Electrosoft Wins Spot on NIST’s $125M Cybersecurity, Privacy Support Contract

The National Institute of Standards and Technology has awarded Electrosoft a spot on the five-year, $125 million Cybersecurity and Privacy Support Services indefinite-delivery/indefinite-quantity contract. Electrosoft will be able to compete for task orders, providing the NIST with cybersecurity, information security and privacy expertise and consultation services. The company may also secure task orders to provide […]

Posted on December 15, 2023 by Lawrence Carter

CISA Releases Cyber Configuration Baselines for Google Applications

The Cybersecurity and Infrastructure Security Agency has released nine new tools to help organizations protect their Google applications. The tools set configuration baselines for Gmail, Google Drive and other Google Workspace applications. Chad Poland, manager for cyber shared services at CISA, said the Google toolkit covers most of the business collaboration suite of software-as-a-service offerings […]

Posted on December 13, 2023 by Lawrence Carter

Senate Confirms Harry Coker as Next National Cyber Director

The Senate has confirmed the United States’ next national cyber director after a vote on Tuesday. Harry Coker, President Joe Biden’s nominee to become the government’s cybersecurity chief, secured the position after a vote of 59-40, putting him permanently in charge of the federal government’s cybersecurity efforts, CyberScoop reported. Coker’s confirmation is a much-needed development […]

Posted on December 13, 2023 by Brianne Monterey

NSA-Led Group Releases Best Practices for Managing Open-Source Software Risks

A public-private working group led by the National Security Agency has published guidance for managing open-source software and software bills of materials. Titled “Securing the Software Supply Chain: Recommended Practices for Managing Open Source Software and Software Bill of Materials,” the new report builds on a recent Office of Management and Budget memorandum, the NSA […]

Posted on December 13, 2023 by Noah Lowell

DOD Still Evaluating Need for Independent Cyber Force, CYBERCOM Head Says

U.S. Army Gen. Paul Nakasone, the head of the U.S. Cyber Command and a 2023 Wash100 awardee, shared on Friday that he and the Department of Defense are still evaluating the possibility of a new force generation model for his organization amid ongoing deliberations over establishing an independent cyber branch. Speaking at an Intelligence and […]

Posted on December 11, 2023 by Noah Lowell

NSA, NCSC-UK Release Guidance on Russian Spear-Phishing Techniques

The National Security Agency and the UK National Cyber Security Centre have issued a cybersecurity advisory warning organizations about Russian spear-phishing techniques. The CSA focuses on how Russia’s Star Blizzard hacking group uses spear-phishing to illegally access various kinds of information, including those owned by the defense sector, national governments, non-government organizations and academia. The […]

Posted on December 11, 2023 by Lawrence Carter

FBI Issues Steps on Reporting Cyber Breach Incidents to SEC

The FBI has detailed the steps by which companies can ask for a delay in reporting cybersecurity incidents that the Securities and Exchange Commission requires effective Dec. 18. Under the SEC rule, companies have to report cyber issues to the commission in 8-K filings within four business days after the incident, unless the U.S. attorney […]

Posted on December 11, 2023 by Arthur McMiler

Carahsoft to Resell RunZero’s Cyber Asset Attack Surface Management Products

Carahsoft Technology has announced that it will distribute runZero’s cyber asset attack surface management solutions to the public sector under a new partnership. Government organizations can access the products through reseller partners and contract vehicles such as NASA Solutions for Enterprise-Wide Procurement V and Information Technology Enterprise Solutions – Software 2, Carahsoft said. RunZero’s solutions […]

Posted on December 8, 2023 by Noah Lowell

HHS Releases Concept Paper to Improve Health Care Sector’s Cyber Posture

The Department of Health and Human Services is working to fortify the health care sector’s cybersecurity. On Wednesday, the department released a concept paper detailing its cybersecurity strategy for the industry. Based on the Biden administration’s National Cybersecurity Strategy, the plan provides four pillars for actions, including collaborating with Congress to develop a support system […]

Posted on December 8, 2023 by Brianne Monterey

NSA, Partners Release Guidance for Protecting Software Products From Memory-Related Vulnerabilities

The National Security Agency, in partnership with the Cybersecurity and Infrastructure Security Agency and international agencies, released a cybersecurity information sheet focused on eliminating memory safety vulnerabilities from software products. The CSI, titled “The Case for Memory Safe Roadmaps,” includes technical and non-technical factors software manufacturers should consider when developing memory-safe code integration plans. Recommendations […]

Posted on December 8, 2023 by Lawrence Carter

Cybersecurity | GovCon News | POC | Page 26