Tag Archives: Cybersecurity

DHS S&T Finances Pilot Testing of Emergency Comms Infrastructure Cybersecurity Tech

DHS

The Department of Homeland Security's Science and Technology Directorate is funding SecuLore to test a technology designed to protect emergency communications infrastructure from cyber threats. SecuLore Solutions is testing a system that uses predictive analytics to detect threats targeting emergency communications centers. SecuLore will use the pilot testing's results to inform how ECCs would handle and deploy the technology.

Read More »

White House Eyes New Regulations for Securing Software Supply Chain

Software Supply Chain

President Biden plans to issue an executive order that will focus on addressing recent cybersecurity issues that could impact the software supply chain. Jeff Greene, acting senior director for cybersecurity at the National Security Council (NSC), told attendees at a Cybersecurity Coalition event that binding requirements under the executive order will be established after at least six months.

Read More »

CISA Releases Finalized Traditional TIC 3.0 Use Case Guide for Cloud, Mobile Environments

TIC 3.0 Use Case Guide

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a finalized Trusted Internet Connections 3.0 use case document that will cover security standards in cloud and mobile environments. TIC 3.0 is meant to help agencies secure federal networks, boundaries and data while ensuring visibility into agency traffic and cloud communications, CISA said in the guidance.

Read More »

Air Force CIO Lauren Knausenberger Shares Views on CMMC

Lauren Knausenberger

Lauren Knausenberger, chief information officer of the U.S. Air Force and 2021 Wash100 Award, said she has concerns about the potential impact of the Department of Defense’s (DoD) Cybersecurity Maturity Model Certification (CMMC) program on small businesses seeking to work with DOD. Knausenberger thinks the Pentagon’s information technology supply chain should be supported with better cyber standards. 

Read More »

Senate Lawmakers Ask CISA, OMB to Submit Docs Amid Probe Into Recent Cyber Hacks

Cyber Hacks

Sen. Gary Peters, D-Mich., chairman of the Senate Homeland Security and Governmental Affairs Committee, and Sen. Rob Portman, R-Ohio., ranking member of the Senate panel, have asked the federal government to provide information on its response to cyberattacks involving SolarWinds Orion and Microsoft Exchange. Portman and Peters asked DeRusha to provide information on the government’s current federal cybersecurity strategy

Read More »

DOE to Fund Research Into Securing Energy Grid’s Cyber-Physical Infrastructure; Patricia Hoffman Quoted

TIC 3.0 Use Case Guide

The Department of Energy (DOE) has earmarked $8 million to fund the development of cyber-physical concepts for ensuring the resiliency and security of electric grid infrastructure. Industry participants must work with university-led groups on the research and development effort, which will primarily revolve around creating and scaling cyber-physical systems integrated with autonomous, self-healing and flexible elements.

Read More »

Karlton Johnson: CMMC Accreditation Board to Undergo Leadership-Focused Organizational Change

Karlton Johnson

Karlton Johnson, board chairman of the Cybersecurity Maturity Model Certification (CMMC) Accreditation Body (CMMC-AB), said he will focus on transforming his group from a director board into one more focused on organizational leadership. The board is working to help the government implement CMMC, through which the Department of Defense (DOD) would standardize the security controls of the defense industrial base.

Read More »

FBI, CISA Issue Advisory on Hackers Targeting Fortinet Operating System Vulnerabilities

FortiOS Vulnerabilities

The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have released a joint advisory on the exploitation of vulnerabilities in Fortinet’s FortiOS operating system by advanced persistent threat actors. CISA has called on administrators and users to review the joint cybersecurity advisory and carry out the recommended measures to mitigate cyber risks.

Read More »

GSA’s Governmentwide Policy Office Eyes Updated Guidance on Identity Risk Management

TIC 3.0 Use Case Guide

The Office of Governmentwide Policy (OGP) plans to release guidance on federal identity, credential and access management (FICAM) next year to cover topics such as managing digital identity risks and single sign-ons. Myers noted that the OGP is willing to launch collaborations on updating the FICAM guidance. “It is deprecated,” Myers said.

Read More »

NCSC Issues Report on Insider Threat Mitigation for Critical Infrastructure

NCSC Insider Threat

The National Counterintelligence and Security Center (NCSC) has released a report to raise awareness of the threat posed by humans to critical infrastructure and provide best practices on how to mitigate insider threats. NCSC discussed how critical infrastructure entities can adopt insider threat programs to identify and address vulnerabilities and prevent adversaries from exploiting such vulnerabilities. 

Read More »