HHS Improves Threat Information Sharing With Federal Agencies, Health Care Sector

The Department of Health and Human Services has increased threat information sharing with federal agencies, scientific research institutions, medical device manufacturers and other organizations for improved cyber incident prevention. Speaking at the Billington Cybersecurity Summit, Karl Mathias, chief information officer for HHS, said the agency has enhanced information sharing in recent years through its Health […]

Posted on September 11, 2023 by Lauren Grey

DOD Chief Information Office to Review Internal Zero Trust Plans

John Sherman, the Department of Defense’s chief information officer and a 2023 Wash100 winner, said his organization will soon evaluate military and internal zero trust strategies to ensure compliance with 2027 targets. He told attendees at the Billington Cybersecurity Summit on Thursday that the various DOD components and service branches are expected to submit plans […]

Posted on September 11, 2023 by Noah Lowell

Senators Propose Bill Protecting Small Businesses From Cyber Threats

A group of senators has introduced the Small Business Cyber Resiliency Act, which seeks the creation of a government unit to protect small businesses from cyber threats. The bill will establish the Central Small Business Cybersecurity Unit within the Small Business Administration. The unit will create a public repository of cybersecurity resources for small businesses; […]

Posted on September 11, 2023 by Lawrence Carter

NetRise Platform Added to CISA CDM Program Approved Product List

The Cybersecurity and Infrastructure Security Agency has added extended internet-of-things solutions provider NetRise to the Continuous Diagnostics and Mitigation Program‘s Approved Product List. NetRise’s automated platform provides XIoT users enhanced visibility and protects organizations from firmware-based attacks and threats through continuous risk monitoring and identification. The platform also generates a software bill of materials, performs […]

Posted on September 8, 2023 by Lawrence Carter

CISA Improving CDM Program With Access Management Capabilities

The Cybersecurity and Infrastructure Security Agency is working to integrate access management capabilities into its Continuous Diagnostics and Mitigation program to further strengthen the cyber defenses of federal agencies. CDM is currently focused on mitigating vulnerabilities and cyber incidents in federal systems, including the recent exploitation of a structured query language injection vulnerability in Progress […]

Posted on September 8, 2023 by Lauren Grey

Carahsoft to Distribute Semperis Identity Service Platform to Public Users

Carahsoft Technology has signed an agreement to serve as a public sector distributor of Semperis’ identity threat detection and response platform. The solution’s contracts will be made available through Carahsoft’s resellers and the National Association of State Procurement Officials’ ValuePoint, National Cooperative Purchasing Alliance and OMNIA Partners. The partnership with Carahsoft dovetails with the expansion […]

Posted on September 8, 2023 by Arthur McMiler

Verizon Business Network Settles With DOJ on Alleged Cybersecurity Lapses in Government Contracts

The Department of Justice announced on Tuesday that Verizon Business Network Services has agreed to a $4.1 million settlement to resolve False Claims Act allegations of failure to fully satisfy cybersecurity controls on government contracts. The claims stemmed from lapses in three cybersecurity controls required in internet connection and other external network contracts that the unit […]

Posted on September 6, 2023 by Arthur McMiler

Mitre Unveils Automated Adversary Emulation Solutions for Operational Technology

Not-for-profit organization Mitre has released an extension for its open-source Caldera platform to enable automated exercises replicating threats to operational technology, which are hardware and software that detect or change industrial equipment and processes through monitoring and control. Caldera is an adversary emulation platform built on Mitre Att&ck and is aimed at supporting cybersecurity personnel […]

Posted on September 6, 2023 by Noah Lowell

K-12 Software Providers Sign Secure-by-Design Pledge

Six K-12 software providers have committed to developing products with enhanced security. PowerSchool, Classlink, Clever, GG4L, Instructure and D2L voluntarily signed a pledge for K-12 education technology software manufacturers in line with the Cybersecurity and Infrastructure Security Agency’s secure-by-design whitepaper. By signing the pledge, the companies agree to take ownership of customer security outcomes, embrace […]

Posted on September 6, 2023 by Lauren Grey

NIST Announces Collaboration Opportunity for Digital Identity Adoption Project

The National Institute of Standards and Technology is seeking organizations interested in supporting a National Cybersecurity Center of Excellence project that aims to accelerate the adoption of digital identities, including digital driver’s licenses. NIST intends to partner with experts from industry, government and academia through an NCCoE cooperative research and development agreement, under which selected […]

Posted on September 1, 2023 by Lauren Grey

Cybersecurity | GovCon News | POC | Page 38