Tag Archives: govconwire events

Sen. Mark Warner: Mandatory Cyber Threat Reporting Bill in the Works

Sen. Mark Warner

Sen. Mark Warner, D-Va., said the Senate Intelligence Committee is developing a bipartisan bill to incentivize companies to disclose cyber vulnerabilities as an early warning to government authorities and critical infrastructure operators. Warner, a three-time Wash100 Award recipient, cited the SolarWinds hack as an example of how a sophisticated cyber adversary could launch attacks on any entity and the challenge of addressing the threat.

Read More »

John Sherman: Pentagon Eyes 2021 Release of Zero Trust Strategy

John Sherman

John Sherman, acting chief information officer of the Department of Defense (DOD), said DOD plans to issue a strategy for zero trust architecture in 2021 as part of efforts to enhance the cybersecurity of its networks. "I think we are at one of these inflection points here,” Sherman said. “Our current approaches are not going to take us into the future here.”

Read More »

Sonny Bhagowalia: CBP’s Cloud Data Management Process Has Built-In Cybersecurity

Sonny Bhagowalia

Sonny Bhagowalia, chief information officer of the Customs and Border Protection (CBP), said the agency has baked in cybersecurity measures as part of its process for managing the life cycle of data in a cloud computing environment. Bhagowalia said on the Federal Monthly Insights show that CBP uses cloud technology to manage privacy and protect sensitive agency data from advanced persistent threats. 

Read More »

Army, Air Force Want to Simplify Warfighter Access to Useful Data

Military Data Management

Chief data officers of the U.S. Army and Air Force said both military branches should break down silos to simplify the process of managing and sharing data that could support future joint force missions. During a recent virtual conference, Army CDO David Markowitz and Air Force CDO Eileen Vidrine discussed efforts at the two branches to help military personnel manage and access useful content.

Read More »

DOE Unveils 100-Day Power Infrastructure Cybersecurity Plan; Jennifer Granholm Quoted

Jennifer Granholm

The Department of Energy (DOE) will coordinate with electric utility companies and the Cybersecurity and Infrastructure Security Agency (CISA) on a 100-day plan to beef up defenses against threat actors that target U.S. power systems. DOE said Tuesday its cybersecurity, energy security and emergency response office will aim to develop tools intended to help industrial control system operators monitor, detect and respond to malicious cyber activity.

Read More »

Carnegie Mellon Appoints Gregory Touhill Director of Software Engineering Institute’s CERT Division

Gregory Touhill

Former Federal Chief Information Security Officer Gregory Touhill has been appointed director of the CERT division at Carnegie Mellon University's Software Engineering Institute, a research and development center sponsored by the Department of Defense (DOD). Touhill will lead the division's work with the public and private sectors to develop approaches for defending U.S. information systems from cybersecurity threats.

Read More »

House Lawmakers Say Legislation Would Help US Move Forward in Cyber Norm-Setting Process

Cyber Diplomacy

Rep. Jim Langevin, D-R.I., said a cybersecurity bill that was reintroduced in the House would create a diplomatic path for the federal government to define norms and boundaries in cyberspace. A bipartisan group of five House members revived the Cyber Diplomacy Act in Feb. 2021 to establish an international cyberspace policy at the State Department. 

Read More »

NSA, CISA, FBI Warn of Potential Network Vulnerability Exploits by Russian Agency

NSA-CISA-FBI

The Cybersecurity and Infrastructure Security Agency (CISA), FBI and the National Security Agency (NSA) have issued a joint advisory after authorities determined that Russian Foreign Intelligence Service actors are using five network vulnerabilities to potentially infiltrate U.S. and allied government systems. Cybersecurity professionals should conduct network checks to identify indicators of compromise and implement measures to defend against SVR exploitations.

Read More »

NIST Seeks Feedback on Plans to Automate Cryptographic Module Validation Program

Cryptographic Module

The National Cybersecurity Center of Excellence (NCCoE) is looking for public input on its plans to automate validation procedures for cryptographic modules. NCCoE intends to conduct first-party and independent testing of automated processes for the Cryptographic Module Validation Program, including the relay of data to the National Institute of Standards and Technology (NIST). 

Read More »

DISA Embraces Continuous Tech Modernization Approach

DISA IT Modernization

The Defense Information Systems Agency (DISA) seeks to update enterprise technology platforms continuously as part of efforts to help the Department of Defense address evolving mission requirements. An industry team led by General Dynamics‘ information technology business won last year the DEOS blanket purchase agreement valued at $4.4 billion over 10 years.

Read More »