Cybersecurity

CISA looks for input on new, 'less prescriptive' TIC

Agencies can use new guidance documents on Trusted Internet Connections 3.0 to jumpstart their own pilot programs and suggest improvements to the policy.

Ideas

Cyberspace Is the Next Front in Iran-U.S. Conflict—and Private Companies May Bear the Brunt

Businesses are at high risk, and strict American criminal laws prohibit many forms of cyber self-defense by private companies.

Cybersecurity

CISA Says Agencies Have 10 Days to Patch NSA-Spotted Microsoft Vulnerability

The National Security Agency discovered and disclosed a severe flaw in Windows 10 to build trust with industry partners, an official said.

Cybersecurity

CMMC training underway for auditors

Training of the third-party accreditors for the DOD's upcoming unified cybersecurity standard will take place from now until June.

Cybersecurity

CISA alerts on NSA-discovered Windows 10 flaw

Attackers could use the vulnerability to trick users into installing "updates" from trusted parties that are actually malware.

Cybersecurity

Telecom, Software Industry Groups Push Back on Commerce’s Proposed Supply Chain Rule 

One group suggested the proposed rule to ban U.S. entities from buying information technology from foreign adversaries could be illegal.

Cybersecurity

Iran Is Expanding Its Online Disinformation Operations

Tehran isn’t as practiced as Moscow at purveying propaganda online, but they’re no slouches.

Ideas

Can the Continuous Diagnostics and Mitigation Program Secure a Cloud Smart Government?

The good news is that CDM is proactively reaching out to leading cloud service providers for soltuions.

Cybersecurity

Lawmakers Ask FCC to Protect Consumers from Phone Hijackers

The request comes amid an uptick in SIM swap scams.

Cybersecurity

OPM CISO Seeking a Small Business to Help Monitor Agency Cybersecurity

The winning vendor will help the government’s HR department track incidents across 1,000 servers and more than 10,000 devices.  

Cybersecurity

DOD names chair for cyber certification program

Ty Schieber will head the accrediting body for DOD's upcoming cybersecurity certification program.

Cybersecurity

Air Force Could Tap Into Individuals’ Online Data to Combat Insider Threats

The request for information stems from an executive order issued in 2011.

Cybersecurity

Cyber Solarium to back CISA as the lead response agency

Leveling up CISA and CyberCom and streamlining Congressional jurisdiction will be among the recommendations issued in an upcoming report from the Cyberspace Solarium Commission.

Cybersecurity

CISA cautions on Iran threats

U.S. officials and cybersecurity experts are concerned that Iranian reprisals for the killing of Soleimani could take the form of attacks on U.S. networks or critical infrastructure.

Cybersecurity

What’s Next for Iran’s Cyber Actors?

The country has grown as a talented, and destructive, network threat over the last several years.

Cybersecurity

Killing of Iranian general spurs concern about cyber retaliation

Iran has threatened to respond to the targeted killing of senior general Qassem Soleimani, and analysts say the goal will be to punish the U.S. by targeting its IT and critical infrastructure while avoiding traditional military conflict.

Cybersecurity

Privacy assessment finds risk with CDM shared service platform

An updated assessment from the Department of Homeland Security finds that a shared services platform designed to help smaller agencies use the Continuous Diagnostics and Mitigation program brings with it new but manageable privacy risks.

Ideas

Here Are the Threats Federal Network Defenders Need to Know

Some cyber criminals are going old school.

Cybersecurity

Another Federal Employee Caught Watching Porn at Work

The employee admitted watching adult pornography at work but retired amid a government investigation.

Cybersecurity

Government Makes Strides Sharing Cyber Threat Information

The government’s only laggard complying with the Cybersecurity Information Sharing Act of 2015 is the Defense Department.