The White House will publish a national cybersecurity strategy that would hold large companies accountable for failing to take reasonable steps to secure their software. At a recent CyberScoop event, Camille Stewart Gloster, the deputy national cyber director for technology and ecosystem security, said shifting the liability toward larger players that can make systems secure […]
The White House National Security Telecommunications Advisory Committee has released a working draft report containing recommendations aimed at improving the cybersecurity posture of the communications industry. The report will be the last in a four-part series and is intended to call attention to obstacles faced by federal agencies as they work to comply with cyber […]
The National Security Agency has awarded Telos a five-year follow-on contract to extend the agency’s licenses for using the Xacta 360 and Xacta .io enterprise cyber risk management applications. In addition to software licenses, Telos will provide product maintenance and replace legacy extract, transform, load database warehouses with a Xacta 360 solution. The Xacta product […]
Randy Resnick, director of the Zero Trust Portfolio Management Office at the Department of Defense, said during CyberScoop’s Zero Trust Summit on Thursday that the agency could implement a zero trust architecture in a year instead of five years if the pilot program with the Joint Warfighting Cloud Capability contractors is successful. The four JWCC […]
Carahsoft Technology has partnered with Washington, D.C.-based company TDI to deliver cybersecurity performance management solutions to government agencies. Under the partnership, Carahsoft will serve as TDI’s Master Government Aggregator. The arrangement allows Carahsoft to offer TDI’s CnSight CPM product to the public sector through reseller partners. The solution will also be available through the NASA […]
The Cybersecurity and Infrastructure Security Agency has identified three vulnerabilities in IBM and Mitel software products that have been utilized by hackers. It has added the exploits to the Known Exploited Vulnerabilities Catalog, a list of common vulnerabilities and exposures that pose a danger to federal government systems. Version 4.4.2 Patch Level 1 of IBM […]
The Defense Information Systems Agency has rolled out the Thunderdome zero trust security and network architecture program to various locations, including in the Pacific and the Pentagon. Booz Allen Hamilton developed the prototype under a $6.8 million contract awarded in January 2022. Speaking at a recent FCW and Nextgov workshop, DISA Deputy Director Chris Barnhurst […]
Dylan Presman, the director for budget and assessment at the Office of the National Cyber Director, said that the upcoming national cybersecurity strategy will contain post-quantum cryptography guidelines that “take a strong stand” as the public and private sectors start to transition away from standard encryption. Speaking at an Advanced Technology Academic Research Center event, […]
The U.S. Navy is planning to create cyber-specific roles in response to a fiscal 2023 National Defense Authorization Act provision requiring the service to establish new positions focused on cyber operations. Speaking at WEST 2023, a conference co-hosted by AFCEA International and the U.S. Naval Institute, Vice Adm. Kelly Aeschbach, commander of Naval Information Forces, […]
The Cybersecurity and Infrastructure Security Agency has added a cyber vulnerability to its Known Exploited Vulnerabilities Catalog. The Cacti Command Injection Vulnerability allows unauthenticated users to execute arbitrary code on a server that runs the Cacti open-source platform. Specifically, it allows hackers to retrieve the client’s internet protocol address by bypassing authentication processes. The vulnerability […]
