Supply Chain

The Hack Roundup: Trump Orders U.S. Cloud Providers to Log Foreign Users

Here are the news and updates you may have missed.

  • By Heather Kuldell and Mariam Baksh

GAO: DOD Needs Permanent Group to Protect Critical Technologies

The task force currently running these efforts is set to dissolve in the coming months.

  • By Mila Jasper

Highway Safety Agency Wants Car Makers to Know What’s in Their Software

The agency is seeking comment on a software-heavy update of its cybersecurity best practices.

  • By Mariam Baksh

DOD Launches ‘Speed Dating App’ Connecting Vetted Capital With Tech Companies

The digital marketplace for the Defense Department’s Trusted Capital initiative went live shortly before the holidays.

  • By Mila Jasper

Counter Intelligence Chief Calls for Zero-Trust Software Supply Chain Policy

The official also said there’s a need for the fusion of responsibilities assigned to a trilogy of government agencies.

  • By Mariam Baksh

The Hack Roundup: SolarWinds Shares Details on How Attackers Inserted Backdoor

Here are the news and updates you may have missed.

  • By Heather Kuldell and Aaron Boyd

GSA to Remove Almost All Drones from Contract Offerings Over China Concerns

By Feb. 1, all but five unmanned aerial vehicles will be removed from the General Services Administration’s offerings.

  • By Aaron Boyd

GSA Introduces Vendor Risk Assessment Program in Draft Solicitation

The SolarWinds hack seems to be breathing new life into the supply chain security effort.

  • By Mariam Baksh

Pentagon Establishes Program Increasing Contractor Access to Classified Information

The department expects 20 to 30 corporations to join the group, a spokesman said.

  • By Mila Jasper

Russia ‘Likely’ Behind Widespread Hack, Cyber Response Agencies Say

The Cyber Unified Coordination Group believes fewer than ten government agencies were compromised in what is an ongoing intelligence operation.

  • By Mariam Baksh

CMMC: The Dramatic Year of the Pentagon’s Contractor Cybersecurity Program

The Defense Department’s main effort to protect its supply chain from cyber threats charged ahead through the pandemic but not without controversy.  

  • By Mariam Baksh

Next-Generation Program Protection: The Next Federal Cybersecurity Challenge

As the government aims to buy more innovative products, we must make critical advancements in program protection. 

  • By Matt Kraning

Hack Spurs Call for Greater—but Measured—Supply Chain Scrutiny 

Operational cybersecurity hygiene is one thing, criteria for using open-source code is another, one expert says. 

  • By Mariam Baksh

Former Presidential Adviser Advocates Tougher Software Vendor Standards After Breach

The environment where updates for the company’s software were developed was reportedly protected by a password anyone could guess.

  • By Mariam Baksh

Featured eBooks

Biometrics in Action
The Future of Defense Networks
How the Cloud is Helping the Government’s Pandemic Response

Biden Disputes Trump’s Claim that Hack is Under Control

The president-elect called for an official attribution to Russia but said a damage assessment is necessary before discussing the appropriate response.

  • By Mariam Baksh

Massive Hack Roundup: Attorney General Pins Intrusion on Russia

Here are the news and updates you may have missed.

  • By Mariam Baksh and Mila Jasper

Amid Massive Hack, Lawmakers Urge Trump to Sign Defense Bill with New Cybersecurity Legislation

As the government scrambles to understand the widening compromise, legislation to shore up the nation’s cyber defenses sits unsigned on the President’s desk.

  • By Patrick Tucker

House Committees Launch Investigation into Alleged Russian Hack of Federal Agencies

President-elect Joe Biden also promised to elevate cybersecurity “as an imperative” across government.

  • By Frank Konkel

CISA: SolarWinds Is Not the Only Way Hackers Got Into Networks

The agency also warned that getting attackers out of networks will be complex—especially because they are monitoring IT and cybersecurity employees’ emails.

  • By Aaron Boyd

GAO Issues ‘Wake-Up Call’ Report on Agencies’ Lax Supply Chain Security Management

The bottom line is that none of the 23 agencies audited fully implemented foundational risk management practices. 

  • By Mila Jasper

Pentagon Preps for First CMMC Pilots in 2021

The Pentagon’s Cybersecurity Maturity Model Certification program will begin including security requirements in select solicitations starting next year.

  • By Aaron Boyd