The Office of Personnel Management (OPM) will increase the authority CIOs have over direct hiring decisions, according to a post on Federal Register. […]
The Federal Bureau of Investigation’s (FBI) Cyber Guardian program, which provides cyber-attack victim notification services, is operating with “incomplete and unreliable” data, and as a result the FBI is unable to determine whether all such victims are being notified, according to a report released April 1 by the Justice Department’s Office of Inspector General. […]
The General Services Administration (GSA) announced today that it has modernized the Highly Adaptive Cybersecurity Services (HACS) Special Item Number (SIN) to include additional cybersecurity services. […]
According to a new survey by the International Information System Security Certification Consortium (ISC)², women make up about 24 percent of the U.S. cybersecurity workforce currently, as measured among cybersecurity workforce and IT professionals who spend at least 25 percent of their time on security work. […]
The city of Albany, N.Y., confirmed on March 30 that it was hit by a ransomware attack that affected municipal government computers. […]
Chairman of the Committee on Homeland Security, Representative Bennie Thompson, D-Miss., sent a letter to Acting Federal Emergency Management Agency (FEMA) Administrator Peter Gaynor last week to address the sensitive personal data of hurricane and wildfire survivors that was mistakenly shared with contractors. […]
A survey released by cybersecurity technology provider Venafi of 517 IT security professionals finds that 73 percent of those believe that countries with government-mandated encryption backdoors are more susceptible to nation-state attacks. “This is not rocket science; backdoors inevitably create vulnerabilities that can be exploited by malicious actors,” said Kevin Bocek, a vice president at […]
The Federal Trade Commission (FTC) announced Wednesday that Office Depot agreed to pay $25 million to settle allegations that the company “tricked customers into buying millions of dollars’ worth of computer repair and technical services by deceptively claiming their software had found malware symptoms on the customers’ computers.” Support.com, Office Depots’ software supplier, agreed to pay $10 million to settle the same allegations. […]
Women make up less than a quarter of the cybersecurity workforce and while efforts are underway to boost that number, success has been limited. New America, a non-partisan think tank, released a report on Thursday detailing the current status of women in the cyber workforce, efforts to increase the number of women in the field, and steps that can be taken to improve hiring and retention across the industry. […]
In a report released Wednesday, Kaspersky Lab found that malicious activity targeting industrial control systems (ICS) impacted nearly half (47.2 percent) of all computers under its protection in 2018, up from 44 percent in 2017. […]
On Tuesday and Wednesday of this week, the European Union Agency for Law Enforcement Cooperation, better known as Europol, met with the European Cybercrime Centre Advisory Groups on Financial Services, Internet Security and Communication Providers to discuss phishing attacks and how to fight and prevent them. […]
President Trump on March 26 said he was extending by one year–to April 2020–the national emergency regarding cybersecurity threats that was declared by President Obama in 2015 under Executive Order 13694, and amended in 2016 by Executive Order 13757. […]
Congress must take action to ensure that consumer data is being adequately protected at consumer reporting agencies (CRAs), witnesses said at Tuesday’s House Committee on Oversight and Reform Subcommittee on Economic and Consumer Policy hearing. […]
In one of many budget hearings taking place on the Hill this week, the House Appropriations Subcommittee on Financial Services and General Government heard from Russell T. Vought, acting director of the Office of Management and Budget (OMB) regarding the agency’s FY2020 budget request. While the bulk of the hearing didn’t address IT issues, Vought did touch on IT spending, IT modernization, and the President’s Management Agenda (PMA). […]
Ransomware strain LockerGoga has struck two U.S.-based companies in recent days. On March 22, Hexion, a provider of thermoset resins, and Momentive, a provider of silicones and advanced materials, both announced they were the victims of a ransomware attack, which experts believe is the LockerGoga strain. […]
Norwich University Applied Research Institutes (NUARI) has been awarded $5.9 million by the Department of Homeland Security’s (DHS) Science and Technology Directorate (S&T) to expand its Distributed Environment for Critical Infrastructure Decision-Making Exercises (DECIDE) cyber-training platform. […]
The Department of Homeland Security (DHS) issued an alert last week after it was discovered that as many as 750,000 medical heart devices contain critical cybersecurity vulnerabilities. […]
Two men were found guilty on Wednesday of charges related to an international cyber fraud scheme. […]
At the quarterly meeting of the National Institute of Standards and Technology’s (NIST) Information Security and Privacy Advisory Board, researchers said that NIST was working on a new effort to emphasize secure software development on its Cybersecurity Framework. […]
Forcepoint announced Wednesday that the Federal Bureau of Investigation awarded it a 5-year Blanket Purchase Agreement (BPA) worth $23.5 million. […]
The National Security Agency is broadening the menu of technologies it wants to help the private sector develop. […]
Norsk Hydro, an aluminum producer based in Norway, was hit hard by a ransomware attack on Tuesday. […]
The Office of Management and Budget (OMB) said today that cybersecurity-related spending is due to rise by five percent in FY2020 on a government-wide basis under President Trump’s FY2020 budget proposal. […]
The Office of Inspector General (OIG) Export-Import Bank ((EXIM Bank) of the United States released KPMG’s independent audit report on EXIM Bank’s information security program for FY2018 on March 13. In the report, KPMG, a public accounting firm, provided 14 recommendations that “should strengthen…EXIM’s information security program.” […]
D.C. Metro is planning to hack cybersecurity systems over the next few months, but not to worry–they’re hacking their own 7000 Series railcars to determine whether missing cybersecurity measures in the railcar contract left Metro data exposed. […]
Officials from various Federal agencies are focusing on data-driven approaches, utilizing blockchain, and business-focused functions to brace for a digital future. […]
The Cyber Diplomacy Act, H.R. 739, was scored by the Congressional Budget Office (CBO) on Wednesday and the CBO found it would not have a material impact on government spending. […]
Two members of the House Armed Services Committee said at a hearing on Wednesday they support continuation of the “dual-hat” command structure which finds Gen. Paul Nakasone heading both U.S. Cyber Command and the National Security Agency. […]
Sens. Ron Wyden, D-Ore., and Tom Cotton, R-Ark., asked the Senate Sergeant at Arms in a March 13 letter to disclose to each member of the Senate “the extent of the cyber threats faced by the U.S. Senate–and by extension, our democracy,” and said disclosure of that information was “imperative in order to help the U.S. Senate address important cyber-security needs.” […]
The Director of National Intelligence has announced the appointment of Erin Joe as director of the Cyber Threat Intelligence Integration Center (CTIIC), which as its name suggests integrates cyber threat data from government and other sources, facilitates threat-data sharing and supports government interagency planning of responses to adversaries. […]