Security

Why self-sufficiency is key to fostering data literacy in the Air Force

The Air Force wants to improve data literacy and culture, so it's creating a cadre of "citizen analysts" and communities of interest to build and then spread their knowledge.

House FISMA draft codifies federal CISO role, looks to shared services

The House Oversight Committee is considering the first updates to the Federal Information Security Modernization Act in seven years, amid increasingly sophisticated cyber risks and threats.

NGA looks to tech to support unclassified workforce

The National Geospatial-Intelligence Agency is looking to the future with plans to accommodate uncleared employees and to be prepared for "a changing world environment that we don't anticipate," said Mark Andress, the agency's CIO.

Federal agencies highlight security improvements a year after Capitol attack

The Homeland Security Department said officials do not “have information indicating any specific or credible threats related to the anniversary.” 

One Year After Jan. 6 Attack, Push For Quick Reaction Force Is Dead On Capitol Hill

Experts also warn changes at DOD won’t speed up how quickly Guardsmen could respond to future incidents.

DOD looks to expand its data partnerships with allies

The Defense Department’s chief data officer, David Spirk, talked about the growing community of data leaders among allies and how the partnerships can pay off.

FTC warns of legal risks of failing on Log4j mitigation

The Federal Trade Commission issued a warning this week urging companies to take "reasonable steps" to mitigate known software vulnerabilities or face potential legal consequences, recalling the $700 million settlement Equifax paid for a major breach in 2017.

Closing the CMMC training gaps

Look for trainers working on the Cybersecurity Maturity Model Certification program to realign their efforts to support recent changes to the certification process in 2022.

The legacy of the Cyberspace Solarium Commission

The Cyberspace Solarium Commission is officially sunsetting after more than two years, dozens of recommendations and a slew of legislative changes. But since there’s more to be done, the panel is rebooting its efforts as a non-profit.

CISA, FBI issue new guidance on addressing Log4j risks

The Cybersecurity and Infrastructure Security Agency and its partners are providing new ways to identify Log4j risks and mitigate possible exploitation.

CMMC assessments could resume in January

The governing body responsible for implementing the Defense Department’s unified cybersecurity program for contractors expects security procedures for authorized third party assessors to start back up in early 2022. But DOD has the final say on the timeline.

CISA issues emergency directive to patch Log4j flaw

The Cybersecurity and Infrastructure Security Agency released an emergency directive on Friday ordering all federal agencies to take immediate action against a critical security flaw with potential long-term consequences for public and private infrastructure.

Senate passes 2022 defense authorization bill

The Senate passed the 2022 National Defense Authorization Act, 88-11, authorizing $740 billion for Defense Department spending, and $28 billion for other national security programs.

DHS scales up bug bounty program

Department of Homeland Security Secretary Alejandro Mayorkas announced a plan to pay vetted cybersecurity researchers between $500 and $5,000 for identifying cybersecurity vulnerabilities within agency systems.

DHS gets nearly 2,000 applications for new cyber cadre

The goal is for DHS to onboard the first 150 feds into the system next year.

How cyber gray zone conflict can shape conventional war

As gray zone conflict becomes the norm, the intelligence community may have to make some changes to adapt.

Cyber in the 2022 defense bill

As has been the case for the past few years, cyber governance provisions were featured in this year's must-pass defense policy bill moving through Congress, but a bipartisan breach notification measure was dropped from the bill -- to the chagrin of its supporters.