Cybersecurity
Senators Introduce Fresh Slate of Cybersecurity-Centered Bills
A couple would codify recommendations made by the Cyberspace Solarium Commission.
Cybersecurity
Federal Agencies Detail Russian Tactics Used in Recent Cyber Intrusions
The FBI, Homeland Security Department and Cybersecurity and Infrastructure Security Agency issued an alert on Russian government cyber tradecraft and mitigation techniques for targets.
Cybersecurity
How the Federal CISO Views Zero Trust
Federal Chief Information Security Officer Chris DeRusha and other federal officials also advocated moving away from siloed cybersecurity budgeting for agencies.
Cybersecurity
Existing Agency Threat Hunters Welcome CISA’s New Authorities
For the Department of Education, proactive threat hunting means not just taking down questionable URLs but buying them up.
Cybersecurity
DOD’s Cybersecurity Accreditation Partner Working to Address Conflict of Interest Issues
Multiple members of the Accreditation Body’s board of directors also serve as consultants in the cybersecurity space, which critics say gives them an unfair advantage to cash in on the program.
Cybersecurity
Energy Department Announces 100-Day Sprint to Shore Up Power Grid Cybersecurity
The department will partner with the Cybersecurity and Infrastructure Security Agency and utilities to improve visibility, detection and response to cyber threats.
Cybersecurity
Agencies Have Till Midnight April 15 to Apply New Microsoft Exchange Patches
Four of the 95 vulnerabilities Microsoft released as part of its monthly “patch Tuesday” were identified by the National Security Agency.
Cybersecurity
White House Names National Cyber Director, CISA Chief
The administration also announced nominees for other Homeland Security Department leaders.
Cybersecurity
Experts Torn on Role of National Cyber Director
Former officials agree someone needs to coordinate the work of various government entities but weighed pros and cons to the position being located within the National Security Council.
Cybersecurity
DOD’s Cybersecurity Accreditation Body Open to Pursuing Grants as a Nonprofit
Once the organization gains non-profit status from the IRS, the board’s chairman sees new funding opportunities opening up that he says could benefit industry.
Cybersecurity
Top Homeland Security Senators Want Details on Agencies Hit in SolarWinds, Microsoft Intrusions
Sens. Gary Peters and Rob Portman also request more information on key defensive programs and federal cyber leadership.
Cybersecurity
DOD’s Vulnerability Disclosure Program for Contractors Is in Demand
The Defense Cyber Crime Center launched a pilot with “a few dozen” companies participating.
Ideas
Getting and Growing the Cyber Workforce You Need for 2021—and Beyond
It’s no secret that the competition for cyber talent is stiff. With a 0% unemployment rate and nearly 400K open positions across the U.S., federal agencies must reinvent their cyber employee experience.
Ideas
Closing the Cyber Skills Gap Will Take New Technologies in Addition to New Talent
The cybersecurity resources gap is no longer a problem we can solve with humans alone.
Cybersecurity
Air Force Working on Foundational Zero Trust Activities, CIO Says
Some programs are already operating under a zero trust framework, but the enterprise as a whole still needs basic tools for things like identity, credentials and access management.
Ideas
Without Threat Intelligence, AI is Just a Buzzword
Smart threat intelligence starts with good data.
Cybersecurity
NSA, CISA Promote Domain Name System Incorporating Threat Information
The agencies’ guide on selecting a provider of protective DNS services is based on a pilot with the Department of Defense Cyber Crime Center.
Ideas
Practical Steps to Managing Supply Chain Risk
Like with any new agency initiative, nothing moves forward without executive sponsorship.
Cybersecurity
Splitting NSA, CyberCom Now Could Reduce Military Access to Intelligence, Milley Says
The Joint Chiefs chairman says the organizations have not yet worked out how to keep the data flowing after the long-awaited split.
Cybersecurity