Cybersecurity
CISA, FBI warn of hacking threat against Fortinet product
The advisory warns that an unattributed threat actor is using known vulnerabilities in a Fortinet security product to gain access to government and industry networks.
Cybersecurity
Electric Cars, Smart Refrigerators Pose Cyber Risk To US Utilities, GAO Finds
The risks aren’t well understood by researchers, in part because of local and state control of electrical utilities.
Cybersecurity
DOD Concludes Review of First CMMC Certification Organization
The Accreditation Body in charge of the department’s developing certification program also has a notable new leader as others take their leave.
Cybersecurity
Krebs cautions on push for national cyber director
The former CISA chief expressed confidence in Deputy National Security Advisor Anne Neuberger to help the White House confront the multiple cybersecurity incidents it is facing.
Cybersecurity
Mandatory review of DOD's compliance on CMMC is delayed
The Defense Department was supposed to submit a review to Congress by March 1 assessing whether components complied with the guidelines of the Cybersecurity Maturity Model Certification program. That deadline has been pushed to June.
Cybersecurity
CISA Orders Agencies to Conduct Fresh Scans of Microsoft Exchange Servers
The agency issued supplemental guidance requiring new tests with Microsoft-provided tools and measures to harden the attractive target.
Cybersecurity
First set of CMMC certification orgs emerge
The Defense Department's unified cybersecurity program is making gains with its first tranche of certifying bodies, but assessments for defense contractors are a ways off.
Cybersecurity
Mayorkas announces cyber 'sprints' on ransomware, ICS, workforce
The Homeland Security secretary announced a series of focused efforts to address issues around ransomware, critical infrastructure and the agency's workforce that will all be launched in the coming weeks.
Ideas
Getting and Growing the Cyber Workforce You Need for 2021—and Beyond
It’s no secret that the competition for cyber talent is stiff. With a 0% unemployment rate and nearly 400K open positions across the U.S., federal agencies must reinvent their cyber employee experience.
Cybersecurity
NIST Seeks Small Business to Help Develop Cybersecurity Standards
The agency is looking for consultation on crucial cybersecurity issues.
Cybersecurity
CMMC body hires ex-CISA deputy as first CEO
The governing body in charge of implementing the Defense Department's Cybersecurity Maturity Model Certification program has hired Matthew Travis, former CISA deputy director, as new CEO.
Modernization
Army Using DevSecOps for Tactical Radio Program
The iterative development approach allowed the program executive office to start making adjustments to network operations quickly, according to a news release.
Ideas
Closing the Cyber Skills Gap Will Take New Technologies in Addition to New Talent
The cybersecurity resources gap is no longer a problem we can solve with humans alone.
Cybersecurity
FedRAMP Outlines Requirements for Using Containers
Container technology allows operability across operating systems and faster development but is a primary security concern for implementers.
Cybersecurity
Air Force Working on Foundational Zero Trust Activities, CIO Says
Some programs are already operating under a zero trust framework, but the enterprise as a whole still needs basic tools for things like identity, credentials and access management.
Cybersecurity
Director Says NSA’s Domestic Surveillance Authority ‘Rightly’ Limited
Gen. Paul Nakasone, who oversees both the intelligence agency and U.S. Cyber Command, stressed the need for greater visibility through private-sector information streams.
Cybersecurity
Impatient lawmakers press Biden for cyber director nominee
President Joe Biden has said cybersecurity will be a top priority for his administration, but two senior positions focused on the issue remain either vacant or held by an acting official.
Cybersecurity
Energy Launches Supply Chain Program As Watchdog Called for More Action
The Energy Department has been focused on securing the generation and transmission of power, but distribution processes are also increasingly vulnerable.
Cybersecurity
New Software Vendor Standards Coming Within Weeks, CISA Head Says
The White House is leading an interagency effort focused on software development that will determine federal procurement of information technology.
Modernization