Cybersecurity
CMMC announces new advisory council to collect industry feedback
The new organization will eventually produce regular public reports and address common industry concerns like the cost of implementation.
Cybersecurity
Senators seek details on Einstein's performance and limitations
Ahead of its scheduled reauthorization next year, two senators are seeking detailed information about Einstein, a government cybersecurity program that has come into the spotlight in the wake of the breach involving SolarWinds.
Cybersecurity
DOD’s Vulnerability Disclosure Program for Contractors Is in Demand
The Defense Cyber Crime Center launched a pilot with “a few dozen” companies participating.
Modernization
DOD Workforce Wants to Keep Telework Going Despite Early Hiccups
A Defense Department Inspector General report surveyed more than 56,000 employees about telework during the pandemic.
Cybersecurity
A renewed push for secure modernization
With the SolarWinds breach as a catalyst and new leadership across government, agencies are rethinking their roadmaps.
Cybersecurity
Space Force satellite communications contract gets nod for CMMC
A request for information for the Inmarsat Broadband Global Area Network and Global Xpress contract was amended March 31 to include requirements for the CMMC pilot program.
Ideas
It's When Not If with Ransomware: How Agencies Can Prepare
Agencies must acknowledge this threat and take steps to prepare, defend and remediate.
Cybersecurity
DOE Watchdog Detailed Its Cybersecurity State Amid SolarWinds Hack
The department continues to struggle with many of the issues the Cybersecurity and Infrastructure Security Agency identified after widespread intrusions into the public and private sector.
Digital Government
House Republicans Call For VA-Led Campaign to Help Protect Vets from Cyber Risks
A new deep-dive study and public website would stem from the efforts.
Cybersecurity
CISA, FBI warn of hacking threat against Fortinet product
The advisory warns that an unattributed threat actor is using known vulnerabilities in a Fortinet security product to gain access to government and industry networks.
Cybersecurity
Electric Cars, Smart Refrigerators Pose Cyber Risk To US Utilities, GAO Finds
The risks aren’t well understood by researchers, in part because of local and state control of electrical utilities.
Cybersecurity
DOD Concludes Review of First CMMC Certification Organization
The Accreditation Body in charge of the department’s developing certification program also has a notable new leader as others take their leave.
Cybersecurity
Krebs cautions on push for national cyber director
The former CISA chief expressed confidence in Deputy National Security Advisor Anne Neuberger to help the White House confront the multiple cybersecurity incidents it is facing.
Cybersecurity
Mandatory review of DOD's compliance on CMMC is delayed
The Defense Department was supposed to submit a review to Congress by March 1 assessing whether components complied with the guidelines of the Cybersecurity Maturity Model Certification program. That deadline has been pushed to June.
Cybersecurity
CISA Orders Agencies to Conduct Fresh Scans of Microsoft Exchange Servers
The agency issued supplemental guidance requiring new tests with Microsoft-provided tools and measures to harden the attractive target.
Cybersecurity
First set of CMMC certification orgs emerge
The Defense Department's unified cybersecurity program is making gains with its first tranche of certifying bodies, but assessments for defense contractors are a ways off.
Cybersecurity
Mayorkas announces cyber 'sprints' on ransomware, ICS, workforce
The Homeland Security secretary announced a series of focused efforts to address issues around ransomware, critical infrastructure and the agency's workforce that will all be launched in the coming weeks.
Ideas
Getting and Growing the Cyber Workforce You Need for 2021—and Beyond
It’s no secret that the competition for cyber talent is stiff. With a 0% unemployment rate and nearly 400K open positions across the U.S., federal agencies must reinvent their cyber employee experience.
Cybersecurity
NIST Seeks Small Business to Help Develop Cybersecurity Standards
The agency is looking for consultation on crucial cybersecurity issues.
Cybersecurity