Cybersecurity
Survey Suggests Public Sector Slightly Better than Industry at Prioritizing Mobile Security
A majority of respondents said they sacrificed security of IoT devices to respond to COVID-19 policies and for expedience generally.
Cybersecurity
White House to Seek Industry Input on New Software Security Rules, NSC Official Says
The administration wants to make sure the private sector has the ability to weigh in on procurement standards in an impending executive order.
Cybersecurity
Experts Torn on Role of National Cyber Director
Former officials agree someone needs to coordinate the work of various government entities but weighed pros and cons to the position being located within the National Security Council.
Cybersecurity
DOD’s Cybersecurity Accreditation Body Open to Pursuing Grants as a Nonprofit
Once the organization gains non-profit status from the IRS, the board’s chairman sees new funding opportunities opening up that he says could benefit industry.
Cybersecurity
DOD’s Vulnerability Disclosure Program for Contractors Is in Demand
The Defense Cyber Crime Center launched a pilot with “a few dozen” companies participating.
Cybersecurity
DOE Watchdog Detailed Its Cybersecurity State Amid SolarWinds Hack
The department continues to struggle with many of the issues the Cybersecurity and Infrastructure Security Agency identified after widespread intrusions into the public and private sector.
Cybersecurity
DOD Concludes Review of First CMMC Certification Organization
The Accreditation Body in charge of the department’s developing certification program also has a notable new leader as others take their leave.
Cybersecurity
CISA Orders Agencies to Conduct Fresh Scans of Microsoft Exchange Servers
The agency issued supplemental guidance requiring new tests with Microsoft-provided tools and measures to harden the attractive target.
Cybersecurity
NIST Seeks Small Business to Help Develop Cybersecurity Standards
The agency is looking for consultation on crucial cybersecurity issues.
Cybersecurity
FedRAMP Outlines Requirements for Using Containers
Container technology allows operability across operating systems and faster development but is a primary security concern for implementers.
Cybersecurity
Director Says NSA’s Domestic Surveillance Authority ‘Rightly’ Limited
Gen. Paul Nakasone, who oversees both the intelligence agency and U.S. Cyber Command, stressed the need for greater visibility through private-sector information streams.
Cybersecurity
Energy Launches Supply Chain Program As Watchdog Called for More Action
The Energy Department has been focused on securing the generation and transmission of power, but distribution processes are also increasingly vulnerable.
Cybersecurity
New Software Vendor Standards Coming Within Weeks, CISA Head Says
The White House is leading an interagency effort focused on software development that will determine federal procurement of information technology.
Podcasts
Critical Update: Disrupting Gene Editing
The CRISPR Cas 9 tool shook up the gene-editing space, leading to new possibilities, risks and questions about who and how the technology should be used.
Cybersecurity
CISA Will Use New Authority Over Internet Service Providers to Fight Ransomware, Official Says
Acting CISA Director Brandon Wales praised the government’s coordination absent a national cyber director.
Cybersecurity
CISA, FBI Officials Say Federal Payroll Facility Was Not Targeted in Hacking Campaigns
CISA’s acting director identified ways the government is working to improve information sharing about cybersecurity incidents between agencies.
Cybersecurity
FCC Moves to Rescind Permits of More Chinese Telecom Operators
The commission is also seeking public comment on the development of Open Radio Access Networks to improve national security and prosperity.
Cybersecurity
Official: Executive Order to Address Cloud Security Through Procurement
Lawmakers question why basic security features are not already the default.
Cybersecurity
NSA, CISA Promote Domain Name System Incorporating Threat Information
The agencies’ guide on selecting a provider of protective DNS services is based on a pilot with the Department of Defense Cyber Crime Center.
Cybersecurity