The U.S. Military Entrance Processing Command has highlighted key aspects that ensure the command has a good cybersecurity posture. Master Sgt. Darrin McDufford of USMEPCOM said in an opinion piece that good cybersecurity should include three things: continuity of work and operations, equipment, and plans for the future. To improve cybersecurity, the command must limit […]
The Department of State has sponsored the development of a nine-day cybersecurity workshop aimed at training U.S. allies to combat North Korean malware. The effort is being led by the department’s newly established Bureau of Cyberspace and Digital Policy, which is tasked with coordinating digital diplomacy and encouraging responsible state behavior in cyberspace. Titled “Unhiding […]
The General Services Administration has issued a request for information for application security testing capabilities. GSA explained that federal agencies already use sophisticated tools for weeding out detectable vulnerabilities from applications. However, the government cannot rely solely on automation and must also bring in deep cybersecurity expertise for manual analysis, according to the RFI posted […]
Genians, a zero trust security company, announced that it will participate in the Massachusetts Bay Community College’s cybersecurity education program. The company said it was selected to provide practical cybersecurity educational content to students and faculty in science, technology, engineering and math fields. MassBay’s program is scheduled to launch within the fall semester, Genians said […]
A review conducted by Nextgov revealed that out of all the 101 federal agencies under the Cybersecurity and Infrastructure Security Agency‘s authority, only the National Transportation Safety Board has not developed and implemented a vulnerability disclosure policy. In September 2020, CISA issued Binding Operational Directive 20-01, which requires all federal civilian executive branch agencies under […]
A trio of federal security entities has published guidance on how the developer community can better protect the software supply chain. The document, titled “Securing the Software Chain for Developers,” resulted from a collaboration among the National Security Agency, Cybersecurity and Infrastructure Agency and the Office of the Director of National Intelligence. Specifically, the paper […]
The Cyber AB has named Sentar a certified third-party assessment organization, expanding the number of accredited cybersecurity evaluation services providers. As a C3PAO, Sentar is authorized to conduct Cybersecurity Maturity Model Certification assessments of companies that want to secure contracts from the Department of Defense. The CMMC program aims to ensure the defense industrial base […]
The Federal Housing Finance Agency had lapses in enacting binding operational directives from the Department of Homeland Security that cover cybersecurity issues. According to an audit released by FHFA’s inspector general on Aug. 31, the agency does not have a documented process to implement DHS directives. Specifically, FHFA failed to publish a vulnerability disclosure policy […]
The Federal Reserve Board said in its annual Cybersecurity and Financial System Resilience report that ransomware attacks are a key issue that the U.S. financial sector is facing. According to the Fed’s report, ransomware has become one of the more persistent issues, especially with attackers automating the threat and turning it into an as-a-service offering. […]
The FBI has issued a public service announcement about a surge of hackers stealing cryptocurrencies. Cyber criminals are increasingly exploiting vulnerabilities in decentralized finance platforms and smart contracts, which are lines of code on a blockchain that automatically enforce terms of agreements between buyers and sellers, the FBI said Tuesday. The agency cited a Chainalysis […]
