Cybersecurity
White House Committee Advocates Collaboration, Consensus in Cybersecurity Standards
The fourth installment of cybersecurity recommendations from the National Security Telecommunications Advisory Committee advocates more blanket requirements to strengthen the nation's cybersecurity posture.
Cybersecurity
House Dems Call for Info on Racially-Motivated Cyber Attacks
Several House lawmakers tasked DHS and CISA with providing information on “racially- or ethnically- motivated” violent attacks on the U.S. electrical sector.
Cybersecurity
Census Bureau data susceptible to ‘reconstruction attacks’ exposing individual data, report claims
A team of computer scientists demonstrated how cybercriminals can leverage commercial laptops to reverse engineer the Bureau’s statistics, leaving Americans exposed to risks like identity theft and discrimination.
Cybersecurity
DOD IG: Officials Failed to Identify Security Risks When Authorizing Cloud Services
An audit conducted by the Defense Department’s inspector general found agency components “may be unaware of known vulnerabilities and cybersecurity risks associated with operating their systems or storing their data.”
Cybersecurity
Zero Trust Presents 'Doable' Cybersecurity Goals, State Department's CIO Says
To shore up its cyber defenses, State is identifying potential vulnerabilities across its many disparate systems and working to boost its use of multifactor authentication.
Cybersecurity
DOD Unveils Updates to its Cyber Workforce Job Qualifications
Defense’s updated plan focuses on role-specific requirements and comes as the agency’s cyber workforce strategy is slated for imminent release.
Cybersecurity
Pending National Cyber Strategy to Feature ‘Strong Stand’ on Quantum Cryptography
An Office of the National Cyber Director official discussed the path of transitioning public and private networks to post-quantum cryptographic standards, and emphasizes data inventory in organizations’ efforts to transition cryptographic systems.
Cybersecurity
Almost 60% of GAO's Privacy Recommendations Since 2010 Are Unresolved
A watchdog report found that federal agencies have only implemented approximately 41% of recommendations related to the protection and security of sensitive data as of December 2022.
Cybersecurity
Report: Pentagon Personnel Use Unauthorized, Unsafe Apps on Work Devices
The Defense Department’s inspector general found that unsanctioned apps downloaded onto government-issued mobile devices “could pose operational and cybersecurity risks to DOD information and information systems.”
Cybersecurity
Report Reveals How US Has 'Not Advanced the Ball' on Top Cyber Risks
The top cybersecurity risks of 2023 include a shortage of trained cyber professionals, international strife and continued vulnerabilities in critical infrastructure services, according to a new report from the Bipartisan Policy Center.
Cybersecurity
CISA, South Korean Agencies Issue Joint Warning on North Korean Ransomware
The new cybersecurity advisory spotlights North Korean-backed actors targeting healthcare networks with ransomware.
Cybersecurity
How SBOMs Can Eventually Help to Secure Government’s Software Supply Chain
No agency has yet to require them in any major way.
Cybersecurity
Pentagon to Release New Cyber Workforce Strategy 'Any Day Now'
To address its workforce challenges, the Pentagon is undertaking new initiatives that will minimize education and certification requirements in favor of cyber knowledge and performance.
Cybersecurity
Online ‘Sextortion’ Scams up Eightfold, FTC Says
Consumers paid $1.3 billion to romance scammers in 2022.
Cybersecurity
US and UK Join Forces to Sanction Russian Hackers
Members of cybercrime group Trickbot, which favors deploying ransomware on critical infrastructure, were handed sanctions in the first-of-its-kind collaboration between U.S. and U.K. agencies.
Digital Government
National Cyber Director to Retire Next Week
Chris Inglis will retire almost two years after beginning the job.
Cybersecurity
House bill would put grid operators on a short clock for breach reporting
A cyber incident reporting bill making its way through Congress would task critical energy infrastructure owners and operators with reporting cyber incidents to the Department of Energy within 24-hours of their discovery.
Cybersecurity
Experts Question Value of Federal Cybersecurity Data Capture Mandate
The packet capture, or PCAP, requirement’s short timeframe and potentially massive data loads caused one expert to doubt whether it would be useful after a real cybersecurity incident.
Cybersecurity
GAO's Critical Infrastructure Cyber Recommendations Go Largely Unaddressed
A new watchdog review found that federal agencies overseeing critical infrastructure have only implemented 43% of recommendations made since 2010.
Cybersecurity