Cybersecurity
How cyber gray zone conflict can shape conventional war
As gray zone conflict becomes the norm, the intelligence community may have to make some changes to adapt.
Cybersecurity
U.S. Announces Work Toward Non-Binding Agreement on Surveillance Tech
Key U.S. allies supported the effort but did not sign on to a joint statement committing to the creation of a code of conduct on how to exercise export controls to curb the use of the cyber intrusion technologies by authoritarian regimes, according to a White House release.
Cybersecurity
Increased Interconnectivity Demands Stronger Federal Data Protection Protocols, Officials Say
Officials in the public and private sectors warned of the need to enact a robust cybersecurity posture at the federal level ahead of growing ransomware and hacking threats.
Ideas
What Agencies Need to Do to Combat Shadow IT Driven by Cloud Sprawl
Cloud sprawl happens when development teams spin up new cloud resources, forget about them, then move on to the next urgent task.
Digital Government
GAO: Pentagon Needs Goals to Improve CMMC Framework
The watchdog made several recommendations in an audit of the Cybersecurity Maturity Model Certification effort.
Cybersecurity
NIST Outlines Request for Information Toward a New Cybersecurity Framework
The update will include a focus on supply chains for both hardware and software.
Cybersecurity
Cyber in the 2022 defense bill
As has been the case for the past few years, cyber governance provisions were featured in this year's must-pass defense policy bill moving through Congress, but a bipartisan breach notification measure was dropped from the bill -- to the chagrin of its supporters.
Cybersecurity
House Passes NDAA Without Cyber Incident Reporting Legislation
The bill still includes what the House Armed Services Committee referred to as the widest empowerment of CISA since SolarWinds.
Ideas
Data Exfiltration: Public Enemy No. 1 for the Public Sector
Taking a proactive approach is a critical step in improving the way the government combats threats.
Cybersecurity
OMB Guidance Heralds Automation of FISMA Reporting
The new Federal Information Security Modernization Act guidance also prioritizes security testing and doubles down on CISA’s Continuous Diagnostics and Mitigation program.
Cybersecurity
White House embeds cyber EO in FISMA reporting
Federal agencies will be reporting on zero-trust adoption and automation efforts in their annual cybersecurity reports to the Office of Management and Budget.
Ideas
How a Cloud-Security Scaffolding Can Protect Your Multicloud Landscape
Different cloud environments have different security needs. Here’s how to create a cloud-security scaffolding to strengthen protections while reducing manual support.
Cybersecurity
NSA, CISA List Expectations for Industry on Data Governance in 5G Environments
The document is the third in a four-part series of guidance that categorizes security responsibilities according to their relevance for the cloud service providers, mobile operators and users of emergent fifth-generation networks.
Cybersecurity
DHS Redefines ‘Cybersecurity Incident’ in Directives for Surface Transportation
The new definition allows industry more flexibility to decide what should trigger reporting mandates for the sector.
Cybersecurity
Russian National Sentenced to Five Years For Aiding Malware Hacking
Aleksandr Grichishkin, 34, pleaded guilty to providing a server allowing cybercriminals temporary use of IP addresses to bypass security measures and exploit financial data.
Cybersecurity
Hacker, Journalist Among CISA Directors’ 23 New Cybersecurity Advisors
The new Cybersecurity Advisory Committee will focus on five areas including workforce development, and has room for 12 more members.
Cybersecurity
Feds Warned to Look Out For Ransomware Grinches over the Holidays
Federal cybersecurity officials would prefer you keep your holidays a little more secure.
Cybersecurity
CISA Seeks Protective Email Service that Tracks Agencies’ Security Compliance
The agency is ramping up efforts to exercise its new authorities to hunt for threats across the .gov enterprise.
Cybersecurity