Federal CISO Grant Schneider said today he is hopeful that the Office of Management and Budget (OMB) will release the official version of its long-awaited Trusted Internet Connections (TIC) 3.0 policy within the next two weeks. […]

North Atlantic Treaty Organization (NATO) Secretary General Jens Stolenberg announced that NATO is taking a collective defense approach to cybersecurity, including the creation of a new cyber operations center for the organization. […]

Kevin Cox, Program Manager for the Department of Homeland Security’s Continuous Diagnostics and Mitigation (CDM) Program, sat down with MeriTalk in June to talk about a range of new and ongoing program activities that are vital to improving Federal agency security. […]

Rep. John Katko, R-N.Y., introduced the State and Local Government Cybersecurity Improvement Act on Aug. 30 to help state and local governments combat cyberattacks. The legislation comes in the wake of increasing ransomware attacks targeting state and local governments, including Katko’s own state.   […]

Running a customer-facing business with monetary transactions is stressful enough without the stress of threat actors E-Skimming by hacking your business networks system. […]

About two-thirds of 2019 ransomware attacks in America have targeted state and local governments, according to an Aug. 28 report published by Barracuda Networks, a cybersecurity group. […]

The Defense Department (DoD) is seeking a small business vendor to provide security services and penetration testing for its Defense Innovation Unit (DIU) outreach office, with the aim of helping the office boost its cyber defenses. […]

The Department of Homeland Security Science and Technology Directorate (S&T) released a study today that reveals how integrating enterprise mobility management (EMM) capabilities with mobile app vetting tools can improve mobile device security. […]

MeriTalk sat down in June with Kevin Cox, Program Manager for the Department of Homeland Security’s Continuous Diagnostics and Mitigation (CDM) Program, to get the latest on program priorities for the coming months and beyond. […]

The Department of Health and Human Services’ (HHS) Office of Inspector General (OIG) identified an uptick in security gaps in the Centers for Medicare & Medicaid Services’ (CMS) Medicare administrative contractors (MACs) information security programs in fiscal year 2018, according to an OIG report released Aug. 23.  […]

Since the Defense Information Systems Agency (DISA) began implementing its internal vulnerability management continuous monitoring security program – Assured Compliance Assessment Solution (ACAS) – officials who have worked closely with the solution have praised ACAS’s capabilities, from its continuous passive monitoring, to its dashboarding and prospects of scaling to the cloud. DISA first issued ACAS’s […]

An ISACA white paper released this month outlines recommended guidance for organizations to better manage third-party vendor risk across their enterprises. […]

Christopher Krebs, director of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA), today unveiled his “strategic intent” for the agency, which include CISA’s guiding principles and goal of building a collaborative cybersecurity environment in America. […]

Sen. Angus King, I-Maine, and Rep. Mike Gallagher, R-Wis., co-chairs the Cyberspace Solarium Commission, are seeking cyber professional expertise and input to help the commission tackle significant cybersecurity challenges that the United States and its allies face. […]

In the acquisition process for Federal IT, agencies are trying to secure their supply chains in myriad ways, and that includes taking great caution with acquiring refurbished equipment. […]

Researchers from Georgia Institute of Technology and Ohio State University, with National Science Foundation (NSF) funding, developed an automated system to vet cloud servers and software library systems to bolster mobile app security. […]

The National Institute of Standards and Technology (NIST) announced on Aug. 16 that it will delay action on several cybersecurity-related standards. […]

The Federal government saw a 12 percent reduction in cybersecurity incidents in fiscal year 2018, and no “major” cybersecurity incidents for the year, according to the Office of Management and Budget’s annual report on the Federal Information Security Modernization Act (FISMA). […]

A significant percentage of surveyed working adults do not grasp or implement basic cybersecurity concepts and practices, according to Proofpoint’s recently released 2018 User Risk Report. […]

The Department of Energy (DoE) upgraded its Cybersecurity Capability Maturity Model (C2M2) to help measure how organizations effectively protect themselves from cyber threats. […]

The Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA), in partnership with the National Cyber Security Alliance (NCSA), announced on Aug. 14 the release of the 2019 National Cybersecurity Awareness Month (NCSAM) Toolkit. […]

A cyber threat landscape report released today found that the shifting cyber landscape has led threat actors to adjust operations strategically, operationally, and technically. […]

Despite a downtick in number of states using paperless voting equipment since 2016, eight states are still expected to use paperless machines in the 2020 election, according to an Aug. 13 Brennan Center for Justice report. […]

While the Continuous Diagnostics and Mitigation (CDM) program is here to stay for Federal agencies, taking proper approaches to data classification, collection, and analysis are key components to optimizing the program’s aims, security experts said last week at MeriTalk’s Cyber Security Brainstorm event. […]

The Department of Homeland Security (DHS) is putting together a single contract vehicle that will award multiple vendors to manage DHS’ 17 unclassified security operations centers (SOCs). […]

FBI Cyber Readiness, Outreach, and Intelligence Branch Deputy Assistant Director Tonya Ugoretz stressed at today’s MeriTalk Cyber Security Brainstorm that robust and resilient Federal cybersecurity requires collaboration across agencies and non-government partners. […]

Federal agency approaches to identity management don’t have a single approach across the government, but vary to significant degrees with agencies’ mission focus, said LaChelle LeVan, Acting Director for Federal Identity, Credential and Access Management (ICAM) Program Office at the General Services Administration (GSA). […]

Officials from the Defense Department (DoD) highlighted supply chain and workforce and culture issues as two significant problems the agency faces in maintaining strong cybersecurity, during a panel discussion at FCW’s Cybersecurity Summit. […]

Embassy Nassau, the American embassy to the Bahamas, has IT issues that are largely a result of embassy understaffing, according to an August 5 report from the State Department’s Inspector General. […]

An August 5 alert issued by Microsoft’s Security Response Center is blowing the whistle on hacking efforts focused on three classes of internet of things (IoT) devices that Microsoft asserts are being attacked by the hacking group it identifies as “Strontium,” better known as the Russia-based cyber espionage group Fancy Bear. […]