The Cybersecurity and Infrastructure Security Agency is soliciting feedback on secure by design guidance it released in 2023 to inform future updates. A new request for information contains questions about implementing security early into the software development lifecycle, integrating cybersecurity into computer science education and facilitating efforts to address recurring vulnerabilities, CISA said Wednesday. Titled […]
The Cybersecurity and Infrastructure Security Agency has released the final version of its Microsoft 365 configuration baselines alongside a new tool to support baseline implementation. The Secure Configurations for Microsoft 365 Version 1.0 builds on hundreds of comments CISA solicited in October and pilots conducted to identify advanced cloud security practices and test the baseline […]
U.S. senators voted unanimously on Tuesday to confirm President Joe Biden’s appointment of Air Force Lt. Gen. Timothy Haugh as head of the U.S. Cyber Command and the National Security Agency. Haugh will succeed Army Gen. Paul Nakasone, who was CYBERCOM head and NSA director for almost six years. Before his confirmation, Haugh acted as […]
The National Science Foundation has awarded six academic institutions a total of $16 million in funding for cybersecurity training and cyber workforce improvements. Through the CyberCorps Scholarships for Service grants, the awardees will invest in artificial intelligence, machine learning, hardware security and other cybersecurity-related fields. The scholarships are designed to train the next generation of […]
Reston, Virginia-based Electrosoft has announced that it has secured a position on a potential five-year, $400 million blanket purchase agreement to operate, maintain and upgrade the Department of Health and Human Services‘ identity and access management program’s systems. HHS can access consulting, program management, smart card management and other services through the Homeland Security Presidential […]
The United States, Japan, Australia and India reiterated their commitment to ensuring the cyber resilience of the Indo-Pacific region during their third “meeting of principles,” held in Tokyo on Dec. 5 and 6. In a statement issued by the White House, the four members of the Quad Senior Cyber Group said they remain committed to […]
A bipartisan initiative embedded in the fiscal year 2024 National Defense Authorization Act aims to address cybersecurity shortcomings within the nation’s nuclear weapons systems. Introduced by Reps. Salud Carbajal, D-Calif., Don Bacon, R-Neb., and Mike Gallagher, R-Wis., the provision establishes a “Cybersecurity, Risk Inventory, Assessment and Mitigation Working Group” within the Department of Defense, Nextgov/FCW […]
The National Security Agency has released a cybersecurity information sheet to help network owners and operators protect the cybersecurity supply chain through software bills of materials. The CSI, titled “Recommendations for Software Bill of Materials Management,” includes measures to help operators implement effective SBOM tool management. According to the CSI, SBOM management includes examining and […]
The National Security Agency has warned that Russian Foreign Intelligence Service attackers are exploiting a publicly known vulnerability in servers hosting JetBrains TeamCity software. Affected entities include information technology companies, tool manufacturers, an energy trade association and developers of billing, medical devices, employee monitoring, sales and video game software worldwide, the NSA said Wednesday. A cybersecurity advisory […]
The Defense Advanced Research Projects Agency is accepting applications for the AI Cyber Challenge, a competition to develop artificial intelligence-powered cyber reasoning systems that detect and remediate software vulnerabilities in real time and at scale. Winning teams stand to receive up to $29.5 million in cumulative prize money throughout the program, DARPA said. AIxCC will […]
