Cybersecurity

Why the USAF's IT chief is 'bullish' on open source

While there's no such thing as completely secure software, open source can make it stronger through the "power of the crowd," said Lauren Knausenberger, the Air Force's chief information officer.

U.S., allied cybersecurity agencies, advise reviewing contracts with tech vendors

A joint advisory from CISA, domestic partners and counterpart agencies in the Five Eyes intelligence alliance warns of a heightened threat to managed service providers and their customers.

Cyber assistance ranks high on National Guard requested services, chief says

Gen. Daniel Hokanson, chief of the National Guard Bureau, said cybersecurity assistance is "one of the most frequently requested things that we're seeing right now" thanks to nearly 4,000 cyber professionals, many of whom acquired their skills as civilians.

NIST's supply chain security guidance tells agencies to look to FedRAMP

The agency has spent years revising guidance for organizations to address vulnerabilities presented by vendors of software and other enterprise suppliers.

White House sounds alarm on threat from quantum computers

New directive orders the government to work with industry on security that can stand up to tomorrow’s quantum-powered decryption tools.

NSA chief: Cyber Command did 9 international missions last year

Gen. Paul Nakasone acknowledged proactive missions to diffuse cyber threats to U.S. elections and other critical infrastructure and stressed the importance of artificial intelligence to advance such efforts.

How the TMF helps agencies pave the way toward zero trust

The Education Department chief information security credits the Technology Modernization Fund with providing the agency crucial support and fundamental resources to create a more secure architecture.

CISA is helping pave the way to secure IoT systems, FEMA official says

A senior IT expert for the Federal Emergency Management Agency explained how the agency is increasingly working with the Cybersecurity and Infrastructure Security Agency to enhance its cloud and IoT security frameworks.

'Hack DHS' program identifies 122 vulnerabilities across networks

The Homeland Security Department’s first bug bounty program reaped some benefits.

GSA plans to publish zero trust playbooks

The General Services Administration is focusing on how to take the concept of zero trust into the implementation phase in a series of new playbooks set for release in the coming months, according to a senior IT official.

CISA expands Joint Cyber Defense Collaborative

The JCDC is gaining over a dozen new experts focused on enhancing the cybersecurity posture for industrial control systems and operational technology as CISA ramps up security efforts around critical infrastructure.

CISA seeks comment on visibility effort being piloted with cloud service providers

The agency is starting to spend the $690 million it got through the American Rescue Act to monitor security and respond to incidents across federal civilian networks.

Report finds identity fraud up 167% in USPS change of address requests

The USPS Office of the Inspector General recommends stricter identity verification controls online, while management disagrees.

Coming ID order should focus on digital credentials, say trade groups

Standards for mobile driver's licenses top the wish list of groups looking to steer the direction of the administration’s action on combating identity theft and fraud.

Joint alert warns advanced hackers have developed tool targeting industrial control systems

The design of the tool, which allows full system access to certain operational technology in environments such as power plants and water treatment facilities, can also be used by less sophisticated attackers.

New cybersecurity bill authorizes DHS to ramp up incident response efforts nationwide

The National Cybersecurity Preparedness Consortium Act gives the Department of Homeland Security a range of opportunities to bolster cybersecurity preparedness at the state and local level, including and technical assistance services.

Jury: Former DHS watchdog official stole software, employees’ personal info

The verdict is in for the last holdout in a scandalous scheme to defraud the government.