Representatives from Facebook, Twitter, and Google told Congress on Oct. 31 that they’ve had to learn how to combat nontraditional cyberattacks, like the spread of disinformation, rather than focusing on malware attacks alone to protect consumers. […]

As hospital chief information security officers report that their networks are under constant attempts at intrusion, the Food and Drug Administration (FDA) is taking a look at how medical devices can be used as access points into the larger networks. […]

Following a House hearing on the cyber workforce shortage, the Department of Homeland Security released information about cyber training programs. […]

Cybersecurity experts offered solutions to protect the U.S. electric grid, including moving the grid off of the public Internet, and using quantum encryption capabilities. “The nation’s electrical grid is a vital resource upon which our economy and our citizens’ daily lives depend,” said Richard Raines, director of the Electrical and Electronics Systems Research Division at Oak Ridge National Laboratory. “It is also a system that is highly vulnerable to cyber intrusions as more and more utility controls and ‘smart’ technologies rely on public Internet connections.” […]

Many Federal agencies still struggle with overcoming security concerns when transitioning to the cloud, according to a MeriTalk report, To Cloud or Not to Cloud? That Isn’t the Question. Thirty-five percent of Federal IT leaders said that the security of their existing private cloud environments is excellent, compared to 21 percent for public cloud security. […]

The Department of Homeland Security published tips on Staying Safe in a ‘Smart’ World, which tells citizens how to navigate an environment full of the Internet of Things. […]

Jeff T.H. Pon, the nominee for director of the Office of Personnel Management, said that his top priority for the agency will be IT modernization. “Outside of work, Federal employees are able to access nearly any piece of information they need, from their bank accounts to student loans to car insurance, all on their phone,” he said. “We need to work toward providing the employees of the Federal government with the same conveniences with regards to their employment within the Federal government, with appropriate attention to information security.” […]

Federal IT leaders are shifting focus from trying to secure every system to prioritizing the systems that need the most security controls. “We realized that no matter how much we protected our systems, something could happen,” said Thresa Lang, deputy director of the Navy Cybersecurity Division, at CISQ’s Cyber Resilience Summit on Oct. 19. […]

Federal agencies are focusing on ways they can leverage new technologies, such as automation, to improve IT service management and streamline cybersecurity processes, as they work to keep up with a threat landscape that changes constantly. ServiceNow’s Bob Osborn said that ServiceNow is integrating artificial intelligence capabilities into its platform so that agencies can use the newest automation technologies as they become available. […]

Sen. Sheldon Whitehouse, D-R.I., told Attorney General Jeff Sessions on Oct. 18 that he has found it impossible to talk to anyone from the Department of Justice about cybersecurity legislation. Whitehouse said during a hearing before the Senate Judiciary Committee that intelligence officials have told the committee that the election systems could be hacked by foreign actors. Whitehouse is interested in working with different agencies to develop legislation on cybersecurity. […]

The Department of Defense is recognizing National Cybersecurity Month by expanding cybersecurity education to families of service members. “This is not just an IT issue,” said Essye Miller, deputy CIO for cybersecurity and chief information security officer for DoD. “Everyone that’s operating on the network has a responsibility.” […]

The FBI needs access to encrypted files in order to protect the nation against cyber crime, according to Deputy Attorney General Rod Rosenstein. “Encryption is essential,” Rosenstein said “It is a foundational element of data security and authentication. It is central to the growth and flourishing of the digital economy. We in law enforcement have no desire to undermine encryption. But ‘warrant-proof’ encryption poses a serious problem.” […]

Rep. Will Hurd, R-Texas, is working on the text of his bill to create the Cyber National Guard, a scholarship program that will help train students for cybersecurity jobs in the Federal government. Students who apply for the Cyber National Guard would receive scholarship money for cybersecurity training programs. Once the students graduate, they would spend the same number of years working for a Federal agency as they did receiving scholarship money to attend school. […]

With the new focus on innovation in Federal IT, agency CIOs said they will modernize whether they like it or not. The increased conversations about modernization have changed the way agency CIOs talk to their leadership about IT, according to Pamela Dyson, CIO of the Securities and Exchange Commission (SEC). […]

The Federal Deposit Insurance Corporation collection of personally identifiable information was hacked 54 times between Jan. 1, 2015, and Dec. 1, 2016, according to an Inspector General report. […]

Former Secretary of State Hillary Clinton said on Oct. 6 that the Federal government needs to classify cyberattacks on the United States as acts of war. Clinton referred to the Russian hacks on the Democratic National Committee as a reason for the U.S. to retaliate against such breaches. […]

Industry experts told Congress on Oct. 3 that regulations are necessary to secure the Internet of Things. “Is the industry doing enough to ensure the security of IoT devices?” Rep. Jamie Raskin, D-Md., asked at the IT Subcommittee hearing on the Cybersecurity of IoT. […]

The Department of Homeland Security plans next month to stand up a governmentwide dashboard that will give the agency visibility into all of the Federal networks. The dashboard is part of the Continuous Diagnostics and Mitigation program, which was supported in the White House’s IT Modernization report. […]

President Donald Trump declared October 2017 National Cybersecurity Awareness Month. The announcement follows the Equifax breach in September, which affected about 143 million U.S. consumers. Trump signed a Cybersecurity Executive Order in May in an effort to strengthen Federal cybersecurity and hold agency heads accountable for security issues. […]

Cybersecurity standards for Internet of Things devices need to be improved in order to secure medical devices that have created the “Internet of Bodies.” Terrell McSweeny, commissioner of the Federal Trade Commission, said that more regulation needs to be written before connected medical devices become commonplace. […]

Agencies have begun to focus more on how to leverage shared services after the release of the Cybersecurity Executive Order, which advocates for agencies to share platforms for common operations like human resources and finances. […]

Reps. Greg Walden, R-Ore., and Tim Murphy, R-Pa., sent a letter requesting that the Department of Health and Human Services (HHS) attend a briefing with the Energy and Commerce committee on pharmaceutical companies affected by malware, such as the recent NotPetya malware’s impact on pharmaceutical company Merck. […]

President Donald Trump will sign a memorandum today to strengthen computer science education in schools, Press Secretary Sarah Huckabee Sanders announced during a press briefing on Sept. 25. The memorandum will mandate that Secretary of Education Betsy DeVos provide $200 million per year in grants for science and technology education to strengthen STEM programs in schools, and to add computer science to the curriculum in K-12 schools. […]

The Securities and Exchange Commission (SEC) released a statement on Sept. 20, which said that it learned in August 2017 of a cyberattack previously detected in 2016 might have allowed illicit gain through trading. In May 2017, SEC Chairman Jay Clayton initiated an assessment of the agency’s internal cybersecurity risk profile and approach to cybersecurity. […]

A report with information from all of the agencies’ risk management reports will be sent to President Donald Trump to review by Oct. 8, even though the government still lacks a Federal CIO. Barry West, senior adviser and senior accountable official for risk management at the Department of Homeland Security, said that the goals of the Cyber Executive Order in May could still be met without a Federal CIO. […]

Comodo Threat Intelligence Labs investigated the Equifax data breach and found Equifax executives’ passwords available for sale on the Dark Web. Comodo found that more than 388 instances of Equifax user and employee endpoint data available for sale. This information includes usernames, titles, passwords, and login URLs, and the dates on which they were stolen. […]

About half of government IT professionals think that regulations make it more difficult to achieve an optimal cybersecurity posture, according to a study released Sept. 18 by SolarWinds. […]

The Federal Trade Commission issued a warning on Sept. 14 to consumers to be on the alert for phishing scams related to the Equifax breach. The FTC said people might call asking to verify consumers’ account information due to the Equifax hack. “Stop. Don’t tell them anything,” the FTC said in a statement. […]

Creating one cloud architecture for the civilian agencies will make it easier for hackers, according to Beth Dunphy, program director of cybersecurity technologies at IBM. The White House’s recent IT Modernization Report calls for the Federal government to invest in two to three cloud models to support the different agencies. “At the end of the day it’s just going to make it easier to repeat the attacks from the attackers,” Dunphy said at the AFCEA Homeland Security Conference on Sept. 12. […]