Policy
Bill Would Prompt USDA Intelligence Office to Probe Foreign Threats to America’s Agriculture
The legislation comes amid reports of Americans receiving and planting unsolicited “mystery seeds” reportedly arriving from China.
Cybersecurity
Justice Department Charges 5 Chinese Nationals with Hacking More than 100 Companies
Two Malaysian businessmen also were arrested in Malaysia and face extradition in related charges.
Cybersecurity
Interior IG Team Used Evil Twins and $200 Tech to Hack Department Wi-Fi Networks
A team of hackers was able to gain access to Interior networks using publicly available equipment, open source software and a backpack.
Cybersecurity
CISA, FBI Warn Iran-based Threat Actor May Be Planning Ransomware Attacks
The attacker is targeting virtual private networks and cloud computing vulnerabilities, and has been present in victim networks for several months.
Ideas
The Path Toward a Holistic Zero Trust Architecture
The Defense Department's anticipated guidelines should inspire more organizations to follow such a model, moving zero trust from a buzzword to reality.
Cybersecurity
What's Next for the House-Passed IoT Security Bill
Some security professionals point to broad exemptions in the Senate version of the legislation that could undermine the effort to guide federal procurement decisions.
Ideas
When You Can’t Add Cybersecurity Staff, Build Cyber-Resiliency Instead
But organizations should be careful that they aren’t just throwing additional, sophisticated tools at existing employees to solve the problem.
Cybersecurity
What the U.S. Needs to Do to Secure Election 2020
Concerns extend far beyond safeguarding insecure voting machines and questions about voting by mail.
Cybersecurity
Comments on Government Supply Chain Rule Push for Better Definitions and More Time
Industry groups and other comments highlight the difficulty of complying with a provision of last year’s defense authorization act that requires the removal of products from companies including Huawei and ZTE.
Modernization
Bipartisan House Bill Targets Improving Digital Identity Verification
Lawmakers aim to help confront and curb identity theft through strategic modernization.
Cybersecurity
Hackers Connected to China Have Compromised U.S. Government Systems, CISA says
Using publicly disclosed code and vulnerabilities, attackers appear to be winning a crucial race against defenders.
Cybersecurity
46,000 Veterans' Data Exposed In Financial Services Center Breach
Hackers were able to divert payments headed to private sector health care providers.
Cybersecurity
DOD Cybersecurity Certification Body Moving Forward Despite Uncertain Funding
It’s unclear where money for crucial tools such as continuous monitoring will come from.
Cybersecurity
Cyber Commission Suggests Reforms to Allow Flexible Pay, Hiring to Boost Workforce
Prospective federal employees might be turned off by cybersecurity jobs being classified as IT.
Ideas
Diving into Government’s Trusted Internet Connections Standard 3.0
The policy lays out the framework for security, but allows agencies to fill in the details based on their unique missions.
Cybersecurity
COVID Could Spur Reduced Reliance on Classified Sources of Cyber Intelligence
CISA officials highlighted cloud configuration and VPN vulnerabilities in assessing threats associated with the pandemic.
Cybersecurity
Big Tech Moves Against Certification as a Government Solution for Cybersecurity
The trade association for the industry’s largest companies recommends relying on vendor declarations.
Cybersecurity
OMB Starts Clock on Agencies Implementing Policies to Welcome Public Security Research
CISA also released a binding operational directive and will start scanning government systems for the policies when time is up in six months.
Ideas
What Agencies Need to Know About TIC 3.0 and Enabling Technology
The third version of the Trusted Internet Connection policy brings government IT closer to the capabilities available to the private sector.
Cybersecurity