Cybersecurity
Pentagon’s cyber red teams get clearer roles, governance
A document released by DOD’s chief information officer attempts to “address gaps in existing guidance” when it comes to the activities of the department’s cyber red teams.
Cybersecurity
CISA, FBI warn on risks of China-made drones
The new guidance is meant to alert critical infrastructure operators to potential security risks, including data exfiltration and cybersecurity risks, posed by unmanned aircraft systems manufactured in China.
Cybersecurity
CISA needs better collaboration with the EPA and water sector, watchdog says
CISA had “inconsistent collaboration” with relevant stakeholders due to a lack of formal mechanisms, according to the Department of Homeland Security Office of Inspector General.
Cybersecurity
State's cyber bureau has ‘raised the U.S. profile on cyber globally,’ watchdog says
The Government Accountability Office said the creation of the Bureau of Cyberspace and Digital Policy in 2022 has “helped to better position State to achieve its cyber diplomacy goals.”
Cybersecurity
White House looks to eliminate college degree requirements for cyber jobs with federal contractors
National Cyber Director Harry Coker also said Thursday that the federal government will be conducting a series of hiring sprints this year to fill seats.
Cybersecurity
EU signs on to IoT safety label plan
A U.S.-led effort to offer cyber-safe labels for connected devices is gaining momentum internationally.
Cybersecurity
Agencies’ FISMA implementation is still ‘mostly ineffective,’ watchdog says
The Government Accountability Office found that less than half of surveyed federal agencies had compliant security programs and called for improved performance metrics.
Cybersecurity
Think tank report envisions a cyber ‘good place’ for AI and how to get there
Amid the ongoing rise of artificial intelligence technologies and their integration into digital networks, the Aspen Institute compiled a new list of cybersecurity recommendations for government and industry.
Cybersecurity
Watchdog finds ‘sufficient’ cyber threat sharing at agencies, but barriers remain
The Intelligence Community Inspector General’s biennial update on cybersecurity information sharing noted that progress has been made over the past two years, but some agencies reported running up against roadblocks.
Cybersecurity
Space Force is crafting in-house cyber teams but sees need for closer work with USCYBERCOM
U.S. Cyber Command has been “an incredible partner” to the Space Force but does not currently have any personnel from the military branch within its ranks, a top official said.
Artificial Intelligence
How hackers can 'poison' AI
A new paper from NIST offers a standard taxonomy of cyber attacks dedicated to contaminating the data AI models use to learn.
Cybersecurity
FDA and CISA need to update cyber agreement for medical devices, watchdog says
The Government Accountability Office said medical devices are not commonly hacked but still called them “a source of cybersecurity concern warranting significant attention.”
Cybersecurity
Pentagon issues proposed CMMC rule
The long-anticipated draft rule, which will be officially published on Dec. 26, outlines proposed updates to DOD’s cybersecurity requirements for defense contractors and subcontractors who handle sensitive military data.
Cybersecurity
NIST releases 2 draft guides to prepare for post-quantum migration
The guidelines aim to help organizations incorporate quantum-resistant algorithms into their existing security infrastructures.
Cybersecurity
NDAA provision looks to close cybersecurity gaps in nuclear weapons systems
The requirement included in the fiscal year 2024 defense policy bill follows a 2022 GAO report that found the National Nuclear Security Administration did not fully implement “foundational cybersecurity risk practices.”
Cybersecurity
NIST issues guidance on a mathematical approach to data privacy
The draft document provides a system for adopting a differential privacy framework, and the agency is currently seeking feedback to ensure quality.
Cybersecurity
The 2024 defense policy bill has a lot of cyber
Other provisions touch on diplomacy and nuclear command and control, among other things.
People
Coker confirmed as cyber director
On a bipartisan vote, the Senate confirmed Harry Coker to lead the Office of the National Cyber Director at the White House.
Cybersecurity
U.S., global partners, ask software companies to focus on memory-safe code
New guidance for software developers from Five Eyes countries implores software developers to patch memory safety vulnerabilities and rethink the use of risky programming languages.
Cybersecurity