Tag Archives: defense cybersecurity forum

Sen. Mark Warner: Mandatory Cyber Threat Reporting Bill in the Works

Sen. Mark Warner

Sen. Mark Warner, D-Va., said the Senate Intelligence Committee is developing a bipartisan bill to incentivize companies to disclose cyber vulnerabilities as an early warning to government authorities and critical infrastructure operators. Warner, a three-time Wash100 Award recipient, cited the SolarWinds hack as an example of how a sophisticated cyber adversary could launch attacks on any entity and the challenge of addressing the threat.

Read More »

John Sherman: Pentagon Eyes 2021 Release of Zero Trust Strategy

John Sherman

John Sherman, acting chief information officer of the Department of Defense (DOD), said DOD plans to issue a strategy for zero trust architecture in 2021 as part of efforts to enhance the cybersecurity of its networks. "I think we are at one of these inflection points here,” Sherman said. “Our current approaches are not going to take us into the future here.”

Read More »

Sonny Bhagowalia: CBP’s Cloud Data Management Process Has Built-In Cybersecurity

Sonny Bhagowalia

Sonny Bhagowalia, chief information officer of the Customs and Border Protection (CBP), said the agency has baked in cybersecurity measures as part of its process for managing the life cycle of data in a cloud computing environment. Bhagowalia said on the Federal Monthly Insights show that CBP uses cloud technology to manage privacy and protect sensitive agency data from advanced persistent threats. 

Read More »

DOE Unveils 100-Day Power Infrastructure Cybersecurity Plan; Jennifer Granholm Quoted

Jennifer Granholm

The Department of Energy (DOE) will coordinate with electric utility companies and the Cybersecurity and Infrastructure Security Agency (CISA) on a 100-day plan to beef up defenses against threat actors that target U.S. power systems. DOE said Tuesday its cybersecurity, energy security and emergency response office will aim to develop tools intended to help industrial control system operators monitor, detect and respond to malicious cyber activity.

Read More »

NSA, CISA, FBI Warn of Potential Network Vulnerability Exploits by Russian Agency

NSA-CISA-FBI

The Cybersecurity and Infrastructure Security Agency (CISA), FBI and the National Security Agency (NSA) have issued a joint advisory after authorities determined that Russian Foreign Intelligence Service actors are using five network vulnerabilities to potentially infiltrate U.S. and allied government systems. Cybersecurity professionals should conduct network checks to identify indicators of compromise and implement measures to defend against SVR exploitations.

Read More »

NIST Seeks Feedback on Plans to Automate Cryptographic Module Validation Program

Cryptographic Module

The National Cybersecurity Center of Excellence (NCCoE) is looking for public input on its plans to automate validation procedures for cryptographic modules. NCCoE intends to conduct first-party and independent testing of automated processes for the Cryptographic Module Validation Program, including the relay of data to the National Institute of Standards and Technology (NIST). 

Read More »

FBI, CISA Issue Advisory on Hackers Targeting Fortinet Operating System Vulnerabilities

FortiOS Vulnerabilities

The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have released a joint advisory on the exploitation of vulnerabilities in Fortinet’s FortiOS operating system by advanced persistent threat actors. CISA has called on administrators and users to review the joint cybersecurity advisory and carry out the recommended measures to mitigate cyber risks.

Read More »