Federal agencies are expected to submit their budget requests to Congress in September, detailing the funding they’ll need to meet their missions for fiscal year 2018. One trend that Congress can expect to see is requests for AI applications to automate cybersecurity processes, according to Thomas Jones, Federal systems engineer at Bay Dynamics. […]
Leading cybersecurity experts will come together on Wednesday, Sept. 20 at the Newseum in Washington, D.C., to discuss the changing cyber landscape and ways the private and public sectors can partner to strengthen a proactive cyber defense. MeriTalk’s sixth annual Cyber Security Brainstorm, “Cyber Everywhere: Collaboration, Automation and Integration,” will focus on keeping our nation’s government one step ahead of advancing adversaries. […]
After the credit monitoring company Equifax announced that it had detected a data breach affecting potentially 143 million U.S. consumers, Rep. Ted Lieu, D-Calif., is calling for a House Judiciary Committee hearing to investigate the breach. […]
The entire Federal government is feeling the pains of cyber workforce shortages. But the Department of Homeland Security, which is tasked with protecting national security without the cool factor of the FBI and National Security Agency, hurts more than most, according to testimony at a House Homeland Security Committee hearing on Sept. 7. […]
Government IT executives are finding that the IT modernization process is increasing security challenges, according to a recent Unisys survey. However, Unisys Federal President Venkatapathi “PV” Puvvada said that the journey to more modern, and therefore secure, IT can often make cybersecurity harder before it gets better. […]
Though new initiatives like the Cybersecurity Executive Order cover many of the same issues tackled by past administrations, the focus on IT modernization will make a big difference in actually improving cybersecurity, according to Barry West, senior adviser and senior accountable official for risk management at the Department of Homeland Security. […]
A hacker group named Dragonfly 2.0 has gained access to several companies that supply electricity to the U.S. power grid, according to Symantec. The new wave of cyberattacks could give attackers the means to severely disrupt affected operations centers in Europe and North America. Dragonfly 2.0 has been in operation since at least 2011 and is linked to the Russian government. […]
Research published by SecurityScorecard found that though Federal and state governments have improved their cybersecurity since the rating system’s last report, they still fall behind the rankings of most industries in the U.S. […]
Symantec announced that it would be hosting a challenge for higher education IT and security employees to “engage in a real-life scenario cyber competition” during National Cyber Security Awareness Month in October. […]
The White House American Technology Council IT modernization report, released Aug. 30, emphasizes the need for updated IT infrastructure and shared services. The ATC said that the Federal government should invest in two to three cloud platforms to support all of the agencies. […]
Just after the president’s National Infrastructure Advisory Council published a report on the critical nature of the nation’s cybersecurity efforts, eight out of 28 members resigned. “You have given insufficient attention to the growing threats to the cybersecurity of the critical systems upon which all Americans depend, including those impacting the systems supporting our democratic election process,” said a collective resignation letter. […]
A Barracuda report released Aug. 30 said that bad actors are using spear-phishing, account compromise, and insider impersonation to target Office 365 users. […]
The National Institute of Standards and Technology and the Department of Homeland Security announced the next phase of the “Smart and Secure Cities and Communities Challenge,” a partnership to bring together Smart City initiatives and DHS’s security expertise and resources, at the Global City Teams Challenge Expo. […]
Justice officials arrested Yu Pingan of Shanghai on Monday for supplying malware that has been connected to the 2015 Office of Personnel Management (OPM) breach in 2015. […]
A recent study by the IBM X-Force Kassel, a research team that operates “massive spam honeypots” to examine the trends in unsolicited emails, has found that most spammers keep normal business hours and operate predominantly during the usual work week. […]
A draft of the National Infrastructure Advisory Council (NIAC) Cyber Working Group report on securing the nation’s critical infrastructure has found that while the U.S. has the capabilities to defend against cyber attacks, it lacks the coordination to do so effectively. […]
Comodo Threat Intelligence Labs discovered a new strand of ransomware that was used in email phishing campaigns in the beginning of August and is being used in a current hacking campaign. […]
President Donald Trump announced on Aug. 18 that he directed United States Cyber Command (CYBERCOM) to be elevated to full combatant command. […]
The United States needs to invest more resources in the security of election systems, Cook County (Ill.) Director of Elections Noah Praetz told the Election Assistance Commission. […]
The National Security Agency gave Columbus State University in Georgia a $174,000 grant to develop a cybersecurity training tool. “We are building a tool that people across the nation can use to develop cybersecurity training, which guarantees compliance with government and industry standards for cybersecurity workforce development,” said Shuangbao “Paul” Wang, a professor in CSU’s TSYS School of Computer Science. […]
DHS S&T announced Aug. 14 that it was awarding Metronome Software nearly $750,000 to strengthen the security of first responder sensor systems. Metronome Software, a software research and development company focused on working for the U.S. government, is developing a technology to improve the security of first responders’ mobile device-based sensor systems. […]
Software patching can never be done quickly enough, but some initiatives are setting Federal agencies on the route to better patching policies, according to security experts. “The river’s gotten wider and deeper, and so as it’s moving more rapidly the problem is that a lot of the organizations haven’t been able to change how they’re structured to go with it,” said John Scott, president of Ion Channel. “Most organizations aren’t equipped to deal with it.” […]
Demand for cybersecurity personnel is ever increasing, and cyber teams could benefit from a broad range of skills beyond the typical technical employees, according to experts who spoke at New America’s Embracing Innovation and Diversity in Cybersecurity event. […]
The National Institute of Standards and Technology’s National Initiative for Cybersecurity Education recently released a Cybersecurity Workforce Framework that establishes a consistent vocabulary for recruiting and hiring cybersecurity talent. […]
The Air Force chief information security officer offered unusual advice to new security professionals: Don’t worry about every patch and vulnerability. “It’s OK if you can’t get to 800 controls,” said Peter Kim. “It’s OK if you miss a patch.” […]
Following the Cybersecurity Executive Order, security professionals are focusing on risk management frameworks, and some agencies are turning to the Continuous Diagnostics and Mitigation Program. “Security is not something that you buy, it’s something that you do,” said Matt Conner of the National Geospatial-Intelligence Agency. […]
The U.S. Cyber Command will begin to exercise its newly granted acquisition authority by the end of 2017 with its first industry day on Oct. 27. Congress gave CYBERCOM its own ability to purchase technology capabilities in order to keep up with the constantly changing nature of the cybersecurity sphere. CYBERCOM plans to hold its industry day at the Arthur Lundahl Conference Center in Springfield, Va. […]
Palo Alto Networks on Aug. 7 announced the formalization of their cooperation with the Interpol Global Complex for Innovation through signing a Data Exchange Agreement with Interpol. […]
The designation of the nation’s election systems as critical infrastructure will not infringe upon state and local authority to run elections. In a recent memo to Senate Homeland Security and Governmental Affairs Committee Members, Ranking Member Claire McCaskill, D-Mo., relayed communications from the Department of Homeland Security that reiterated that fact. […]
A Senate bill introduced on Aug. 1 not only would establish security requirements for Internet of Things (IoT) devices purchased by the government, but also let researchers look for critical security flaws through vulnerability disclosure policies. […]