The Cybersecurity and Infrastructure Security Agency has introduced a new threat detection tool for on-premise environments. The CISA Hunt and Incident Response Program tool is built to find indicators of compromise linked to the exploitation of vulnerabilities in SolarWinds Orion products and threat activity in Microsoft Cloud environments. Security researchers and CISA warned that many […]
Cybersecurity services provider Steel Root has entered into a partnership agreement with Zscaler, a company that offers cloud-based security services, to assist defense contractors in preparing for the Cybersecurity Maturation Model Certification program. According to Steel Root and Zscaler, in the next five years, about 300,000 companies within the defense industrial base will need to […]
The Department of Energy’s national cybersecurity plans do not fully address risks to the U.S. grid’s distribution systems, which carry electricity from transmission systems to consumers, according to the Government Accountability Office. Distribution systems are becoming more vulnerable to cyber attacks partly because of their increasing reliance on industrial control systems that allow remote access […]
The Department of Energy’s Office of Cybersecurity, Energy Security and Emergency Response has announced three new research programs aimed at enhancing the cyber and physical security of the U.S. energy system. The projects will help address supply chain vulnerabilities, protect critical infrastructure from interference and build a talent pipeline for next-generation cybersecurity, the Department of […]
The Cybersecurity and Infrastructure Security Agency might struggle to identify and respond to cybersecurity incidents until it fully implements its organization plan, the Government Accountability Office said in a report. GAO said CISA has so far finished two of the three phases of its plan, and that only a third of the final phase has […]
Members of the Senate Homeland Security and Government Affairs Committee pressed a panel of leading government cybersecurity officials for accountability over the recent SolarWinds Orion hack. The panel consisted of Brandon Wales, acting director of the Cybersecurity and Infrastructure Security Agency; Chris DeRusha, the federal chief information security officer; and Tonya Ugoretz, a senior cybersecurity […]
Dragos has entered into an engagement agreement with the Cybersecurity Maturity Model Certification Center of Excellence to promote cybersecurity and resilience in the defense industrial base. As part of the agreement, Dragos and the CMMC COE will carry out efforts to further the adoption, use and expansion of CMMC-based cybersecurity practices. Both parties will also […]
The Cybersecurity Maturity Model Certification Accreditation Body has announced the forthcoming departure of board members Ben Tchoubineh and Nicole Dean. Both officials have been with the CMMC-AB since its inception in January 2020, helping lay the groundwork for the implementation of the Department of Defense‘s new contractor cybersecurity standards. Over the past year, Tchoubineh and […]
The Air Force has awarded Illumio a Phase 1 Small Business Innovation Research contract to demonstrate technology for ensuring trusted communications for workloads. Illumio said that its offering, the Illumio Core, was designed to protect high-value federal applications and datacenters by reducing their attack surfaces. “This is done through real-time visibility into applications and workloads […]
Lawmakers have introduced a bipartisan bill that would elevate the Cybersecurity and Infrastructure Security Agency’s role in protecting industrial control systems. The Department of Homeland Security Industrial Control Systems Enhancement Act of 2021 would mandate CISA’s director to help the private sector and federal government agencies monitor threats to industrial control systems, FCW said. “These […]
