A report with information from all of the agencies’ risk management reports will be sent to President Donald Trump to review by Oct. 8, even though the government still lacks a Federal CIO. Barry West, senior adviser and senior accountable official for risk management at the Department of Homeland Security, said that the goals of the Cyber Executive Order in May could still be met without a Federal CIO. […]
Comodo Threat Intelligence Labs investigated the Equifax data breach and found Equifax executives’ passwords available for sale on the Dark Web. Comodo found that more than 388 instances of Equifax user and employee endpoint data available for sale. This information includes usernames, titles, passwords, and login URLs, and the dates on which they were stolen. […]
The Army’s cyber soldiers in the 17C military occupational specialty are highly likely to stay on for their entire first term of service, but they are far less likely to re-enlist after the first term, according to a recent RAND Corp. study. […]
The CIO Council is hosting a governmentwide cybersecurity hiring event Nov. 6-7. The Federal government is seeking information technology and cybersecurity professionals to fill hundreds of positions needed to modernize legacy IT and strengthen the cybersecurity of Federal networks and critical infrastructure. […]
Though officials working on the Continuous Diagnostics and Mitigation program have been aware of the importance of cloud from the beginning, Phase 3 of the program will shift to include cloud concerns, according to Kevin Cox, CDM program manager at the Department of Homeland Security. […]
About half of government IT professionals think that regulations make it more difficult to achieve an optimal cybersecurity posture, according to a study released Sept. 18 by SolarWinds. […]
The Treasury Department announced sanctions against 11 entities and individuals involved in cyberattacks by Iranian actors. The sanctions include two Iran-based networks that are responsible for cyberattacks against U.S. financial systems. […]
Sens. Ed Markey, D-Mass, Richard Blumenthal D-Conn., Sheldon Whitehouse D-R.I., and Al Franken D-Minn., introduced a bill on Sept. 14 to require accountability and transparency for credit report companies that are collecting and selling personal information about consumers. The legislation follows the Equifax breach, which affected 143 million Americans. […]
The Federal Trade Commission issued a warning on Sept. 14 to consumers to be on the alert for phishing scams related to the Equifax breach. The FTC said people might call asking to verify consumers’ account information due to the Equifax hack. “Stop. Don’t tell them anything,” the FTC said in a statement. […]
Rep. Will Hurd, R-Texas, said that he expects his Modernizing Government Technology Act to pass the Senate within the next week as an add-on to the Senate’s 2018 National Defense Authorization Act deliberations. “Buying IT goods and services in the Federal government is pretty silly,” said Hurd, criticizing the fact that agencies must use all of their IT funding for the year or risk losing it. “That is an insane way to purchase things to defend our digital infrastructure,” […]
The problem with IT modernization is often a people problem. “There’s a cultural challenge within the IT community,” said Department of Homeland Security Acting CIO Stephen Rice, at the AFCEA Homeland Security Conference on Sept. 13. “Changes aren’t just within the technology but also within the culture of those managing the technology.” […]
Acting Secretary of Homeland Security Elaine Duke released a binding operational directive on Sept. 13 requiring agencies to identify and plan to remove all Kaspersky Lab products within the next 90 days. “The Department is concerned about the ties between certain Kaspersky officials and Russian intelligence and other government agencies, and requirements under Russian law that allow Russian intelligence agencies to request or compel assistance from Kaspersky and to intercept communications transiting Russian networks,” DHS noted. […]
Creating one cloud architecture for the civilian agencies will make it easier for hackers, according to Beth Dunphy, program director of cybersecurity technologies at IBM. The White House’s recent IT Modernization Report calls for the Federal government to invest in two to three cloud models to support the different agencies. “At the end of the day it’s just going to make it easier to repeat the attacks from the attackers,” Dunphy said at the AFCEA Homeland Security Conference on Sept. 12. […]
The Federal government is working on improving its inter-agency information sharing process during cyber threats, but Greg Touhill, former Federal CISO, said that information sharing is useless if recipients of the information don’t act on it. “You can share all day long but if people aren’t listening and they aren’t acting on it, bad things are going to happen,” Touhill, president of Cyxtera Federal Group, said at the AFCEA Homeland Security Conference on Sept. 12. […]
Cybersecurity threats have risen to the top of the nation’s national security concerns, according to U.S. Director of National Intelligence Daniel Coats, who spoke at the Billington CyberSecurity Summit on Sept. 13. “What keeps me up at night now is the wide diversity of threats that we have from all across the world, including the […]
The Department of Homeland Security’s (DHS) Continuous Diagnostics and Mitigation (CDM) program is entering its fourth year and introducing a third phase. Now, the Trump administration’s increasing focus on cybersecurity adds growing pressure to the program and its scope. […]
The government needs to get tougher on financial institutions that endanger consumer data, as occurred in the recent Equifax breach, according to testimony at a Senate Banking, Housing, and Urban Affairs Committee hearing. […]
Former Federal Chief Information Officer (CIO) Tony Scott has joined the law firm Squire Patton Boggs as a senior data privacy and cybersecurity adviser, the firm announced. […]
Federal agencies are expected to submit their budget requests to Congress in September, detailing the funding they’ll need to meet their missions for fiscal year 2018. One trend that Congress can expect to see is requests for AI applications to automate cybersecurity processes, according to Thomas Jones, Federal systems engineer at Bay Dynamics. […]
When starting an IT modernization project, agencies should ask what their end goal is before trying to figure out what their current state of affairs is, according to National Technical Information Service director Avi Bender. […]
The Government Accountability Office found that of the 24 agencies required to participate in the Data Center Optimization Initiative, 22 said they were making limited progress toward the 2018 performance targets. […]
Leading cybersecurity experts will come together on Wednesday, Sept. 20 at the Newseum in Washington, D.C., to discuss the changing cyber landscape and ways the private and public sectors can partner to strengthen a proactive cyber defense. MeriTalk’s sixth annual Cyber Security Brainstorm, “Cyber Everywhere: Collaboration, Automation and Integration,” will focus on keeping our nation’s government one step ahead of advancing adversaries. […]
The Federal Cloud Center of Excellence’s draft C.A.S.T.L.E guide on cloud acquisition aligns well with the White House’s IT Modernization Report. “The IT Modernization Report is focused on accelerating the move toward the cloud from an overall strategy and policy perspective and we’re here to support its cloud adoption goals,” said Syed Azeem, senior IT project manager for the Department of Labor, and outreach and advocacy lead within the CCOE. “Where we come in is providing the hands-on implementation level guidance as part of the C.A.S.T.L.E guide and other deliverables the CCOE is working on.” […]
After the credit monitoring company Equifax announced that it had detected a data breach affecting potentially 143 million U.S. consumers, Rep. Ted Lieu, D-Calif., is calling for a House Judiciary Committee hearing to investigate the breach. […]
The entire Federal government is feeling the pains of cyber workforce shortages. But the Department of Homeland Security, which is tasked with protecting national security without the cool factor of the FBI and National Security Agency, hurts more than most, according to testimony at a House Homeland Security Committee hearing on Sept. 7. […]
Government IT executives are finding that the IT modernization process is increasing security challenges, according to a recent Unisys survey. However, Unisys Federal President Venkatapathi “PV” Puvvada said that the journey to more modern, and therefore secure, IT can often make cybersecurity harder before it gets better. […]
Though new initiatives like the Cybersecurity Executive Order cover many of the same issues tackled by past administrations, the focus on IT modernization will make a big difference in actually improving cybersecurity, according to Barry West, senior adviser and senior accountable official for risk management at the Department of Homeland Security. […]
A hacker group named Dragonfly 2.0 has gained access to several companies that supply electricity to the U.S. power grid, according to Symantec. The new wave of cyberattacks could give attackers the means to severely disrupt affected operations centers in Europe and North America. Dragonfly 2.0 has been in operation since at least 2011 and is linked to the Russian government. […]
Research published by SecurityScorecard found that though Federal and state governments have improved their cybersecurity since the rating system’s last report, they still fall behind the rankings of most industries in the U.S. […]
TechNet, a network of innovation economy CEOs, recently sent a letter to the Federal Communications Commission advocating for increased investment in broadband connectivity. The letter emphasizes the importance of broadband for the success of commercial industries such as businesses, hospitals, libraries, and educational institutions. […]