Cyber Threats

Agencies Have Till Midnight April 15 to Apply New Microsoft Exchange Patches

Four of the 95 vulnerabilities Microsoft released as part of its monthly “patch Tuesday” were identified by the National Security Agency.

The Biden Administration’s Cybersecurity Roadmap

Making some changes to how the federal government buys cyber tools is one of the things the new Homeland Security secretary has mentioned.

Former DHS Secretary Details SolarWinds Hackers’ Access to His Email

Chad Wolf said the information was all unclassified but the compromise was still disturbing.

Air Force Awards SBIR Contract for IoT Device Security

Phosphorus Cybersecurity will work with engineers at Joint Base San Antonio to secure devices operating on 5G networks.

White House Names National Cyber Director, CISA Chief

The administration also announced nominees for other Homeland Security Department leaders. 

DARPA Needs Help Securing Its Programs From Foreign Influence and Malicious Insiders

The agency works on the most advanced tech research on the planet, often with critical national security implications.

Biden Budget Requests Major Investments for Federal Technology and Cybersecurity

The 1.5 trillion budget would give the Technology Modernization Fund and CISA big increases as well as launch new advanced research projects agencies.

Survey Suggests Public Sector Slightly Better than Industry at Prioritizing Mobile Security    

A majority of respondents said they sacrificed security of IoT devices to respond to COVID-19 policies and for expedience generally.

Experts Torn on Role of National Cyber Director

Former officials agree someone needs to coordinate the work of various government entities but weighed pros and cons to the position being located within the National Security Council.

DOD’s Cybersecurity Accreditation Body Open to Pursuing Grants as a Nonprofit 

Once the organization gains non-profit status from the IRS, the board’s chairman sees new funding opportunities opening up that he says could benefit industry.

DOD’s Vulnerability Disclosure Program for Contractors Is in Demand

The Defense Cyber Crime Center launched a pilot with “a few dozen” companies participating.

It's When Not If with Ransomware: How Agencies Can Prepare

Agencies must acknowledge this threat and take steps to prepare, defend and remediate.

DOE Watchdog Detailed Its Cybersecurity State Amid SolarWinds Hack

The department continues to struggle with many of the issues the Cybersecurity and Infrastructure Security Agency identified after widespread intrusions into the public and private sector. 

Electric Cars, Smart Refrigerators Pose Cyber Risk To US Utilities, GAO Finds

The risks aren’t well understood by researchers, in part because of local and state control of electrical utilities.

CISA Orders Agencies to Conduct Fresh Scans of Microsoft Exchange Servers

The agency issued supplemental guidance requiring new tests with Microsoft-provided tools and measures to harden the attractive target.

Getting and Growing the Cyber Workforce You Need for 2021—and Beyond

It’s no secret that the competition for cyber talent is stiff. With a 0% unemployment rate and nearly 400K open positions across the U.S., federal agencies must reinvent their cyber employee experience.