Cybersecurity
CMMC clears key regulatory hurdle
The White House approved an interim rule to mandate defense contractors prove they adhere to existing cybersecurity standards from the National Institute of Standards and Technology.
Cybersecurity
Hackers Take Data for Further Reconnaissance in Breach of Federal Agency
Initial access to the agency’s system was possibly due to failure to fix a known VPN vulnerability, a patch for which was released in April 2019.
Emerging Tech
Oak Ridge Considers Supplementing In-House Cybersecurity Operations, CISO Says
Oak Ridge National Lab's top information security official told Nextgov he’s looking at moving to managed threat detection and response services.
Cybersecurity
DHS watchdog weighs in on 2019 biometrics leak
Customs and Border Protection didn't adequately safeguard data that eventually leaked by subcontractor, a recent Inspector General report states.
Ideas
Addressing Insider Threats with Event Triggers
An insider threat program that incorporates financial triggers can help identify at-risk individuals.
Cybersecurity
FBI Director: Feeding DOD’s Cyber Offense Operations Is Crucial to New Strategy
Senator says legislation is moving forward to thwart intellectual property theft from China and defend federal networks from cyberattacks.
Cybersecurity
IG: CBP Responsible for 2019 Biometrics Breach, Though No Federal Networks Were Compromised
A ransomware attack on a Customs and Border Protection vendor leaked facial images on more than 184,000 travelers—something agency security and policy should have prevented.
Cybersecurity
Cybercriminals Strike Schools Amid Pandemic
At least 16 school districts have been victimized in a rash of ransomware attacks since the end of July.
Cybersecurity
Watchdog Highlights Need for Better Cyber Coordination Across Government
A pair of reports point to confusion about the State Department’s new cyber bureau and the vacuum left behind by the eliminated White House cyber coordinator position.
Cybersecurity
House passes stopgap spending bill
The current appropriations bills are set to expire on Oct. 1; the bill now goes to the Senate where it is expected to pass.
Cybersecurity
FERC Asks Energy Sector to Report Huawei, ZTE Usage
Amid fears over having to replace equipment, Energy official noted no set timeline for implementing next steps on a related executive order.
Cybersecurity
PIV security frays under the crush of telework
Adversaries are adapting to the shifting identity authentication gaps on federal and commercial networks created by the remote work environment, according to federal security experts.
Cybersecurity
GAO report calls for White House cyber director
Congress may have to step in to carve out a White House position charged with implementing protective cybersecurity measures.
Cybersecurity
Audit: HUD Doesn’t Ensure Sensitive Data It Shares Is Secure
A Government Accountability Office pointed to high turnover rates for top privacy and IT security officials as a reason for the agency's poor performance.
Ideas
On TikTok, the Trump Administration Is Adopting China’s Own Vision for the Internet
Until recently, the United States has been a staunch opponent of data localization laws.
Cybersecurity
Government Employees May Need to Update Threat Hunting Perspectives
As Congress considers expanding threat hunting programs into the private sector, a majority of federal workers surveyed last year didn’t seem to have a clue about such efforts within their own agencies.
Emerging Tech
Program Under Defense Innovation Unit Is Launching a New Consortium
The Institute for Nascent Innovations will look to identify and solve unseen issues in emerging crises.
Cybersecurity
Acting DHS head offers alternative succession path
Chad Wolf, under fire in the courts and from watchdogs about the legal status of his appointment at the Department of Homeland Security, is offering an alternative explanation of his standing.
Ideas
The Need for Unified Data Protection in the U.S.
Innovative businesses should be fighting to get federal privacy legislation to get the most out of data while simultaneously protecting customer information.
Cybersecurity