A new White House report says three quarters of Federal agencies are not managing their cybersecurity risk correctly and are consequently at “risk or high risk” of data theft or network intrusion due to poor cybersecurity programs. […]
The U.S. Cyber Command is ready for its close-up. The command announced May 17 that all 133 of its Cyber Mission Teams are fully operational, capping a roughly one-month stretch that saw the arrival of a new commander, the opening of a new operations center, and the official designation of Cybercom as a full unified combatant command. […]
The House Oversight and Government Reform (OGR) IT subcommittee followed up last week’s release of the sixth FITARA Scorecard (Scorecard 6.0) by releasing a second, more detailed scorecard. It provides insight into each of the categories of FITARA scoring, with methodology, metrics, calculations, and detailed data points on just how well each of the 24 agencies fared. […]
The Department of Labor’s Office of Inspector General (OIG) said the agency needs to improve in two key legislative areas related to IT management, according to OIG’s semiannual report released Tuesday and covering October 2017 through March 2018. […]
Today the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) released a joint Technical Alert (TA) identifying two families of malware–dubbed Joanap and Brambul–used by the North Korean government. […]
Members of the Senate Banking, Housing and Urban Affairs Committee voiced support this week for legislation to require greater corporate disclosure of cybersecurity preparedness, and relayed concerns that personally identifiable information (PII) collected by government and private sector entities cannot be adequately safeguarded against theft or loss. […]
The Pentagon wants more hackers to take aim at its systems, launching another program that invites crowdsourced attacks from outside the Department of Defense (DoD) to help it identify and mitigate vulnerabilities in its networks and information systems. […]
Federal government agencies must work on improving mobile device security, as people are increasingly attached to their devices and attackers can wield a variety of new threats that can expose agencies’ passwords, personal information and networks, industry officials said this week. […]
The flagship model for organizational cybersecurity policies just got a new coat of paint. The National Institute of Standards and Technology (NIST) on April 16 released version 1.1 of its Framework for Improving Critical Infrastructure Cybersecurity , which updates the agency’s original voluntary cybersecurity framework for critical infrastructure sectors issued in 2014. […]
Because spending plans make for informative policy documents, an April markup of the 2019 National Defense Authorization Act (NDAA) offers an outline of the Department of Defense’s plans for its cyber operations and the development of new technologies. […]
A new report from the Government Accountability Office (GAO) this week raises concerns that the National Aeronautics and Space Administration (NASA) isn’t properly protecting its IT systems. The agency spends about $1.5 billion annually on IT investments to support its missions. […]
The Department of Justice (DoJ) announced today that a Federal jury convicted Ruslans Bondars, a resident of Latvia, on three counts related to his operation of “Scan4you,” an online counter-antivirus service. […]
Immediately following National Security Advisor John Bolton’s decision to eliminate the post of one of the President’s top cybersecurity advisors, lawmakers pushed back with legislation aimed at reinstating the position and requiring Senate confirmation for it under a newly established National Office for Cyberspace. […]
Department of Homeland Security (DHS) Secretary Kirstjen Nielsen emphasized at a Senate Homeland Security and Governmental Affairs Committee hearing this week the importance of shoring up United States cyber defenses, and said that effort would be helped by adequate funding and reorganization of a key DHS department. […]
This month marks the first anniversary of President Trump signing his cyber executive order (EO), formally titled the Presidential Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure. […]
The Department of Homeland Security (DHS) today unveiled a new five-pronged strategy aimed at managing “national cyber risk,” and in particular, U.S. “cyber and critical infrastructure security.” […]
John Bolton, President Trump’s national security adviser, has eliminated the White House cybersecurity coordinator position. […]
In a previously announced move, the Pentagon elevated the U.S. Cyber Command to a full unified command. This reflects the universal role cyber operations–and potential cyber threats–have come to play across the range of military activities, and how relatively quickly virtual technologies have changed the game. […]
Seventy percent of energy industry professionals are concerned that a successful cyberattack against energy or oil and gas companies could cause a catastrophic failure, according to a survey released Wednesday. […]
While members of Congress discussed the nationwide technical skills gap at a hearing on Wednesday, tech-industry advocates on Capitol Hill looked for ways to reduce the cybersecurity sector’s gender gap. […]
John Bolton, President Trump’s national security adviser, may not be hunting for a replacement for Rob Joyce, the current White House cybersecurity coordinator, who previously announced he would leave his post and return to the National Security Agency later this month. […]
Artificial intelligence (AI) could increase global GDP by $15.7 trillion by 2030, according to PricewaterhouseCoopers. The prevalence of AI in modern society is growing at a rapid pace – and the Federal government needs to keep up. […]
A new government-wide strategic plan on Category Management covering FY18-FY20 and released in late April aligns with the President’s Management Agenda and declares the Enterprise Infrastructure Solutions contracting vehicle one of its key IT components. […]
Malware-pushing criminals are no longer finding as much profit in email-based exploits, but the National Institute of Standards and Technology says cyber-crime perpetrators may find that easier lines of attack lie in infiltrating social media platforms. […]
Military cybersecurity officials said at MeriTalk’s Tenable GovEdge 2018 event on May 3 that they can focus more on taking the fight to adversaries if the private sector can continue to provide the military with strong network defense technologies. […]
Defense issues expert Peter Singer warned this week that cybersecurity deterrence strategies put in place over the past decade are collapsing, and that the government’s response to security strategies needs to be rethought. […]
A Federal CISO handbook is due out soon from the CISO Council, said Jeff Wagner, Acting Chief Information Security Officer at the Office of Personnel Management. The new guidance aims to cut down on technical language barriers and standardize compliance formatting across the Federal enterprise. […]
It’s no secret that Chinese companies are major suppliers to U.S. technology companies that serve the Federal government, and a report issued last month says the Chinese government is leveraging that manufacturing capability to create significant security risks across the U.S. Federal enterprise. […]
The Department of Homeland Security is providing weekly vulnerability scorecards to 106 Federal agencies every Monday, said Rob Karas, the agency’s Director of National Cybersecurity Assessments and Technical Services-NCATS, at the Tenable GovEdge 2018 Conference Thursday. […]
You can hear the clatter from the White House as it hammers out the details of a long-awaited national cyber security strategy. But, the Department of Defense (DoD) cyber policy strategists are writing out advice to keep Federal agencies safe from hackers’ webs today. […]