BSA The Software Alliance

Akamai, a content delivery network and cloud service provider, and Slack, a provider of cloud-based collaboration tools and services, have joined BSA | The Software Alliance as new global policy members. […]

Election security, voting, midterms 2018

While political and military leaders debate the pros and cons of whether the United States needs a separate “Space Force,” Chinese hackers have offered a reminder of two truths: operations in space are extremely important, and the assets used in space are vulnerable to cyberattack.






[…]

Agencies undergoing digital transformation are combining on-premise, hybrid, and multiple cloud solutions into their environments. To that end, agencies need to weave cloud security and protection of on-premise systems into their broader security strategy for a true, defense-in-depth approach.






[…]

The Report to the President on Federal IT Modernization recommends modernizing the Trusted Internet Connections (TIC) program, which is critical to the Federal government’s broader digital transformation strategy. By the end of this month, the report calls for the Office of Management and Budget (OMB) to conduct data calls to agencies to discuss their cloud migration projects, and identify any delays caused by current TIC policy. And, by March 2, OMB will share a “preliminary update to the TIC policy,” and launch select pilot projects to test the new TIC requirements.






[…]

The rising frequency and intensity of cyberattacks on information technology systems that support the government, military, businesses, and critical infrastructure has raised awareness among senior Federal agency managers that security controls cannot be bolted on to systems as an afterthought. Security must be a core part of the design of systems from the beginning, and considered throughout the development lifecycle.






[…]

Password manager company, Dashlane, has added a twist with its list of the “Worst Password Offenders” of 2017, naming high-profile people and organizations that fell into the bad-password trap. President Trump was deemed the worst offender, primarily because of simple passwords reportedly used by cabinet members and policy directors. Outside parties were also the culprits for the Department of Defense, specifically for its contractor, Booz Allen, as well as the Republican Party (stemming from a careless data analytics firm). Paul Manafort, for using “Bond007” as a password, and Sean Spicer, for apparently tweeting his passwords, also came in for scorn.






[…]

Email is a core network application for both the private sector the and government, and has become an essential business communication tool. Since email is nearly ubiquitous and often poorly secured, it also has become a vector for fraud and data theft. Phishing emails can compromise not only Federal networks and databases, but also trust in government communications.






[…]

With rapid growth in smart devices, exploding data volumes, and the shift to the cloud, it is becoming more and more challenging to protect critical systems and information. Government and industry leaders convened at the Symantec Government Symposium in Washington, D.C. on Tuesday to discuss these complex challenges and the solutions needed to address them.






[…]

With $5 billion in global revenue, Symantec is the 500 pound yellow gorilla in the cybersecurity business. Some dimensions on the beast: installed at every Federal cabinet-level agency; supports 350,000 customers; tracks 700,000 hackers; and leverages more than nine trillion elements of security data. Now, that’s a big monkey.






[…]

Cybersecurity standards for Internet of Things devices need to be improved in order to secure medical devices that have created the “Internet of Bodies.” Terrell McSweeny, commissioner of the Federal Trade Commission, said that more regulation needs to be written before connected medical devices become commonplace.






[…]

Though new initiatives like the Cybersecurity Executive Order cover many of the same issues tackled by past administrations, the focus on IT modernization will make a big difference in actually improving cybersecurity, according to Barry West, senior adviser and senior accountable official for risk management at the Department of Homeland Security.






[…]

A hacker group named Dragonfly 2.0 has gained access to several companies that supply electricity to the U.S. power grid, according to Symantec. The new wave of cyberattacks could give attackers the means to severely disrupt affected operations centers in Europe and North America. Dragonfly 2.0 has been in operation since at least 2011 and is linked to the Russian government.






[…]

MeriTalk compiles a weekly roundup of contracts and other industry activity. Here’s what happened this week in the Federal Information Technology community.






[…]

Through its series of summer camps and competitions, the Air Force Association’s CyberPatriot program is aiming to expand the cybersecurity workforce for both the public and private sector. “What they have learned is if they wait until someone is a college graduate, it’s too late, if they wait until they’re in college, it’s too late,” said CyberPatriot National Commissioner Bernie Skoch.






[…]