The Department of Justice (DOJ) Justice Security Operations Center (JSOC) recently passed its cybersecurity assessment provided by the Department of Homeland Security (DHS) Cybersecurity Service Provider (CSP) program, and through that process has become a certified CSP Center of Excellence. […]
The Cybersecurity and Infrastructure Security Agency (CISA) has released finalized versions of two Trusted Internet Connections (TIC) 3.0 use cases that Federal agencies can use to advance their security postures. […]
The Accreditation Body (CMMC-AB) for the Department of Defense’s (DOD) Cybersecurity Maturity Model Certification (CMMC) program is creating an Industry Advisory Council (IAC) to provide feedback on the CMMC implementation to the DoD and CMMC-AB, the CMMC-AB announced this week. […]
As telework and cyber threats are both ever-increasing, the move to zero trust security concepts is needed as a generational shift in security strategy for Federal agencies to stay one step ahead of adversaries, cybersecurity experts said April 7 during FCW’s Zero Trust Workshop. […]
Following a joint cybersecurity advisory warning of potential vulnerabilities in Fortinet’s cybersecurity operating system from the Federal Bureau of Investigation (FBI) and the Department of Homeland Security’s (DHS) Cybersecurity Infrastructure and Security Agency (CISA), the company is urging customers to update their software to include the latest patches. […]
In a letter to top Federal cybersecurity experts, Homeland Security and Governmental Affairs Chairman Sen. Gary Peters, D-Mich., and Sen. Rob Portman, R-Ohio, ranking member on the committee, are requesting information on how U.S. cyber defenses were unprepared for the recent SolarWinds Orion and Microsoft Exchange compromises and on the limitations of the EINSTEIN system. […]
Reps. Nancy Mace, R-S.C., and Mike Bost, R-Ill., introduced legislation that would direct the Department of Veterans Affairs (VA) to lead a communications and outreach program aimed to educate veterans on cyber risks. […]
The FBI and the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) are warning about advanced persistent threat (APT) actors exploiting a Fortinet vulnerability to gain access to government and other networks, according to an April 2 joint advisory. […]
President Biden intends to nominate Ronald Moultrie, a national security veteran who helped create the Navy’s digital roadmap, to serve as under secretary for Intelligence and Security at the Department of Defense, the White House announced April 2. […]
Reps. Doris Matsui, D-Calif., and Jim Langevin, D-R.I., urged Education Secretary Miguel Cardona in an April 1 letter to address the growing cybersecurity threat facing K-12 schools by issuing guidance that will give K-12 schools more confidence in making investments in increased cybersecurity measures. […]
With tax season upon us, the IRS has issued a warning regarding an impersonation email scam targeting university students and staff. […]
Department of Homeland Security (DHS) Secretary Alejandro Mayorkas on March 31 previewed six “sprints” planned by DHS and its Cybersecurity and Infrastructure Security Agency (CISA) component throughout 2021 to bolster Federal cybersecurity across a range of areas including ransomware, industrial control system (ICS) security, and workforce development. […]
The Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) has released supplemental directions to help agencies root out and mitigate vulnerabilities in their Microsoft Exchange on-premises products. […]
The White House named Nabeela Barbari, a national security veteran, to President Biden’s National Security Council (NSC). Barbari will serve on the NSC as the nation’s director of resilience and response. […]
The Department of Defense’s (DoD) Cybersecurity Maturity Model Certification (CMMC) program is under internal review at the Pentagon with an eye toward “potential improvements” to implementation of the program, a DoD spokesperson confirmed to MeriTalk. […]
The ongoing “Sunburst” cyber-espionage campaign that resulted in the SolarWinds Orion and Microsoft Exchange breaches represents a strategic failure by the U.S., rather than simple IT inadequacy, according to a report by the Atlantic Council. […]
The National Institute of Standards and Technology (NIST) is seeking information on a contractor that can provide cybersecurity research, development, and implementation support services and subject matter expertise on task areas of various priority levels. […]
The Federal government needs to both understand and work with the private sector when it comes to cybersecurity and innovation, Director of National Intelligence Avril Haines said today. […]
The National Institute of Standards and Technology (NIST) has released draft guidance to help local election officials reduce the risk of cyberattacks on election systems, and is seeking public comment on the draft. […]
A group of bipartisan senators wrote a letter to Jennifer Granholm, Department of Energy (DOE) secretary, to voice their support for keeping the Office of Cybersecurity, Energy, Security, and Emergency Response (CESER). […]
As adversaries from overseas continue to threaten the cybersecurity of U.S. companies and organizations, National Security Agency (NSA) director and U.S. Cyber Command (CYBERCOM) chief Gen. Paul Nakasone told senators today that Defense Department (DoD) agencies need to be able to operate more freely within the U.S. to deal with those threats swiftly. […]
Federal officials should focus on crafting policies that support the use of AI in cybersecurity, and continue to develop the AI workforce, the Information Technology Industry Council (ITI) recommends in a March 24 report. […]
Sen. Ed Markey, D-Mass., and Rep. Ted Lieu, D-Calif., reintroduced the Cyber Shield Act, which would create a voluntary system to certify cybersecurity protections for internet of things (IoT) devices. […]
Preventing cyberattacks is more important than ever and the National Security Agency’s (NSA) Cybersecurity Collaboration Center is working with government and industry partners to share information and tackle cybersecurity as a “team sport.” […]
The Department of Homeland Security (DHS) is seeking comments on an Information Collection Request (ICR) to the Office of Management and Budget (OMB) to allow DHS to assist executive branch agencies in collecting cybersecurity vulnerability information and post the information on their own agency websites. […]
The Department of Energy’s (DoE) Office of Cybersecurity, Energy Security, and Emergency Response (CESER) said it is rolling out three new research programs aimed at energy supply chain security, protecting infrastructure from electromagnetic (EMP) interference, and cybersecurity education. […]
The Department of Energy (DoE) needs to fully address potential cyber vulnerabilities to the United States electrical grid system in its national cybersecurity strategy, a Government Accountability Office (GAO) report recommends. […]
It’s hard enough sometimes just keeping up with the challenges of cybersecurity in the big headline-news cases – think SolarWinds in recent months or the Office of Personnel Management (OPM) intrusion several years back. But the more you talk with experts in cybersecurity, the more it becomes clear that exploitable gaps in the network armor are nearly limitless, and that plugging those gaps requires innovative security in the spaces that remain off the radar for many. […]
The acting director of the Cybersecurity and Infrastructure Security Agency (CISA) told senators on March 18 that CISA is making efforts to complete deployment at Federal civilian agencies of the first two phases of the Continuous Diagnostics and Mitigation (CDM) program by the end of this year as part of a push to shore up Federal cybersecurity after the SolarWinds Orion hack. […]
Federal CISO Christopher DeRusha said today that new IT modernization and security funding streams stemming from the American Rescue Plan Act represent a “down payment” on extensive work that needs to be done to improve Federal agency network security. […]