Cybersecurity

April 3, 2024

Microsoft Exchange Successfully Hacked Due to Weak Security Culture, Cyber Safety Review Board Says

The intrusion by a hacking group affiliated with the People's Republic of China called Storm-0558 into the Microsoft Exchange Online service during the summer of 2023 could have been prevented,...

Randy Resnick: DOD CIO Office Intends to Automate Zero Trust Implementation Plan Review

April 18, 2024

Randy Resnick, director of the Zero Trust Portfolio Management Office within the Department of Defense’s Office of the Chief Information Officer, said the CIO office plans to automate its review...

Pentagon Creates Office of the Assistant Secretary of Defense for Cyber Policy

April 19, 2024

The Department of Defense has formed a new office that will be responsible for the development, coordination and oversight of the implementation of cyberspace policy and strategy in alignment with...

Space Systems Command Pursuing Zero Trust Architecture Development, Integration; Col. Craig Frank Quoted

by Christine Thropp

Col. Craig Frank, chief information officer of Space Systems Command, has underscored the necessity of implementing a "flat, zero trust network" to ensure the security of information while in use....

Proposed CIRCIA Rule Seeks to Help CISA Spot Trends Using Cyber Incident Reports; Jen Easterly Quoted

April 19, 2024

The Cybersecurity and Infrastructure Security Agency has issued a notice of proposed rulemaking, or NPRM, to solicit comments on a proposed rule to implement the requirements of the Cyber Incident...

New DOD Defense Industrial Base Cybersecurity Strategy Aims to Elevate Department’s Position in Cyber Domain; Kathleen Hicks Quoted

by Ireland Degges

The Department of Defense has published its new Defense Industrial Base Cybersecurity Strategy, dubbed DIB CS, to advance the department’s cyber posture. The plan, which covers fiscal years 2024-2027, is intended...

CISA-FBI Alert Calls for Elimination of SQL Injection Vulnerabilities in Software

The Cybersecurity and Infrastructure Security Agency and the FBI have released a joint alert urging technology manufacturers to eliminate SQL injection vulnerabilities in software. The Secure by Design Alert was...

FDD Study Recommends New Cyber-Focused Military Service

Retired Rear Adm. Mark Montgomery, a senior fellow at the Foundation for Defense of Democracies and senior director of the Center on Cyber and Technology Innovation, and Columbia University's Erica...

Partnership Between DARPA & ARPA-H on Cybersecurity Competition Turns Spotlight on Healthcare Infrastructure

The Advanced Research Projects Agency for Health is now working with the Defense Advanced Research Projects Agency on the Artificial Intelligence Cyber Challenge. The two-year contest, also known as AIxCC,...

Revised CISA Guidance on DDoS Offers New Attack Classifications & Threat Mitigations