Synack, a crowdsourced security testing firm, announced Thursday the launch of its Synack Veterans Cyber Program which will “recruit, empower, and deploy veterans in the cybersecurity industry.” […]
The Global Commission on the Stability of Cyberspace (GCSC)–a group formed last year to promote international stability by developing policy proposals and norms to guide responsible state and non-state behavior in cyberspace–on Thursday issued a set of six global norms that the group hopes will promote “the peaceful use of cyberspace.” […]
Following President Trump’s proclamation of November as National Critical Infrastructure Security and Resilience Month, Secretary of Homeland Security Kirstjen M. Nielsen released a statement on Wednesday saying she and DHS are “committed to strengthening our efforts to protect and secure the infrastructure on which Americans rely, in close partnership with other Federal agencies, state, local, territorial and tribal governments, and the private sector.” […]
The National Cybersecurity Center of Excellence (NCCoE), a partnership of the National Institute of Standards and Technology (NIST) and the state of Maryland, is seeking public comment by Dec. 6 on a draft report (NISTIR 8219) detailing cybersecurity guidance aimed at the manufacturing sector that employs industrial control systems to monitor and control physical processes. […]
A report from the Carnegie Endowment for International Peace released Wednesday found that “harnessing the full potential of cyber insurance will be imperative for preventing systemic cyber incidents of concern for governments and the private sector alike.” […]
The Department of Homeland Security (DHS) Science and Technology Directorate (S&T) announced today that it issued $1,272,320 of funding awards to develop new solutions to “improve the capability of organizations to understand and improve their cybersecurity control investment decisions.” The funding will be split between University of California, San Diego and University of Illinois, Chicago. […]
The demand for cybersecurity professionals is growing, according to data published Wednesday on CyberSeek, a free online resource from the National Institute of Standards and Technology (NIST), Burning Glass, and CompTIA. […]
The United States is finally making no bones about its willingness to go after adversaries in cyberspace. […]
On Nov. 5, the United States implemented sanctions against Iran, which the Treasury Department described as the “largest ever single-day action targeting the Iranian regime.” While the sanctions were ostensibly targeting Iran’s growing nuclear program, the Foundation for Defense of Democracies (FDD), a think tank which vacillates between nonpartisan, hawkish, and neoconservative in terms of its political leanings, argued in a report released Tuesday that the United States should be concerned about the cybersecurity implications of the new sanctions. […]
Cybersecurity firm Morphisec said that 63 percent of 1,000 Americans that it surveyed in late October regarded the threat of “adversaries propagating misinformation on social networks” as a “more significant threat” to the U.S. midterm elections than possible cyber attacks against voting infrastructure. […]
Wisconsin Gov. Scott Walker last Friday requested that Maj. Gen. Donald Dunbar, adjutant general of Wisconsin, put the state’s National Guard cyber response teams on standby ahead of the midterm elections. […]
A majority of surveyed U.S. information and technology professionals–86 percent–are concerned about the public sector’s ability to conduct secure, reliable, and accurate elections, according to a new study from ISACA released today. […]
A new report from the Commerce Department Office of the Inspector General (OIG) determined that the Census Bureau must improve the implementation of its risk management framework. […]
In a memo dated Oct. 24, Secretary of Defense James Mattis established the Protecting Critical Technology Task Force (PCTTF) to protect the Department of Defense’s (DoD) “critical technology.” The task force will work to prevent the loss of classified and controlled unclassified information–the loss of which is “putting the Department’s investments at risk and eroding the lethality and survivability of our forces.” […]
How can the U.S. deter adversaries and impose costs on enemies launching cyberattacks against the country? With new strategies and policies opening up room for more aggressive responses, the best defense just might be a good offense, Federal cybersecurity leaders discussed Thursday. […]
Freedom House’s annual report on internet freedom, entitled “Freedom on the Net” and released today, finds that global internet freedom is on the decline for the eighth consecutive year. […]
The Department of Homeland Security (DHS) is focusing intently on a range of activities to help ensure the security of next week’s mid-term congressional elections, DHS officials said today at an event organized by Fifth Domain. […]
While the National Cyber Strategy released by the Trump administration in September may not include many differences in policy compared to the prior version from 2015, the real change comes in the shift from policy to action, including an implementation plan for the National Cyber Strategy, said Grant Schneider, the Federal government’s chief information security officer, on Thursday. […]
The Department of Justice (DoJ) on Tuesday announced charges against Chinese government intelligence officers Zha Rong and Chai Meng, among others, for conspiring to steal intellectual property, confidential business information, and technological data from companies in the U.S. and European commercial aviation industry. […]
The U.S. Air Force announced Monday that it selected Northrop Grumman for a $54.6 million contract to provide U.S. Cyber Command with a unified platform that manages cybersecurity processes–both offensive and defensive operations. […]
The incidence of ransomware attacks in the U.S. has leveled off since 2017 for a variety of reasons, including improved defenses by targeted organizations that have made such attacks less profitable for perpetrators, experts said Tuesday at the 2018 Symantec Government Symposium. […]
The Defense Department is lending assistance to the Department of Homeland Security as DHS works to protect election infrastructure in the run-up to next week’s mid-term congressional elections, said Ed Wilson, Deputy Assistant Secretary of Defense for Cyber Policy, on Tuesday at the Symantec 2018 Government Symposium. […]
Thomas Hicks, commissioner of the U.S. Election Assistance Commission, said today that EAC has developed a set of voluntary voting system guidelines to aid local election authorities, but the commission currently lacks a quorum to vote on the standards and distribute the guidance to localities. […]
The Congressional Budget Office (CBO) reported Friday that S. 3437, the Federal Rotational Cyber Workforce Program Act of 2018, would cost less than $500,000 a year to implement. […]
Paras Jha, one of three people responsible for the Mirai Botnet, was ordered on Friday to pay $8.6 million in damages and serve six months of house arrest after pleading guilty to violating the Computer Fraud & Abuse Act (CFAA) in Federal district court in New Jersey. […]
In a letter released Thursday, Sen. Mark Warner, D-Va., called on the Federal Trade Commission (FTC) to investigate the “prevalence of digital advertising fraud and inaction by Google to curb these efforts.” […]
Cybersecurity experts are gearing up to cut an illuminating path through the tangled cybersecurity threats and solutions landscape at Symantec’s Government Symposium on Oct. 30 at the Marriott Marquis in Washington, D.C. […]
The Department of Energy Office of Inspector General released a report on Oct. 19 that found several weaknesses in the cybersecurity program at DoE in fiscal year 2018, including recurring issues in vulnerability management, patching, and formal cybersecurity training policies. […]
The answer to that question is “yes,” according to a white paper released today by New America, a non-partisan think tank. The white paper argues that while the United States has been engaged in cybersecurity for more than a generation, there are still “organizational and human gaps” that leave the country insecure. […]
After some fits and starts, Federal agencies are gaining ground in efforts to better secure their websites and email systems by employing HTTPS encryption, and installing the Domain-based Message Authentication, Reporting and Conformance (DMARC) anti-phishing protocol, among other measures […]