Cybersecurity
Marine Corps Looks for Insider Threat Monitoring Capability
And another Marine Corps application addressing a specific kind of insider threat—suicidal ideation—will be established as a system of records.
Cybersecurity
Pentagon Wants to Upgrade the IT Supporting Its Insider Threat Program
The Defense Department wants a vendor to manage the next phase of development for the insider threat program’s central database and case management.
Cybersecurity
DOJ's China hack indictments offer businesses key threat intel, officials say
A Justice Department official today disclosed that 1,000 Chinese researchers have been expelled from the country for hiding their affiliation with the Chinese military.
Cybersecurity
What it takes to future-proof federal IT supply chains
We have now advanced past that initial disruption brought about by the COVID-19 pandemic, and agencies and organizations should ask themselves: how can we make our supply chains better for the long term, and how do we continue to improve work-from-home security?
Cybersecurity
Report Heralds Perfect Storm for Insider Threats in 2021
A leading analytics firm suggests investing in employee wellness.
Cybersecurity
Civilian-side CMMC
The General Services Administration will add more supply chain and cybersecurity protection language, including DOD's CMMC requirements for vendors, to its new contracts as risks grow, according to one of the agency's top acquisition managers.
Cybersecurity
DHS Exempts Expanded Insider Threat Program From Key Privacy Act Provisions
The agency will be allowed to collect large amounts of data without having to follow several provisions regarding disclosure, relevance and the sharing of that information.
Cybersecurity
DOD releases interim cybersecurity rule
The rule is designed to ensure DOD contractors are adhering to a uniform standard for protecting controlled unclassified information is protected. But while trade groups representing government and defense contractors have lauded the framework but criticized the implementation and rulemaking process.
Cybersecurity
CMMC clears key regulatory hurdle
The White House approved an interim rule to mandate defense contractors prove they adhere to existing cybersecurity standards from the National Institute of Standards and Technology.
Ideas
Addressing Insider Threats with Event Triggers
An insider threat program that incorporates financial triggers can help identify at-risk individuals.
Cybersecurity
PIV security frays under the crush of telework
Adversaries are adapting to the shifting identity authentication gaps on federal and commercial networks created by the remote work environment, according to federal security experts.
Cybersecurity
Managers Who Stay Connected to Remote Employees Could Reduce Insider Threats, State Official Says
Pandemic-related stress and isolation could push some employees over the edge.
Acquisition
DISA to deliver web-browsing protection to 1.5M users
The Defense Information Systems Agency is moving into production for its $199 million cloud-based internet security tool, aiming to migrate 1.5 million users in the first year.
Cybersecurity
National Guard plans all-virtual cyber exercise
The National Guard is taking its annual Cyber Shield training exercise virtual due to COVID-19 with a spotlight on information operations.
Cybersecurity
CISA updates internet connection policies
Many of the changes to the core Trusted Internet Connection policies were in response to public feedback seeking new tech and additional architectural and security concepts.
Cybersecurity
CMMC Official Backs Light-touch Option for Continuous Monitoring of Defense Contractors’ Cybersecurity
The Pentagon’s certification program is looking for a way to keep tabs on companies during the three-year intervals between independent audits.
Modernization
Staying ahead of threats on government networks
Why securing data and managing cyber risk must now become critical elements in agency ERM frameworks.
Cybersecurity
DHS Insider Threat Program Expanding to Anyone Who Accesses Agency Info
The Homeland Security Department will begin tracking all personnel—federal employees and contractors, with or without a security clearance—in the hunt for insider threats.
Cybersecurity
Report: Lax cybersecurity at CIA unit led to Vault 7 leaks
An internal CIA report pins the theft of valuable hacking tools in 2016 on a workplace culture that didn't do enough to emphasize cybersecurity.
Ideas