On Monday, defense ministers from 25 European Union (EU) countries signed a military pact to create a joint electronic warfare capability project, among other initiatives. […]
The Global Cyber Alliance (GCA) on Monday released an interactive tool that consumers, businesses, and governments can use to “measure and quantify” the deployment of the Domain-based Message Authentication, Reporting & Conformance (DMARC) email security protocol. […]
Hackers with ties to the Russian government are using a spear-phishing campaign to impersonate Department of State employees, according to cybersecurity firms FireEye and CrowdStrike. […]
The Department of Homeland Security’s Science and Technology Directorate (S&T) on Friday announced that S&T and the Dutch government are each putting up $1.25 million to fund “collaborative cybersecurity research and development” across five U.S.-Dutch research teams. […]
In a letter released Thursday, Rep. Jerrold Nadler, D-N.Y., questioned the Trump administration’s commitment to election security and pressed administration officials to communicate more clearly with Congress about the issue. […]
The Office of Financial Research (OFR), which is an independent bureau within the Department of the Treasury, said in its 2018 Annual Report to Congress on Thursday that cybersecurity “a key risk” to U.S. financial stability. […]
Bulgarian police announced Nov. 8 that they have arrested Alexander Zhukov, a Russian national and suspected cybercriminal, on behalf of the United States. […]
Federal agencies need to get into second gear in their efforts to defend against insider threats, as outlined in the “Insider Threat Program Maturity Framework” released this month by the National Insider Threat Task Force (NITTF). Agencies must move past the minimum standards many have established and become more proactive in countering what the task force said is a dynamic threat that has moved beyond basic defenses, according to the framework. […]
The General Services Administration (GSA) announced Wednesday that the GSA Federal Acquisition Service (FAS) Information Technology Category (ITC), IT Schedule 70 program is restructuring its Highly Adaptive Cybersecurity Services (HACS) Special Item Numbers (SINs). […]
Cybersecurity industry leaders and former military cyber experts told the Senate Armed Services Committee on Wednesday that the Pentagon needs to adopt more commercial cybersecurity technology. […]
The State of North Carolina, Cisco and industry partners will work together to implement a cybersecurity training initiative for veterans in the state, as the state announced today. […]
Senior officials from the Departments of Defense (DoD) and Homeland Security (DHS) told House members on Wednesday that they are busy working out details of a recently finalized cybersecurity coordination agreement focused on improving Federal government cyber defenses generally, and specifically the cyber defenses of critical infrastructure components on which DoD facilities rely, among other areas. […]
Fraudsters are using the U.S. Postal Services’ (USPS’) Informed Delivery service to perpetrate a multitude of identity theft and credit card fraud schemes, according to an alert the Secret Service sent its law enforcement partners on Nov. 6. […]
The House late Tuesday approved long-pending legislation that authorizes the Department of Homeland Security to reorganize its existing National Protection and Programs Directorate (NPPD) in order to create a new component agency–the Cybersecurity and Infrastructure Security Agency–within DHS. […]
With a new session of Congress–and a power shift in the House–looming in January, big tech companies are looking toward 2019 and possible new privacy legislation that will alter the shape of their business models. […]
In a report released today, the Government Accountability Office (GAO) said the Office of Personnel Management (OPM) has yet to implement a full one-third of GAO’s information security recommendations issued to OPM in recent years. […]
Two House subcommittees will convene a hearing tomorrow, Nov. 14, at 3 p.m., to hear officials from the Departments of Defense (DoD) and Homeland Security (DHS) discuss how the two agencies cooperate on cybersecurity issues. […]
The ability of adversaries to attack in cyberspace with low consequence creates the need to impose friction and leads to the tenants of defending forward and continuous engagement with adversaries in cyberspace espoused in the National Cyber Strategy and the Department of Defense (DoD) Cyber Strategy, said Rob Joyce, senior adviser for cybersecurity strategy to the Director of the National Security Agency (NSA). […]
The United States, Russia, and China did not sign the Paris Call for Trust and Security in Cyberspace, a global cyber pact, released Tuesday at Paris Peace Forum by French President Emmanuel Macron. […]
The National Science Foundation, on behalf of the interagency Networking and Information Technology Research and Development National Coordination Office, is looking to update its Cybersecurity Research and Development plan, last published in 2016. […]
A new report released today from One Identity found that Federal agencies lack basic elements of cyber hygiene. The study, conducted by Dimensional Research and sponsored by identity and access management (IAM) solutions provider One Identity found that “while agency leaders recognize IAM’s importance, the majority of agencies have yet to fully adopt recommended guidelines into their cybersecurity program and some even feel their current approach distracts from agency missions.” […]
As Federal agencies seek to incorporate an application programming interface (API) strategy into their IT modernization initiatives, a word of caution: make sure you have API-specific security integrated into your IT infrastructure. […]
The Aspen Cybersecurity Group (ACG), which was formed last year by the Aspen Institute think tank to “translate pressing cybersecurity conversations into action,” has issued several policy recommendations to bolster the security of internet of things (IoT) devices including suggesting that device manufacturers invest more in building in better security, and that manufacturers be held accountable for the security of devices that they make. […]
The North Korean hackers known as Lazarus Group are now stealing from ATMs to the tune of tens of millions of dollars, according to research Symantec released Thursday. […]
Synack, a crowdsourced security testing firm, announced Thursday the launch of its Synack Veterans Cyber Program which will “recruit, empower, and deploy veterans in the cybersecurity industry.” […]
The Global Commission on the Stability of Cyberspace (GCSC)–a group formed last year to promote international stability by developing policy proposals and norms to guide responsible state and non-state behavior in cyberspace–on Thursday issued a set of six global norms that the group hopes will promote “the peaceful use of cyberspace.” […]
Following President Trump’s proclamation of November as National Critical Infrastructure Security and Resilience Month, Secretary of Homeland Security Kirstjen M. Nielsen released a statement on Wednesday saying she and DHS are “committed to strengthening our efforts to protect and secure the infrastructure on which Americans rely, in close partnership with other Federal agencies, state, local, territorial and tribal governments, and the private sector.” […]
The National Cybersecurity Center of Excellence (NCCoE), a partnership of the National Institute of Standards and Technology (NIST) and the state of Maryland, is seeking public comment by Dec. 6 on a draft report (NISTIR 8219) detailing cybersecurity guidance aimed at the manufacturing sector that employs industrial control systems to monitor and control physical processes. […]
A report from the Carnegie Endowment for International Peace released Wednesday found that “harnessing the full potential of cyber insurance will be imperative for preventing systemic cyber incidents of concern for governments and the private sector alike.” […]
The Department of Homeland Security (DHS) Science and Technology Directorate (S&T) announced today that it issued $1,272,320 of funding awards to develop new solutions to “improve the capability of organizations to understand and improve their cybersecurity control investment decisions.” The funding will be split between University of California, San Diego and University of Illinois, Chicago. […]