Successfully implementing DevOps methodology requires a maturation process and cultural shift for organizations, experts from the Office of Management and Budget (OMB), Internal Revenue Service (IRS), and Department of Homeland Security (DHS) advised today. […]
The National Security Agency (NSA) and the Trusted Computing Group (TCG) industry consortium have come up with validation software that can be used with any device and could go a long way to securing the supply chain for computing devices. […]
Michigan Attorney General Dana Nessel warned Michiganders today that the information of 600,000 of the state’s citizens may have been compromised in a ransomware-caused data breach. […]
Rep. Brian Fitzpatrick , R-Pa., on March 7 introduced H.R. 1612, dubbed the “Nonpartisan Bill For The People.” The legislation is the GOP’s answer to the Democrat-backed H.R. 1, which cleared the House last week. Both bills include measures to increase voter participation and election security, among other election-related measures. The House bill does not currently have a companion bill in the Senate. The GOP-backed House bill includes measures to: […]
Jackson County, Ga., paid cybercriminals $400,000 to remove ransomware that infected its IT systems. The ransomware, known as Ryuk Ransomware, hit the county on March 1 and impacted multiple county agencies, including the Sheriff’s Office. […]
Government-wide security clearance processes, and the half million-plus backlog in the clearance applications pipeline, made the Government Accountability Office’s (GAO) High-Risk report last week as a contributing factor to the larger problem of ensuring IT security, generally. […]
Even though the broad category of U.S. cybersecurity has spent more than ten years on the Government Accountability Office’s (GAO) High-Risk List, it appears there’s still plenty of work to be done in improving cyber defense, according to GAO’s update to the list issued earlier this week. […]
The House passed the For the People Act, or H.R. 1, on Friday with a party-line vote of 234-193. […]
Software-maker trade group BSA sent a letter to leaders of the House and Senate Armed Services Committees on Thursday urging modernization of the Department of Defense’s (DoD) supply chain security and software acquisition approach in the FY 2020 National Defense Authorization Act. […]
Sens. Ron Wyden, D-Ore, Martin Heinrich, D-N.M., and Kamala Harris, D-Calif., wrote Dan Coats, director of National Intelligence, on Monday urging him to declassify information regarding China’s attempts to influence U.S. elections. […]
In a survey released today, Tripwire found that security professionals believe their teams are understaffed and that skilled cybersecurity workers are harder to find. […]
The Cybersecurity Tech Accord announced yesterday that it has added 11 new companies to its pledge, bringing its total to 90 signatories. AnchorFree, Domain Tools, Flowmon Networks, MarkMonitor, NTT, Paladion, Percipiet.ai, Silent Breach, Tanium, Telecom Italia, and Unisys all signed on and pledged to “defend customers everywhere from malicious attacks by cybercriminal enterprises and nation-states.” […]
As mobile security threats continue to grow, an increasing share of companies are knowingly and willingly sacrificing security for profit and expediency, according to Verizon’s 2019 Mobile Security Index. […]
In a letter dated Feb. 27, Sens. Mark Warner, D-Va., and Marco Rubio, R-Fla., requested Dan Coats, director of National Intelligence, produce “an unclassified report on the participation of China and other adversarial nations in the international standard setting bodies (ISSBs) for fifth-generation wireless telecommunications technologies (5G).” […]
The United States Transportation Command (USTRANSCOM) is working to improve cybersecurity infrastructures to prevent breaches of industry partners, like those of USTRANSCOM contractors that began June 1, 2012 and resulted in 20 successful intrusions over a period of 12 months by Chinese hackers. […]
A survey released today by IT management software firm SolarWinds finds that Federal IT professionals view unintentional insider threat as the most significant source of security threats. […]
Information systems trade group ISACA released results of a survey today that finds 70 percent of cybersecurity managers and practitioners believe that their organizations’ cybersecurity teams are understaffed. […]
The Congressional Budget Office (CBO), in a report released Friday, pegged the cost of H.R. 1–the For the People Act of 2019–at $2.6 billion over the next five years, with $1.5 billion of that going for states and counties to purchase new voting technology. […]
During a meeting with reporters, Federal CIO Suzette Kent highlighted the successes of the Federal Cyber Reskilling Academy so far, and raised the potential of expanding the program in the future. […]
A bipartisan group of senators reintroduced legislation on March 1 intended to ensure that public companies are prioritizing cybersecurity and data privacy. […]
The Federal Cyber Reskilling Academy is on the verge of selecting its first cohort, according to a tweet from Federal CIO Suzette Kent. […]
IT security technology provider Webroot said in a recently issued threat report document that the United States in 2018 led the rest of the world by a wide margin in hosting what the firm classifies as “high-risk URLs.” […]
Credit rating agency Moody’s said in a report issued today that it considers banks, securities firms, financial market infrastructure, and hospitals at “high risk,” from a ratings perspective, due to their exposure to the impacts of cyberattacks. […]
If you’re just regular people, the answer is probably not. […]
The White House’s new National Strategy for Aviation Security calls attention to a rising concern in aviation safety: the potential for cyberattacks on aircraft, a prospect that might just be as scary as it sounds. […]
Senior Defense Department officials told House members on Tuesday they are taking additional steps to boost cybersecurity workforce ranks at the Pentagon through means including the Cyber Excepted Service (CES) personnel system authorized in 2016 that allows DoD to expedite and simplify recruiting and hiring for civilian cyber professionals. […]
While much of the country was focused today on the testimony of Michael Cohen–President Trump’s former lawyer–before the House Committee on Oversight and Reform, elsewhere on the Hill the House Committee on Appropriations Financial Services and General Government Subcommittee was hearing testimony on election security. […]
With growing interest in cloud, mobility, and zero-trust technology, industry leaders in the identity credential access and management (ICAM) space are seeing a divergence between the existing policy of Common Access Card (CAC) and personal identity verification (PIV) cards, and new technology. […]
Most private and public sector CIOs have, are, or will be increasing their spending on cybersecurity and automation software deployments, according to a survey released today by Grant Thornton and the TBM Council. […]
Palo Alto Networks’ Unit 42 researchers announced on Friday that they have identified a spear phishing campaign from November 2018 that is targeting U.S. national security think tanks and academic institutions. Research indicates that the “threat actor might have interests in gathering intelligence related to not only North Korea, but possibly wider in the Northeast Asia region.” […]