The Cybersecurity and Infrastructure Security Agency has released nine new tools to help organizations protect their Google applications. The tools set configuration baselines for Gmail, Google Drive and other Google Workspace applications. Chad Poland, manager for cyber shared services at CISA, said the Google toolkit covers most of the business collaboration suite of software-as-a-service offerings […]
The Senate has confirmed the United States’ next national cyber director after a vote on Tuesday. Harry Coker, President Joe Biden’s nominee to become the government’s cybersecurity chief, secured the position after a vote of 59-40, putting him permanently in charge of the federal government’s cybersecurity efforts, CyberScoop reported. Coker’s confirmation is a much-needed development […]
A public-private working group led by the National Security Agency has published guidance for managing open-source software and software bills of materials. Titled “Securing the Software Supply Chain: Recommended Practices for Managing Open Source Software and Software Bill of Materials,” the new report builds on a recent Office of Management and Budget memorandum, the NSA […]
U.S. Army Gen. Paul Nakasone, the head of the U.S. Cyber Command and a 2023 Wash100 awardee, shared on Friday that he and the Department of Defense are still evaluating the possibility of a new force generation model for his organization amid ongoing deliberations over establishing an independent cyber branch. Speaking at an Intelligence and […]
The National Security Agency and the UK National Cyber Security Centre have issued a cybersecurity advisory warning organizations about Russian spear-phishing techniques. The CSA focuses on how Russia’s Star Blizzard hacking group uses spear-phishing to illegally access various kinds of information, including those owned by the defense sector, national governments, non-government organizations and academia. The […]
The FBI has detailed the steps by which companies can ask for a delay in reporting cybersecurity incidents that the Securities and Exchange Commission requires effective Dec. 18. Under the SEC rule, companies have to report cyber issues to the commission in 8-K filings within four business days after the incident, unless the U.S. attorney […]
Carahsoft Technology has announced that it will distribute runZero’s cyber asset attack surface management solutions to the public sector under a new partnership. Government organizations can access the products through reseller partners and contract vehicles such as NASA Solutions for Enterprise-Wide Procurement V and Information Technology Enterprise Solutions – Software 2, Carahsoft said. RunZero’s solutions […]
The Department of Health and Human Services is working to fortify the health care sector’s cybersecurity. On Wednesday, the department released a concept paper detailing its cybersecurity strategy for the industry. Based on the Biden administration’s National Cybersecurity Strategy, the plan provides four pillars for actions, including collaborating with Congress to develop a support system […]
The National Security Agency, in partnership with the Cybersecurity and Infrastructure Security Agency and international agencies, released a cybersecurity information sheet focused on eliminating memory safety vulnerabilities from software products. The CSI, titled “The Case for Memory Safe Roadmaps,” includes technical and non-technical factors software manufacturers should consider when developing memory-safe code integration plans. Recommendations […]
The Moonlighter imaging satellite that NASA and SpaceX launched in June served as the platform for the U.S. Space Force Cyber Guardians’ cyber defense training exercise from Nov. 14 to 17. Dubbed Moonlighter after its sandbox, the training also focused on the Guardians’ cyber offense capabilities, dividing the participants into an offensive Red Team and […]
