Cybersecurity

The Army wants to re-do how it manages cyber risk

The service is working to stand up a risk management council in the coming month.

New cybersecurity bill authorizes DHS to ramp up incident response efforts nationwide

The National Cybersecurity Preparedness Consortium Act gives the Department of Homeland Security a range of opportunities to bolster cybersecurity preparedness at the state and local level, including and technical assistance services.

Your digital footprints are more than a privacy risk – they could help hackers infiltrate computer networks

Hackers with open source intelligence gathering tools can mine a target’s audio and video to extract personal information they then use in phishing messages that appear to come from a trusted source.

Can small businesses keep up with defense cyber requirements?

The Defense Department is launching a study to assess how well companies can handle cyber self-assessments.

Data and the cyber workforce

The co-chairs of a congressionally mandated report on the cybersecurity workforce say that a new office or bureau should be charged with compiling more granular data on the state of cyber employment.

Lawmakers worry about cyber risks in space

Senators questioned the commanders of Space Command and Strategic Command on their plans to handle an increase in space-based threats.

Diversity and the cyber workforce

Data shows that the federal cybersecurity workforce is less diverse than the government overall, but addressing the disparity will take more than hiring more diverse employees, say DEIA experts and federal tech executives.

Is there a path forward in Congress for mandatory cyber incident reporting?

A group of lawmakers is seeking legislation that would require private companies to report cyber incidents and ransomware attacks to the Cybersecurity and Infrastructure Security Agency, despite their efforts being derailed late last year.

House FISMA draft codifies federal CISO role, looks to shared services

The House Oversight Committee is considering the first updates to the Federal Information Security Modernization Act in seven years, amid increasingly sophisticated cyber risks and threats.

Closing the CMMC training gaps

Look for trainers working on the Cybersecurity Maturity Model Certification program to realign their efforts to support recent changes to the certification process in 2022.

The legacy of the Cyberspace Solarium Commission

The Cyberspace Solarium Commission is officially sunsetting after more than two years, dozens of recommendations and a slew of legislative changes. But since there’s more to be done, the panel is rebooting its efforts as a non-profit.

NDAA requires DOD to report on prospects for a ‘cyber academy’

Sen. Kirsten Gillibrand (D-N.Y.) says these reports could inform potential legislation to establish an academy to educate cyber workers for government modeled after military service academies.

CISA issues emergency directive to patch Log4j flaw

The Cybersecurity and Infrastructure Security Agency released an emergency directive on Friday ordering all federal agencies to take immediate action against a critical security flaw with potential long-term consequences for public and private infrastructure.

DHS scales up bug bounty program

Department of Homeland Security Secretary Alejandro Mayorkas announced a plan to pay vetted cybersecurity researchers between $500 and $5,000 for identifying cybersecurity vulnerabilities within agency systems.

DHS gets nearly 2,000 applications for new cyber cadre

The goal is for DHS to onboard the first 150 feds into the system next year.

How cyber gray zone conflict can shape conventional war

As gray zone conflict becomes the norm, the intelligence community may have to make some changes to adapt.

Grady talks spectrum, cyber concerns in nomination hearing

Adm. Christopher Grady told senators that Defense Department moves to free up swaths of spectrum would have consequences when it comes to operations, training, and readiness.