While Federal agencies race to migrate to the cloud, security concerns seem to multiply by the hour. This month alone, Russian hackers penetrated the U.S. power grid; cyber attackers got into the network of a petrochemical company in Saudi Arabia in hopes of triggering an explosion; and North Korean hackers apparently “blitzed” Turkish banks and government organizations to gather intel for a future heist. […]

A recent study showing just how easy it is to hack into Internet of Things (IoT) devices–and to use that access to gain entrance to a larger network–focused on commercial products used in the home. However, it could serve as yet another wake-up call for the Department of Defense and other government agencies that are increasingly relying on IoT. […]

Government IT leaders may feel a little punch drunk lately. Between new mandates, an understaffed workforce, and aging systems–they are getting hit from all angles. Indeed, Chad Sheridan, CIO for USDA’s Risk Management Agency kicked off his keynote at last Thursday’s Veritas Public Sector Vision Day in Washington, D.C. by quoting Mike Tyson: “Everybody has a plan until they get punched in the mouth.” […]

Artificial intelligence (AI) deployments in the Federal government are already making government smarter, based on examples shared during the second of a three-part series on AI launched last month by the House Subcommittee on Information Technology. Federal agency leaders from the Defense Advanced Research Projects Agency (DARPA), the General Services Administration (GSA), National Science Foundation (NSF), and Department of Homeland Security (DHS) discussed how AI is being implemented to improve the mission of their agencies and what is required to ensure the technology continues to be viewed as a problem solver. […]

The National Institute of Standard and Technology (NIST) released the second draft of the proposed update to its Framework for Improving Critical Infrastructure Cybersecurity. The new draft aims to clarify, refine, and enhance the framework as well as “amplifying its value and making it easier to use,” NIST officials said. […]

As the Principal Deputy Director of National Intelligence, Sue Gordon has no shortage of cybersecurity data at her fingertips, but the key to cyber success is connecting the dots cross-government and in partnership with the private sector. […]

With rapid growth in smart devices, exploding data volumes, and the shift to the cloud, it is becoming more and more challenging to protect critical systems and information. Government and industry leaders convened at the Symantec Government Symposium in Washington, D.C. on Tuesday to discuss these complex challenges and the solutions needed to address them. […]

SBA has made it a priority to provide cybersecurity assistance for small businesses, reaching out to local chambers of commerce, technology vendors, and banks that serve small businesses to raise awareness of the benefits of cybersecurity threat prevention sharing through conferences.                                      […]

As Feds get smarter about Artificial Intelligence on the cyber frontier, seems agencies’ IT defenders are suffering from schizophrenia about cyber cyborgs. That’s the topline takeaway from the new MeriTalk “Federal Cyber AI IQ Test” study. […]

In the event of a cyberattack, it’s important for information about the attack to be shared with the public in order to prevent further problems. Jeanette Manfra, assistant secretary for the Office of Cybersecurity and Communications at the Department of Homeland Security, said that the agency shares timely, accurate information with its partners and constituents so that they can take proper action to protect themselves. […]

The May Cybersecurity Executive Order and the White House’s IT Modernization Report have encouraged agencies to look for ways to use shared services to improve cybersecurity. The Department of Justice has been looking into using shared services before the push from the White House, giving the agency a head start at shared services centered on cybersecurity for the enterprise. […]

The Justice Department has evidence to charge six Russian government officials for involvement in the hack of the Democratic National Committee. U.S. authorities are considering charging the Russian officials to make it difficult for them to travel, but they are unlikely to be arrested and prosecuted in the U.S. […]

Tanium, along with its partner World Wide Technology, received a potential five-year, $750 million contract from the Defense Innovation Unit Experimental (DIUx), the Defense Department’s Silicon Valley outfit, to provide managed cybersecurity services to Federal agencies. […]

The Continuous Diagnostics and Mitigation Program last week held its first data exchange between the Federal CDM dashboard and an agency dashboard. All of the CFO Federal agencies have agency dashboards to comply with the CDM program, and the Federal dashboard is in production. […]

The Department of Energy plans to roll out an enterprise risk management framework that would provide cybersecurity data about the agency in one place and enable better information sharing between departments.
“The enemy isn’t a hacker in the basement,” said Micah Czigan, director of the Integrated Joint Cybersecurity Coordination Center for DOE. “The enemy is a world power nation-state.” […]

Representatives from Facebook, Twitter, and Google told Congress on Oct. 31 that they’ve had to learn how to combat nontraditional cyberattacks, like the spread of disinformation, rather than focusing on malware attacks alone to protect consumers. […]

As hospital chief information security officers report that their networks are under constant attempts at intrusion, the Food and Drug Administration (FDA) is taking a look at how medical devices can be used as access points into the larger networks. […]

Following a House hearing on the cyber workforce shortage, the Department of Homeland Security released information about cyber training programs. […]

Cybersecurity experts offered solutions to protect the U.S. electric grid, including moving the grid off of the public Internet, and using quantum encryption capabilities. “The nation’s electrical grid is a vital resource upon which our economy and our citizens’ daily lives depend,” said Richard Raines, director of the Electrical and Electronics Systems Research Division at Oak Ridge National Laboratory. “It is also a system that is highly vulnerable to cyber intrusions as more and more utility controls and ‘smart’ technologies rely on public Internet connections.” […]

Many Federal agencies still struggle with overcoming security concerns when transitioning to the cloud, according to a MeriTalk report, To Cloud or Not to Cloud? That Isn’t the Question. Thirty-five percent of Federal IT leaders said that the security of their existing private cloud environments is excellent, compared to 21 percent for public cloud security. […]

The Department of Homeland Security published tips on Staying Safe in a ‘Smart’ World, which tells citizens how to navigate an environment full of the Internet of Things. […]

Jeff T.H. Pon, the nominee for director of the Office of Personnel Management, said that his top priority for the agency will be IT modernization. “Outside of work, Federal employees are able to access nearly any piece of information they need, from their bank accounts to student loans to car insurance, all on their phone,” he said. “We need to work toward providing the employees of the Federal government with the same conveniences with regards to their employment within the Federal government, with appropriate attention to information security.” […]

Federal IT leaders are shifting focus from trying to secure every system to prioritizing the systems that need the most security controls. “We realized that no matter how much we protected our systems, something could happen,” said Thresa Lang, deputy director of the Navy Cybersecurity Division, at CISQ’s Cyber Resilience Summit on Oct. 19. […]

Federal agencies are focusing on ways they can leverage new technologies, such as automation, to improve IT service management and streamline cybersecurity processes, as they work to keep up with a threat landscape that changes constantly. ServiceNow’s Bob Osborn said that ServiceNow is integrating artificial intelligence capabilities into its platform so that agencies can use the newest automation technologies as they become available. […]

Sen. Sheldon Whitehouse, D-R.I., told Attorney General Jeff Sessions on Oct. 18 that he has found it impossible to talk to anyone from the Department of Justice about cybersecurity legislation. Whitehouse said during a hearing before the Senate Judiciary Committee that intelligence officials have told the committee that the election systems could be hacked by foreign actors. Whitehouse is interested in working with different agencies to develop legislation on cybersecurity. […]

The Department of Defense is recognizing National Cybersecurity Month by expanding cybersecurity education to families of service members. “This is not just an IT issue,” said Essye Miller, deputy CIO for cybersecurity and chief information security officer for DoD. “Everyone that’s operating on the network has a responsibility.” […]

The FBI needs access to encrypted files in order to protect the nation against cyber crime, according to Deputy Attorney General Rod Rosenstein. “Encryption is essential,” Rosenstein said “It is a foundational element of data security and authentication. It is central to the growth and flourishing of the digital economy. We in law enforcement have no desire to undermine encryption. But ‘warrant-proof’ encryption poses a serious problem.” […]

Rep. Will Hurd, R-Texas, is working on the text of his bill to create the Cyber National Guard, a scholarship program that will help train students for cybersecurity jobs in the Federal government. Students who apply for the Cyber National Guard would receive scholarship money for cybersecurity training programs. Once the students graduate, they would spend the same number of years working for a Federal agency as they did receiving scholarship money to attend school. […]

With the new focus on innovation in Federal IT, agency CIOs said they will modernize whether they like it or not. The increased conversations about modernization have changed the way agency CIOs talk to their leadership about IT, according to Pamela Dyson, CIO of the Securities and Exchange Commission (SEC). […]