The House Homeland Security Committee on Thursday voted to approve S. 1281, the Hack the Department of Homeland Security Act, that would establish a bug bounty pilot program within DHS. […]

A new GAO report details how Equifax submitted to audits from agencies with which the company had contracts, but declined an offer of help from the Department of Homeland Security in the wake of the company’s 2017 data breach that exposed sensitive personal information of 143 million Americans. […]

The House of Representatives on Tuesday agreed by voice vote to approve HR 6430, the Securing the Homeland Security Supply Chain Act of 2018, which grants the Department of Homeland Security (DHS) Secretary authority to exclude certain contractors from doing business with the Federal government to address “urgent national security interests” and curb supply chain risks. […]

The House of Representatives today approved by voice vote HR 6443, the Advancing Cybersecurity Diagnostics and Mitigation Act, which would codify the Department of Homeland Security’s (DHS) Continuous Diagnostics and Mitigation (CDM) Program into law. […]

The Department of Homeland Security’s National Cybersecurity and Communications Integration Center (NCCIC) today published a set of security tips for securing enterprise wireless networks. […]

All 23 of the Federal civilian CFO Act agencies covered under the Department of Homeland Security’s Continuous Diagnostics and Mitigation (CDM) Program will be connected to the governmentwide cybersecurity threat dashboard by September, CDM Program Manager Kevin Cox said today. […]

Matthew Travis, deputy undersecretary of the Department of Homeland Security’s National Programs and Protection Directorate (NPPD), said today that DHS’s recently-established National Risk Management Center (NRMC) represents the agency’s plan to play “the long game” in defending U.S. critical infrastructure sectors from attacks. […]

The Department of Homeland Security is working with multiple Federal agencies to develop a new “risk radar” that will help agencies’ top executives contextualize cybersecurity risk and clarify where they need to apply focus and resources, according to Mark Kneidinger, director of the Federal Network Resilience division of DHS’ Office of Cybersecurity and Communications (CS&C). […]

The Department of Homeland Security today released a request for information (RFI) calling on the private sector to provide DHS with information on strategies and tools to augment its cyber supply chain risk management program. […]

Sen. Edward Markey, D-Mass., is pressing major electric utility companies for details about whether and when their systems have been penetrated by Russian-affiliated hackers, and at the same time is querying several Federal agencies about what they are doing to help utilities recognize and prevent attempts to break into their networks and control systems. […]

The Small Business Administration’s (SBA) Deputy CIO Guy Cavallo and CTO Sanjay Gupta said today at the FCW Cybersecurity Summit that their agency’s unorthodox approach to the Continuous Diagnostics and Mitigation (CDM) Program is yielding a ton of practical benefits, even though it required a bit of a departure from CDM’s initial guidelines. Now, SBA is providing a new potential model for other agencies – many struggling with the first of CDM’s four phases – to use when considering how to achieve the outcomes the program intends. […]

U.S. Census Bureau CIO Kevin Smith said that the Department of Homeland Security performed penetration tests this year that were unable to break through Census’ data safeguards, confirming the strength of Census’ cybersecurity programs for both its self-response website and in-field mobile devices. […]

Department of Homeland Security Under Secretary Chris Krebs, head of the agency’s National Protection and Programs Directorate (NPPD), has named Bob Kolasky to serve as director of the newly-established National Risk Management Center (NRMC), a DHS official confirmed to MeriTalk today. […]

Paul Beckman, chief information security officer at the Department of Homeland Security, said Thursday at MeriTalk’s Cyber Security Brainstorm that software-defined networking, adopting a zero-trust model, and optimizing DHS’ security operations centers (SOC) are his biggest emerging priorities to promote better security across the department. […]

Following the Department of Homeland Security’s announcement of a new National Risk Management Center, critical infrastructure executives along with Federal agency leaders hailed the new coordinating wing of DHS as a way to harness the collective strengths of both government and industry to address cyber concerns that have the potential to hobble the nation’s critical functions. […]

The Department of Homeland Security (DHS) will launch a National Risk Management Center this week to provide a first response outlet for private sector critical infrastructure companies that are targeted by cyberattacks, DHS Secretary Kirstjen Nielsen announced today. […]

State-sponsored cyberattacks are the new normal in adversarial international activity, whether on large or small scales. […]

At a House Homeland Security Committee hearing on Wednesday, July 25, to examine findings of the Federal Cybersecurity Risk Determination Report and Action Plan released by the Office of Management and Budget (OMB) in May, lawmakers and private sector witnesses hailed new legislation as a necessary – but on its own insufficient – step to bring down the security risks of three-quarters of Federal agencies deemed in cyber danger. […]

Welcome to MeriTalk News Briefs, where we bring you all the day’s action that didn’t quite make the headlines. No need to shout about ‘em, but we do feel that they merit talk. […]

The House Homeland Security Committee on Tuesday approved the Securing the Homeland Security Supply Chain Act (HR 6430), which would authorize the Homeland Security Secretary to take a variety of actions to curb supply chain risk including actions to exclude certain contractors in order to address “urgent national security interest.” […]

Federal CIO Suzette Kent, testifying today at a joint subcommittee hearing of the House Oversight and Government Reform Committee, said that the Federal government intends to complete all of the tasks outlined in the Federal IT Modernization Report by the end of the year. She said that the majority of those tasks are already complete, and that many have beaten the timelines the government had set for itself. […]

Federal agency .gov domains have less than three months left to come into compliance with binding operational directive (BOD) 18-01, issued by the Department of Homeland Security (DHS) last October, which requires the use of Domain-based Message Authentication, Reporting and Conformance (DMARC). A DHS representative on Wednesday said that progress in implementing DMARC has been strong, but that initial implementation is far from the finish line. […]

Rep. John Ratcliffe, R-Texas, introduced legislation today to codify into law the Department of Homeland Security’s Continuous Diagnostics and Mitigation (CDM) Program, in order “to advance and modernize” the program and ensure procedural policies for it. […]

CGI Federal has won a task order worth an estimated $530 million to provide services under the Continuous Diagnostics and Mitigation (CDM) Program to CDM’s Group C Federal agencies, a CGI spokesperson confirmed today. […]

Various arms of the Federal government are grappling with how to best curb critical infrastructure risk despite uncertainty regarding the best path forward and knowledge barriers surrounding the underlying technology. […]

The Department of Homeland Security’s Science and Technology Directorate and the Transportation Security Administration announced the winners of their passenger screening algorithm challenge that solicited new automated detection algorithms to improve speed and accuracy of detecting “small threat objects” during airport passenger screening processes. […]

Joyce Corell, assistant director for the supply chain directorate at the Officer of the Director of National Intelligence’s (ODNI) National Counterintelligence and Security Center, predicts that regulation or other means to manage IT supply chain security risk is inevitable, given increased emphasis on the topic across government. Speaking at an Information Security and Privacy Advisory Board meeting Friday, Corell said rumblings across the Federal space concerning supply chain risk will soon likely lead to even more formal steps. […]

Welcome to MeriTalk News Briefs, where we bring you all the day’s action that didn’t quite make the headlines. No need to shout about ‘em, but we do feel that they merit talk. […]

The unique role of the Department of Homeland Security (DHS) in leading cybersecurity efforts for the entire civilian Federal enterprise presents a unique challenge and one that requires the government to rethink its understanding of risk, DHS’ Jeanette Manfra said Thursday at MeriTalk’s Akamai Government Forum. […]

Welcome to MeriTalk News Briefs, where we bring you all the day’s action that didn’t quite make the headlines. No need to shout about ‘em, but we do feel that they merit talk. […]