The Department of Homeland Security on Thursday published the Cyber Safety Review Board‘s first report on the investigation into the Log4j software and the subsequent response to the vulnerabilities arising from it. The investigation brought together government and industry leaders in probing a significant cybersecurity event with the potential to cause widespread harm, the DHS […]
Software company Radiant Logic announced that it is participating in the National Institute of Standards and Technology Cybersecurity Center of Excellence zero trust architecture project. Zero trust is a modern cybersecurity architecture that, according to one of NIST’s guidance papers, will not trust an asset or user based solely on its location or ownership. Implementing […]
Post-quantum cybersecurity company QuSecure is supporting the U.S. government’s efforts to perform the world’s first post-quantum encryption communication over a government network. The government is using QuProtect, an end-to-end, software-based PCQ solution that is designed to protect encrypted communications data through quantum secure channels. The solution is used on legacy systems at a combined U.S. […]
The Department of Homeland Security’s Science and Technology Directorate announced that it has partnered with the Cybersecurity and Infrastructure Security Agency to patch up known vulnerabilities in software used in critical infrastructure systems. Towards this end, a solicitation has been issued by the DHS seeking solutions to help secure the digital frameworks that people and […]
Rhode Island Rep. Jim Langevin is proposing to amend the annual defense policy legislation to include more cyber protections for the country’s most critical infrastructure. The proposed amendment uses language to link critical infrastructure to “national critical functions,” and recognizes that any disruption of such would have a debilitating effect on national security, the economy […]
Rep. Ritchie Torres, the vice chairman of the House Homeland Security Committee, has introduced a piece of legislation that would shed more light on the SolarWinds Orion hack. The bill tasks the Cybersecurity and Infrastructure Security Agency with creating a report outlining the impact of the hack on federal information systems, federal agencies and other […]
A challenge offering cash rewards to ethical hackers who can identify as many vulnerabilities in Department of Defense networks as possible has uncovered 90 “unique high and critical vulnerabilities,” the Chief Digital and Artificial Intelligence Office revealed. The Hack U.S. program, which began on July 4 and ends on July 11, also led to the […]
The Cybersecurity and Infrastructure Security Agency, the FBI and the Department of the Treasury have issued a joint cybersecurity advisory regarding ransomware that North Korean state-sponsored actors have been using to target the health care and public health sector. The advisory outlines details about the ransomware, as well as indicators of compromise observed during multiple […]
Maryland-headquartered CyberRx, a cybersecurity risk and compliance company, announced that it has met all of the requirements for becoming a Cybersecurity Maturity Model Certification third-party assessor organization. The accreditation by The Cyber AB opens the doors for conducting cybersecurity assessments and certifying companies that support the defense industrial base, CyberRx said Wednesday. In a statement, […]
The White House’s Office of Management and Budget is mulling the creation of a real-time trustworthiness scoring system for commercial zero trust solutions. Dan Chandler, chief information security officer in OMB’s Management and Operations division, explained that agencies rely on authentication tools made by companies like Google, Amazon and Microsoft. However, people’s trust in systems like […]
