Joanne Woytek, director of NASA’s Solutions for Enterprise-Wide Procurement contract vehicle, said that workforce and resource shortages could delay the collection of vendor self-attestations to the security of software used by federal agencies. Speaking at a recent conference, she said that NASA SEWP and several other organizations lack the proper staff to implement the policy, […]
Lawrence Livermore National Laboratory has developed the Skywing open source software designed to support scientists, mathematicians and computer scientists in creating collaborative autonomy-focused applications aimed at protecting critical infrastructure from cyberattacks. Collaborative autonomy applications enable networked devices to detect unauthorized system commands and actions and allow the isolation of compromised devices or control centers to […]
New guidance from the National Security Agency and the Cybersecurity and Infrastructure Security Agency aims to help organizations prevent cyberthreats from remote monitoring and management software. The guidance identifies malicious domains tied to RMM-enabled threats and encourages enterprises to audit their tools. It also encourages RMM software users to review logs and take other steps […]
Alejandro Mayorkas, the secretary of the U.S. Department of Homeland Security, and Thierry Breton, the European Union’s commissioner for internal market, have issued a joint statement on cooperative cyber resilience efforts. They announced plans to establish “dedicated workstreams” for cybersecurity of hardware and software; cybersecurity of critical infrastructure and incident reporting requirements; and information sharing, […]
The Cybersecurity and Infrastructure Security Agency has announced the Joint Cyber Defense Collaborative’s planning agenda for 2023, which is focused on systemic risk, collective cyber response and high-risk communities. JCDC’s planning efforts aim to secure open source software used in industrial control systems, strengthen collaboration with key partners to increase the resilience of critical infrastructure […]
The Cybersecurity and Infrastructure Security Agency’s Joint Cyber Defense Collaborative now includes the Public Safety Threat Alliance, an information sharing and analysis organization established by Motorola Solutions. Recognized by CISA, the PSTA reports on ransomware attacks and other malicious activities that affect public safety and critical systems. The alliance consists of public safety entities such […]
Cloud-enabled domain name system provider Infoblox has announced that its BloxOne Threat Defense Federal Cloud has secured moderate authorization under the Federal Risk and Authorization Management Program. BloxOne Threat Defense Federal Cloud comprises the company’s Cloud Services Portal, Threat Intel Data Exchange and Dossier threat investigation platform. The solution allows government agencies to simplify and […]
The Mississippi Department of Public Safety has created a new cyber unit and appointed its first director. According to the department, the Mississippi Cyber Unit will manage cybersecurity threat information and mitigation matters across the state and will act as Mississippi’s cyber reporting and response center. The unit will be part of the state’s Office […]
The National Oceanic and Atmospheric Administration’s Cyber Security Center has posted a request for information to identify providers of round-the-clock threat response capabilities as well as enterprise services such as continuous diagnostics and information technology operations. The potential vendor will also be tasked with providing engineering support for data and service integration to the Department […]
The Office of the Director, Operational Test and Evaluation said a lack of cyber test capabilities, resources and personnel in the Department of Defense led to a shortfall in the DOD’s cyber posture. In its fiscal year 2022 annual report, the office noted that the DOD’s test capabilities should keep pace with the cyber technologies […]
