The Department of Defense’s Cyber Crime Center is conducting a pilot program showcasing a new service offering to inform contractors of the state of their overall defense against cyberattacks. The Krystal Ball pilot, which underwent a soft launch in February, aims to use publicly available information and threat intelligence to give companies insight into their […]
The government needs to enact new laws forcing companies to replace older software and computers that carry easily fixable vulnerabilities, according to one cybersecurity official. Rob Joyce, head of the National Security Agency’s Cybersecurity Directorate, said Americans need to pay their “historical tech debt” before smaller-scale hackers get their hands on more advanced technology, Nextgov […]
The Senate was unable to confirm a new director for the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency before the chamber went on a two-week recess, starting June 24. The Senate’s failure drew criticism from cybersecurity leaders who stressed the position’s importance. On April 12, President Joe Biden announced Jen Easterly as his […]
Law enforcement agencies should work more closely with ransomware victims on investigations, according to FBI Director Chris Wray. While Wray did not offer policy recommendations, he said the government cannot defeat ransomware without immediate and transparent cooperation from the private sector, FCW reported Wednesday. “Anything that helps provide more incentive for that to happen, I […]
The Cybersecurity Maturity Model Certification Accreditation Body has granted Smithers Information Security Services certified third-party assessment organization candidate status. The designation puts Smithers one step closer to performing assessments on defense contractors seeking compliance with the CMMC. Final C3PAO status is given by the CMMC-AB to organizations that have secured clearance from the Defense Contract […]
The National Security Agency said it funded Mitre’s development of a knowledge base of cybersecurity measures against common techniques used by malicious hackers. Mitre created the D3FEND model as a complement to its existing ATT&CK model, which serves as a knowledge base of cyber adversary behavior, the NSA said Tuesday. While ATT&CK describes how malicious […]
The Cybersecurity and Infrastructure Security Agency does not have data on the percentage of civilian agencies adopting network segmentation strategies, according to acting CISA Director Brandon Wales. Wales issued the statement in response to an inquiry made by Sen. Ron Wyden about how many agencies are segmenting and segregating internal networks to prevent network intrusion. […]
The Biden Administration is preparing a strategy to allow organizations to better use security systems designed to detect threats within networks, according to Matt Hartman, the deputy executive assistant director of the Cybersecurity and Infrastructure Security Agency. Hartman said Tuesday that CISA is helping the White House work on the zero trust strategy with assistance […]
The Cybersecurity and Infrastructure Security Agency has awarded Accenture Federal Services a $112 million prime task order to ensure the cybersecurity of systems used by the Federal Civilian Executive Branch. The task order calls for the provision of advanced cyber services to the Department of Homeland Security’s cybersecurity operational component to help the FCEB mitigate […]
The National Security Agency has issued guidance on securely deploying unified communications and voice and video over internet protocol call-processing systems. UC and VVoIP systems offer modern communication capabilities by combining voice, video conferencing and instant messaging features commonly used in the workplace. The NSA said that UC/VVoIP systems are vulnerable to unauthorized access because […]
