Cybersecurity
Hassan, Cornyn float bill to create new federal cybersecurity training programs
One part of the bill would create a pilot program to train vets to work in cybersecurity.
Ideas
Leveraging Encryption Keys to Better Secure the Federal Cloud
In the same way we use a key to lock valuable assets in a safe deposit box, agencies can lock up encryption keys.
Cybersecurity
New Laws Are ‘Probably Needed’ to Force US Firms to Patch Known Cyber Vulnerabilities, NSA Official Says
Too many firms are shying away from replacing old gear that is only getting easier for criminals to attack.
Cybersecurity
DOD Offering Defense Industrial Base a ‘Krystal Ball’ Into Adversary Insights
A pilot program is being run out of the Defense Department’s Cyber Crime Center, which is a key part of a strategy to secure the defense industrial base as the scope and severity of cyberattacks increase.
Digital Government
Pentagon May Be Underestimating IT Investment Risks, GAO Says
The Government Accountability Office evaluated 10 programs at a higher risk level than what was reported by DOD, according to a new report.
Cybersecurity
Bill Would Create Cyber Workforce Training Programs at CISA and VA
The two programs would look to increase the pool of cybersecurity experts for the public and private sectors, but with a focus on preparing trainees for federal jobs.
Cybersecurity
Small businesses ask Congress to focus CMMC on primes and DOD
Jonathan Williams, a partner at the Washington, D.C.-based law firm PilieroMazza, told lawmakers much of small businesses concerns could be assuaged if DOD and prime contractors shoulder the burden.
Cybersecurity
NIST defines 'critical software' under the cyber EO
The National Institute of Standards and Technology's new definition of "critical software" is foundational to new federal efforts to exert more control over the code supply chain.
Cybersecurity
Key Lawmaker Calls on Pentagon Leadership to Act on Cyber Certification Program
Members of the House Small Business Committee heard complaints of poor communication and coordination from the department on implementation of a controversial third-party auditing process.
Cybersecurity
Coast Guard confronts harassment and retaliation in the ranks
The U.S. Coast Guard wants to build out its cyber workforce, but will have to contend with budget restraints and culture issues surrounding sexual harassment and retaliation.
Cybersecurity
FCC Advances Efforts to Remove Untrusted Chinese Equipment from US Market
The Commission has set a date to vote on its most recent order for companies to rip and replace Huawei, ZTE and other gear from their networks.
Cybersecurity
FBI director wants more cooperation from ransomware victims
The bureau is seeking new funding to support cyber investigations and its own internal cybersecurity, but it also wants help from industry.
Ideas
5 Priorities to Uplevel Identity Security with the Technology Modernization Fund
Modern threats require modern solutions to solve them.
Cybersecurity
CISA Collaborating With White House on Forthcoming Zero-Trust Strategy
The agency has already released a draft model to guide agencies implementation of the concept under a recent executive order.
Cybersecurity
How NGA is handling hybrid telework
The National Geospatial-Intelligence Agency has begun to relax some of its COVID-19 safety procedures, but the challenge has been managing workers across different physical locations, networks and work schedules.
Cybersecurity
Energy Department Revising Cybersecurity Requirements for Nuclear Administration Contractors
The changes are coming as the industry argues current regulations are overly burdensome.
Cybersecurity
CISA still in the dark about agency network defense plans
In the wake of the SolarWinds campaign, the agency in charge of federal agency cyber defense acknowledges some gaps in both its data collection and network monitoring capabilities.
Cybersecurity
NSA: Test Unified Communications Patches Before Installing
Guidance from the National Security Agency aims to protect communications carried over the internet from eavesdropping, denial-of-service attacks and other dangers.
Cybersecurity
Survey: Many water utilities lack data on IT, OT assets
The new survey data from an information sharing and analysis center was published on the same day a news outlet reported a water treatment facility in California was easily breached by an individual who possessed a former employee's credentials.
Cybersecurity