NSA, Partners Release Guidance for Protecting Software Products From Memory-Related Vulnerabilities

The National Security Agency, in partnership with the Cybersecurity and Infrastructure Security Agency and international agencies, released a cybersecurity information sheet focused on eliminating memory safety vulnerabilities from software products. The CSI, titled “The Case for Memory Safe Roadmaps,” includes technical and non-technical factors software manufacturers should consider when developing memory-safe code integration plans. Recommendations […]
Posted on by Lawrence Carter

OMB Orders Agencies to Take Stock of IoT Devices

The Office of Management and Budget has instructed federal agencies to each produce internet of things inventories by the end of fiscal year 2024. The directive is part of a Federal Information Security Modernization Act implementation memo released Monday by OMB Director Shalanda Young, Nextgov/FCW reported Tuesday. According to the OMB, properly evaluating cybersecurity risks to missions and operations requires […]
Posted on by Noah Lowell

Navy Reservists Undergo Four-Day Cyber Training

The U.S. Naval Information Warfare Center Atlantic hosted a cybersecurity exercise for Navy reservists. During the four-day Gibson Castle 23 exercise, over 50 Naval Information Warfare Systems Command Reserve Program Cybersecurity Pillar reserves were trained on operational and tactical strategies for real-world cyber breaches. Specifically, the trainees learned how to coordinate with other agencies and […]
Posted on by Lawrence Carter

Bipartisan Lawmakers File Bicameral Bill on Cybersecurity Workforce Development

A bipartisan bill has been filed in Congress mandating the Cybersecurity and Infrastructure Security Agency to establish cybersecurity apprenticeship and the Department of Veterans Affairs to launch a veterans’ cybersecurity training program.  Reps. Mike Gallagher, R-Wi., and Chrissy Houlahan, D-Pa., introduced the Federal Cybersecurity Workforce Expansion Act on Thursday, which has a companion bill in the […]
Posted on by Arthur McMiler

Eric Goldstein: Rapid Cybersecurity Resolution Model Needs to Be Overhauled

A Cybersecurity and Infrastructure Security Agency official said a rapid approach to addressing computer vulnerabilities is not the best way to resolve the issue. Speaking at an ISC2 event on Friday, Eric Goldstein, executive assistant director for cybersecurity at CISA, said the “patch faster, fix faster” model does not account for adversaries’ capabilities and adaptability […]
Posted on by Lawrence Carter

Fend, Carahsoft Enter Into Agreement to Offer Cybersecurity Products to Public Sector

Carahsoft Technology said it will distribute Arlington, Virginia-based Fend’s data diode and critical infrastructure analysis tools to the public sector under a new partnership.  Government organizations can access the products through resellers or contract vehicles such as NASA Solutions for Enterprise-Wide Procurement V and Information Technology Enterprise Solutions – Software 2, Carahsoft said. According to […]
Posted on by Noah Lowell

CYBERCOM Awards Clear Ridge Defense Cybersecurity Support Prime Contract

Clear Ridge Defense said it has secured a potential $25 million prime contract from U.S. Cyber Command for cyber capabilities support services. CRD will provide red team operations, cyberthreat emulation, infrastructure engineering, exercise scenario development, adversarial threat assessment, training and other support services to CYBERCOM’s Cyber Adversary Tactics Office.Work on the contract ensures that cyber […]
Posted on by Lawrence Carter