Strategic plans and scorecards are essential to effectively budgeting their cybersecurity needs, agency officials said. Michael Johnson, CIO of the Department of Energy, said the agency uses the DOE Cyber Strategy for information sharing and safeguarding, using multifactor authentication, and focusing on research and development. […]

The Defense Information Systems Agency receives notifications for about 800 million alarms a day while providing support for 146 mission partners, and Maj. Gen. Sarah Zabel, vice director, said the agency is trying to grant all 146 partners access to the commercial cloud. […]

The NIST Commission on Enhancing National Cybersecurity should prioritize the NIST Cybersecurity Framework, the Cybersecurity Information Sharing Act of 2015, and creating norms and deterrence strategies, according to officials at the U.S. Chamber of Commerce. […]

cybersecurity

Comments close Friday at 5 p.m. on the NIST Commission on Enhancing National Cybersecurity’s request for information on how best to address the “current and future states of cybersecurity in a digital economy.” […]

Due to the breadth and depth of cyberattacks and breaches in the Federal government, most especially the Office of Personnel Management, agencies should be implementing a policy of zero trust when it comes to who is accessing their data, according to Rep. Jason Chaffetz, R-Utah. His committee released a report titled “The OPM Data Breach: How the Government Jeopardized Our National Security for More than a Generation.” […]

The Cloud Security Alliance published a list of the 100 Best Practices in Big Data Security and Privacy to help big data service providers strengthen their infrastructures as the amount of data rapidly grows. The list offers 10 solutions for each of the 10 biggest challenges in big data security and privacy. Check out our condensed list, presenting one recommendation for each challenge. […]

Donald Trump’s campaign app, America First, puts users’ contacts at risk. The app, which is available in the Apple App Store and the Google Play Store, requests access to users’ phone address books, which puts this information at risk if the campaign were to be hacked. This is a legitimate concern, given the number of hacks already reported during this election season. […]

The Department of Homeland Security has expanded its Continuous Diagnostics and Mitigation Tools Blanket Purchase Agreement with the inclusion of Imperva’s Web application and database firewalls. […]

According to MeriTalk’s report titled “Navigating the Cybersecurity Equation,” government agencies are struggling to derive cybersecurity intelligence from big data. Federal agencies stated that the greatest challenge in data analytics is the overwhelming amount of data agencies have to sift through. […]

Like Federal entities and tech companies nationwide, the National Geospatial-Intelligence Agency is working on solutions for good cybersecurity practices. Matt Conner, deputy information security officer and director of the Cybersecurity Office at NGA, said that the agency is in the laborious process of moving to the cloud. Conner will be speaking on cyber risks at the Symantec Government Symposium on Aug. 30. […]

In the five years since the government has encouraged agencies to transition to the cloud, spending on cloud-based technologies has increased to about 9 percent, which is a good pace, according to Tom Ruff, vice president of Public Sector America at Akamai. […]

In a letter sent to Federal Communications Commission Chairman Tom Wheeler, Rep. Ted Lieu, D-Calif., requested that the agency expedite its investigation of the Signaling System Number 7 flaw in light of a recent Democratic Congressional Campaign Committee hack. […]

The Department of Veterans Affairs announced that the Department of Homeland Security and Hiring our Heroes have teamed up to offer free online, on-demand cybersecurity training to government employees and veterans via DHS’ Federal Virtual Training Environment. […]

SecureAuth has launched SecureAuth University, a continuing education program for cybersecurity professionals. Through e-learning and instructor-led courses, SecureAuth University offers certification for three levels of cybersecurity professionals: administrator, advanced administrator, and developer. […]

Categories