Employees who stop working before their termination date or take vacation days prior to their separation date can bring risk to an agency if their access to agency systems isn’t removed in a timely manner, according to a report from the Tennessee Valley Authority’s (TVA’s) inspector general, released September 11. […]
The U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) announced sanctions today that will target “three North Korean state-sponsored malicious cyber groups responsible for North Korea’s malicious cyber activity on critical infrastructure.” […]
The Office of Management and Budget (OMB) has finalized its update to the Trusted Internet Connections (TIC) initiative in a memo released today. The final version of the policy opens the door for new approaches to network security, and retains most elements of the draft framework released in December 2018. […]
The Justice Department (DoJ) late last week warned individuals to be vigilant for malicious cyber activity and scammers who may target Hurricane Dorian disaster victims and donors. […]
In defending the integrity of election security for 2018, U.S. Cyber Command used 2016 as a framework to thoroughly understand adversaries in the cyber domain. […]
Maj. Gen. Marine Gen. Dennis Crall, the Defense Department (DoD) deputy principal cyber advisor and senior military cyber policy advisor, outlined the pillars and priorities of DoD’s cyber strategy at the Billington Cybersecurity Summit on Sept. 5. […]
The United States continues efforts to improve election security and cybersecurity posture, but adversarial threats are still present and evolving, experts agree. […]
Kevin Cox, program manager for the Department of Homeland Security’s (DHS) Continuous Diagnostics and Mitigation (CDM) program, today detailed several priorities for the program office in FY2020 that begins next month. Those include focus on the Agency-Wide Adaptive Risk Enumeration (AWARE) algorithm, the new dashboard ecosystem, enterprise mobility management, cloud security, and protection of high-value assets. […]
Grant Schneider, the Federal government’s chief information security officer, said the Office of Management and Budget (OMB) is aiming to provide “maximum support” to Federal agencies as they work to improve network security. […]
Maj. Gen. Timothy D. Haugh is the new commander of the Twenty-Fifth Air Force, taking over for Maj. Gen. Mary F. O’Brien. […]
The National Institute of Standards and Technology (NIST) has released draft two of Special Publication (SP) 800-160 Volume 2: Developing Cyber Resilient Systems. NIST Is seeking public comments on the draft through Nov. 1. […]
The Social Security Administration (SSA) had multiple weaknesses in its cloud environment and policies as of September 2018, an August 29 summary by SSA’s inspector general said. […]
North Atlantic Treaty Organization (NATO) Secretary General Jens Stolenberg announced that NATO is taking a collective defense approach to cybersecurity, including the creation of a new cyber operations center for the organization. […]
Rep. John Katko, R-N.Y., introduced the State and Local Government Cybersecurity Improvement Act on Aug. 30 to help state and local governments combat cyberattacks. The legislation comes in the wake of increasing ransomware attacks targeting state and local governments, including Katko’s own state. […]
Running a customer-facing business with monetary transactions is stressful enough without the stress of threat actors E-Skimming by hacking your business networks system. […]
In response to recent cyberattacks against local governments in Texas and Louisiana, U.S. National Guard cyber response teams have been called in to help get the governments back online. […]
About two-thirds of 2019 ransomware attacks in America have targeted state and local governments, according to an Aug. 28 report published by Barracuda Networks, a cybersecurity group. […]
The U.S. Army announced Aug. 27 that effective Sept. 9 soldiers willing to reenlist in the Army’s “most in-demand” careers can receive up to $81,000 in lump-sum bonuses. […]
The Department of Homeland Security Science and Technology Directorate (S&T) released a study today that reveals how integrating enterprise mobility management (EMM) capabilities with mobile app vetting tools can improve mobile device security. […]
Election security and voting rights groups wrote to two House and Senate committees in an Aug. 26 letter requesting that they hold hearings on voting machine security. […]
The Department of Homeland Security (DHS) is creating a standing form to allow industry, academia, and other private sector entities to report vulnerabilities on its networks, an upcoming Federal Register post says. […]
The Department of Homeland Security (DHS) is taking a cross-component agency approach in securing DHS’ 17 Security Operations Centers (SOCs), DHS CIO John Zangardi explained in an interview with GovernmentCIO released this week. […]
Chief of Naval Operations Admiral Mike Gilday, in an Aug. 19 message to the fleet, pledged to prioritize both readiness modernization and people during his tenure. […]
The General Services Administration released a draft catalog of identity and credential access management (ICAM) solutions on August 26, as part of the Office of Management and Budget’s (OMB’s) updated ICAM policy for agencies. […]
MeriTalk sat down in June with Kevin Cox, Program Manager for the Department of Homeland Security’s Continuous Diagnostics and Mitigation (CDM) Program, to get the latest on program priorities for the coming months and beyond. […]
The Department of Health and Human Services’ (HHS) Office of Inspector General (OIG) identified an uptick in security gaps in the Centers for Medicare & Medicaid Services’ (CMS) Medicare administrative contractors (MACs) information security programs in fiscal year 2018, according to an OIG report released Aug. 23. […]
Sens. Edward Markey, D-Mass., and Richard Blumenthal, D-Conn., are asking the National Highway Traffic Safety Administration (NHTSA) about what the senators called a lack of public disclosure about cyber vulnerabilities in internet-connected vehicles, and suggested that the government may want to consider taking “possible regulatory action” to remedy that lack of public information. […]
An ISACA white paper released this month outlines recommended guidance for organizations to better manage third-party vendor risk across their enterprises. […]
Ahead of the G7 Summit in France set for Aug. 24-26, a collection of tech-sector trade groups penned a letter urging G7 leaders to consider a range of recommendations on global technology issues including digital trade, cross-border data flows, tax policy, data privacy, cybersecurity, encryption, and artificial intelligence (AI) technologies. […]
Christopher Krebs, director of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), today unveiled his “strategic intent” for the agency, which include CISA’s guiding principles and goal of building a collaborative cybersecurity environment in America. […]