Ideas
Government Employees' Online Personal Info Presents Unmitigated Risk Vector
Today, 1 in 15 government workers is exposed to social engineering attacks.
Cybersecurity
CISA Offers Vulnerability Disclosure Platform for Civilian Agencies
The platform will provide triage and administrative services while allowing CISA to monitor agencies’ progress resolving reports from security researchers.
Cybersecurity
NSA to National Security Employees: Avoid Working on Public Wi-Fi
The agency offered best practices for remote work using wireless technologies.
Ideas
Fixing the Fractured Federal Approach to Cybersecurity
It’s time for a centralized cybersecurity-focused agency.
Cybersecurity
Wanted: Accountability for Addressing the Federal Cybersecurity Workforce Challenge
Even when some agencies succeed at bringing talent in, they aren’t able to hold on to it for long.
Cybersecurity
Survey: Pandemic Has Left Public Sector IT Exposed
The single largest risk factor reported by respondents is the influx in remote work.
Cybersecurity
The Most Targeted Vulnerability of the Year Was First Identified in 2017
In a joint advisory, international cybersecurity officials say failure to patch years-old vulnerabilities makes attributing cyberattacks more difficult.
Cybersecurity
White House Asks CISA, NIST to Set Performance Goals for Critical Infrastructure Operators
The initiative will not result in mandatory measures for the private sector, but the administration hopes to signal its commitment to cybersecurity and maybe get a little help from Congress on that front.
Cybersecurity
TSA, Transportation Officials Give Insight into New Cybersecurity Mandates for Pipeline Operators
Agency leaders expressed a commitment to avoiding duplication of their efforts as lines blur between cyber and physical security.
Cybersecurity
How Unemployment Insurance Fraud Exploded During the Pandemic
Bots filing bogus applications in bulk, teams of fraudsters in foreign countries making phony claims, online forums peddling how-to advice on identity theft: Inside the infrastructure of perhaps the largest fraud wave in history.
Cybersecurity
States Weigh Bans on Ransomware Payoffs
The idea is that this would deter attacks because cybercriminals would know they couldn’t get paid.
Cybersecurity
Energy Updates Assessment Tool for Administration’s 100-Day Cybersecurity Sprint
The update comes as lawmakers jostle for jurisdiction over cybersecurity across multiple critical infrastructure sectors with a slew of bills advancing in both chambers of Congress.
Cybersecurity
DOD’s Supply Chain Security Should be Strategic Priority, Congressional Task Force Says
The Defense Critical Supply Chain Task Force released six legislative proposals calling for less dependence on adversaries like China and improved supply chain visibility.
Cybersecurity
CBP Cybersecurity Failures Left Travelers' Personal Info at Risk, IG Says
A new internal watchdog report finds Customs and Border Protection failed to conduct required cybersecurity activities for its Mobile Passport Control applications.
Cybersecurity
Senators Promote Cybersecurity Measures in Core Bipartisan Infrastructure Framework
Congressional leaders of the Cyberspace Solarium Commission stressed a need to focus specifically on water treatment systems.
Cybersecurity
CISA Considering Open-Source Registrar Platform For .Gov Domain
The agency is looking for support services to help manage the .gov registry as it takes control of the top-level domain from GSA.
Ideas
The State of Data Security in the Federal Government
Most agencies don’t have a solid grasp of what data they have or where it is located.
Cybersecurity
Bill Would Require Federal Agencies and Contractors to Report Cyber Intrusions Within 24 Hours
The bill leaves it up to an interagency rulemaking process to determine whether entities would be required to report incidents they’re aware of but not directly involved in.
Digital Government
Zero Trust-Like Approach Needed for Microelectronics Industry, Former DOD Official Says
Onshoring doesn’t mean vulnerabilities associated with chips will be instantly mitigated, the official said.
Cybersecurity