persistent Threats (APTs) to any particular nation-state. […]
Sen. Jacky Rosen, D-Nev., announced Nov. 7 that she has joined the Senate Cybersecurity Caucus, a bipartisan group that is intended to “provide a platform for Senators and their staffs to stay informed on major policy issues and developments in cybersecurity.” […]
Marc Barrachin, managing director of New Product Development at S&P Global Market Intelligence, and Algirde Pipikaite, project lead of Industry Solutions at the Centre for Cybersecurity, World Economic Forum, renewed calls for a global standard for reporting cyberattacks in a Nov. 6 Harvard Busines Review article. […]
As the National Aeronautics and Space Administration (NASA) focuses on returning to the moon by 2024, cyber resiliency belongs in every step of the process, according to NASA CIO Renee Wynn. […]
Sen. Marco Rubio, R-Fla., told Defense Secretary Mark Esper in a Nov. 6 letter that the Defense Department (DoD) must act quickly to weed out Chinese-made surveillance gear in use at DoD facilities. […]
The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) today released its Cyber Essentials guide, which it describes as “a starting point for small businesses and government agencies to understand and address cybersecurity risk as they do other risks.” […]
A bill introduced in the House by Reps. Anna Eshoo, D-Calif., and Zoe Lofgren, D-Calif., on Nov. 5 – the Online Privacy Act of 2019 – would create new user private rights, place the onus on companies to protect user data they collect, and establish a new Federal agency to “enforce privacy protections, and strengthens enforcement of privacy law violations.” […]
The Federal government’s civilian, military, and intelligence agencies issued a statement Nov. 5 reiterating Federal support for election security at national, state, and local levels. […]
The National Association of State Chief Information Officers (NASCIO) endorsed S.?2749, the?DOTGOV?Act of 2019 on Nov. 4. The legislation, introduced by Sens. Gary Peters, D-Mich., and Ron Johnson, R-Wis., ranking member and chairman of the Senate Homeland Security and Governmental Affairs Committee, respectively, and Sens. Amy Klobuchar, D-Minn., and James Lankford, Okla., aims to “strengthen local government cybersecurity defenses by switching to the .gov domain for websites and email addresses.” […]
The Congressional Budget Office (CBO) reported on Oct. 31 that the Energy Cybersecurity Act of 2019 would cost $832 million to implement over the next 10 years, with $355 million of that spent during the first five years. […]
Defending Digital Campaigns (DDC), a new nonprofit dedicated to providing affordable cybersecurity products, services, and information, announced its first president, CEO, and board members on Oct. 31. […]
Senators and Federal government officials sparred over the country’s 5G-readiness and supply chain security at a hearing today of the Senate’s Homeland Security and Governmental Affairs Committee. […]
Several senators introduced legislation on Oct. 30 that aims to “strengthen local government cybersecurity defenses by switching to the .gov domain for websites and email addresses.” […]
In the last year, cybersecurity spending rose by 24 percent, but cyberattacks increased by 17 percent, according to a report from ServiceNow released Oct. 29. […]
The Pentagon’s award late last week of its ten-year Joint Enterprise Defense Initiative (JEDI) contract for general purpose cloud computing to Microsoft took center stage on Capitol Hill today at a Senate Armed Services Committee hearing to consider the nomination of Dana Deasy as the Defense Department’s (DoD) CIO. […]
The Continuous Diagnostics and Mitigation (CDM) program has an important role to play in protecting Federal systems, but the adoption process can be downright scary for some agencies. On Halloween, MeriTalk will host a webinar to dig through the skeletons and challenges in CDM’s closet, shine a flashlight on the success stories of the program, and ultimately help demystify the CDM program for vendors and agencies alike. […]
In a Friday letter to President Trump’s acting Chief of Staff Mick Mulvaney, Rep. Ted Lieu, D-Calif., demanded answers about recent departures from the administration of key Federal cybersecurity officials. […]
The Social Security Administration did not remediate multiple known vulnerabilities for over one year, according to a summary of a report from SSA’s inspector general, released October 24. […]
Rep. Mike Rogers, R-Ala., ranking member of the House Homeland Security Committee, announced updated Republican subcommittee assignments on Oct. 25. Among the changes, Rep. John Joyce, R-Pa., will join the Cybersecurity, Infrastructure Protection, and Innovation Subcommittee. […]
The National Institute of Standards and Technology (NIST) is tackling managed service provider (MSPs) cybersecurity by developing a customizable reference model that MSPs can adapt to fit their program needs. […]
The FBI released new election security resources as part of its Protected Voices initiative on Oct. 23. […]
A spotty risk management strategy, along with poor security control assessment procedures, are undermining the Federal Deposit Insurance Corporation (FDIC)’s ability to identify and detect network security threats, according to an FDIC Office of the Inspector General (OIG) report released on Oct. 23. […]
Federal agency CISOs obviously have a lot to do – like securing networks, for one – but they’re also busy “selling” cybersecurity within their agencies to leadership across the organization, a panel of Federal security chiefs explained Oct. 22 at the ACT-IAC Imagine Nation 2019 conference. […]
Sen. Edward Markey, D-Mass., and Rep. Ted Lieu, D-Calif., on Oct. 22 reintroduced legislation in the Senate and House aimed at creating a voluntary system to certify cybersecurity protections for internet of things (IoT) devices. […]
Reps. Robin Kelly, D-Ill., and Cathy McMorris, R-Wash., introduced the US SAFE WEB Extension Act on Oct. 22, which would enable the Federal Trade Commission (FTC) to protect Americans from fraud, spam, and deception online. […]
During a House Judiciary Committee hearing on securing elections, witnesses from law enforcement agencies were asked a litany of questions related to the security of U.S. elections for 2020, including what kind of new measures were being taken during this cycle. […]