The National Institute of Standards and Technology (NIST) has released draft two of Special Publication (SP) 800-160 Volume 2: Developing Cyber Resilient Systems. NIST Is seeking public comments on the draft through Nov. 1. […]
The Social Security Administration (SSA) had multiple weaknesses in its cloud environment and policies as of September 2018, an August 29 summary by SSA’s inspector general said. […]
North Atlantic Treaty Organization (NATO) Secretary General Jens Stolenberg announced that NATO is taking a collective defense approach to cybersecurity, including the creation of a new cyber operations center for the organization. […]
Rep. John Katko, R-N.Y., introduced the State and Local Government Cybersecurity Improvement Act on Aug. 30 to help state and local governments combat cyberattacks. The legislation comes in the wake of increasing ransomware attacks targeting state and local governments, including Katko’s own state. […]
Running a customer-facing business with monetary transactions is stressful enough without the stress of threat actors E-Skimming by hacking your business networks system. […]
In response to recent cyberattacks against local governments in Texas and Louisiana, U.S. National Guard cyber response teams have been called in to help get the governments back online. […]
About two-thirds of 2019 ransomware attacks in America have targeted state and local governments, according to an Aug. 28 report published by Barracuda Networks, a cybersecurity group. […]
The U.S. Army announced Aug. 27 that effective Sept. 9 soldiers willing to reenlist in the Army’s “most in-demand” careers can receive up to $81,000 in lump-sum bonuses. […]
The Department of Homeland Security Science and Technology Directorate (S&T) released a study today that reveals how integrating enterprise mobility management (EMM) capabilities with mobile app vetting tools can improve mobile device security. […]
Election security and voting rights groups wrote to two House and Senate committees in an Aug. 26 letter requesting that they hold hearings on voting machine security. […]
The Department of Homeland Security (DHS) is creating a standing form to allow industry, academia, and other private sector entities to report vulnerabilities on its networks, an upcoming Federal Register post says. […]
The Department of Homeland Security (DHS) is taking a cross-component agency approach in securing DHS’ 17 Security Operations Centers (SOCs), DHS CIO John Zangardi explained in an interview with GovernmentCIO released this week. […]
Chief of Naval Operations Admiral Mike Gilday, in an Aug. 19 message to the fleet, pledged to prioritize both readiness modernization and people during his tenure. […]
The General Services Administration released a draft catalog of identity and credential access management (ICAM) solutions on August 26, as part of the Office of Management and Budget’s (OMB’s) updated ICAM policy for agencies. […]
MeriTalk sat down in June with Kevin Cox, Program Manager for the Department of Homeland Security’s Continuous Diagnostics and Mitigation (CDM) Program, to get the latest on program priorities for the coming months and beyond. […]
The Department of Health and Human Services’ (HHS) Office of Inspector General (OIG) identified an uptick in security gaps in the Centers for Medicare & Medicaid Services’ (CMS) Medicare administrative contractors (MACs) information security programs in fiscal year 2018, according to an OIG report released Aug. 23. […]
Sens. Edward Markey, D-Mass., and Richard Blumenthal, D-Conn., are asking the National Highway Traffic Safety Administration (NHTSA) about what the senators called a lack of public disclosure about cyber vulnerabilities in internet-connected vehicles, and suggested that the government may want to consider taking “possible regulatory action” to remedy that lack of public information. […]
An ISACA white paper released this month outlines recommended guidance for organizations to better manage third-party vendor risk across their enterprises. […]
Ahead of the G7 Summit in France set for Aug. 24-26, a collection of tech-sector trade groups penned a letter urging G7 leaders to consider a range of recommendations on global technology issues including digital trade, cross-border data flows, tax policy, data privacy, cybersecurity, encryption, and artificial intelligence (AI) technologies. […]
Christopher Krebs, director of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), today unveiled his “strategic intent” for the agency, which include CISA’s guiding principles and goal of building a collaborative cybersecurity environment in America. […]
The Office of the Director of National Intelligence (ODNI) announced Aug. 21 the appointment of Benjamin Huebner as chief of the Office of Civil Liberties, Privacy, and Transparency. […]
Sen. Angus King, I-Maine, and Rep. Mike Gallagher, R-Wis., co-chairs the Cyberspace Solarium Commission, are seeking cyber professional expertise and input to help the commission tackle significant cybersecurity challenges that the United States and its allies face. […]
The Treasury Inspector General for Tax Administration (TIGTA) found that while IT risk management practices are improving for the Internal Revenue Service (IRS), mitigation documentation and oversight practices need to be improved. […]
The U.S. Chamber of Commerce and credit scoring company FICO released its Q2 Assessment of Business Cyber Risk (ABC) report on Aug. 19. […]
Rep. John Ratcliffe, R-Texas, confirmed to MeriTalk that he will reintroduce the Advancing Cybersecurity Continuing Diagnostics and Mitigation (CDM) Act. His office said to expect the bill “within the next month or so.” […]
The Commonwealth of Texas has earned the dubious honor of being the latest state or local government hit by a successful ransomware attack. The Texas Department of Information Resources (DIR) confirmed on Aug. 16 that at least 23 local government entities were hit by a “coordinated” ransomware attack. DIR said it will lead the cybersecurity response to the attack. […]
Researchers from Georgia Institute of Technology and Ohio State University, with National Science Foundation (NSF) funding, developed an automated system to vet cloud servers and software library systems to bolster mobile app security. […]
The Federal government saw a 12 percent reduction in cybersecurity incidents in fiscal year 2018, and no “major” cybersecurity incidents for the year, according to the Office of Management and Budget’s annual report on the Federal Information Security Modernization Act (FISMA). […]
A significant percentage of surveyed working adults do not grasp or implement basic cybersecurity concepts and practices, according to Proofpoint’s recently released 2018 User Risk Report. […]
While “large impactful [cyber] incidents” are on the rise, there are fewer “high-profile public disclosures,” according to a FireEye’s year’s M-Trends 2019 Report, which is based on FireEye Mandiant’s investigations of the most interesting and impactful cyberattacks of 2018. […]