The Defense Department inspector general's office has examined the adequacy of sharing cyber-threat indicators under the Cybersecurity Act of 2015, among other measures required by the law, in a new report slated for release next month.
Key Issues Optical clocks Prototype funding SPAFORGEN
Rick has more than 30 years of experience in covering federal policy, and has worked as an editor and reporter in such key policy areas as energy and environment, health care policy, and now cybersecurity and the tech industry. Rick is a founding member of the editorial team at Inside Cybersecurity, reporting on federal cybersecurity policies since their earliest stages, and is a regular contributor to Inside Defense.
The Defense Department inspector general's office has examined the adequacy of sharing cyber-threat indicators under the Cybersecurity Act of 2015, among other measures required by the law, in a new report slated for release next month.
Sen. Mark Warner (D-VA) is praising the Trump administration for its recently unveiled cybersecurity strategy -- which in part unleashes the military to pursue foreign hackers -- while asserting that the president's divisive politics both domestically and abroad are ceding U.S. leadership on development of the next generation of information technologies and on the global data security and management standards underlying a digital economy.
The National Security Agency's top lawyer is warning that the proliferation of international regulations for data privacy and security could relegate the United States to a follower, rather than a leader, on global standards for the digital economy.
Defense Secretary James Mattis has signed a memorandum establishing a task force that will draw from the Pentagon's military and civilian leadership to counter cyber threats to critical data and operations, with an aggressive time line for specific actions within 30 days and three months.
Senior cybersecurity officials at the Department of Homeland Security and the Air Force are warning that overly cautious system mangers could undermine protecting data and networks from foreign and other adversaries.
China's Ministry of Public Security has issued a new cybersecurity regulation -- taking effect on Nov. 1 -- that will grant regional law enforcement broad authority to inspect companies to ensure they register as a "network-using entity," among other measures laid out in China's landmark cybersecurity law enacted last year.
The Chinese government's involvement in and manipulation of emerging Internet of Things technologies, both through investments and espionage, pose a risk to U.S. national security and economic interests, according to a new report for a congressionally mandated commission, which calls for a federal law on protecting data and privacy to counter these threats.
A leading Pentagon official on information security questioned whether cybersecurity should be established as a core purchasing principle for the military, as described in a recent MITRE Corp. report.
President Trump has tasked the Defense Department with taking a more active and expansive role in protecting the nation's critical infrastructure from cyberattacks by foreign adversaries, with efforts to secure the supply chain having emerged as the front line in this battle.
GAITHERSBURG, MD -- Defense Department officials responsible for implementing data-protection acquisition rules say cybersecurity guidelines from the National Institute of Standards and Technology -- currently being considered for revision -- will lead to a government-wide approach to securing sensitive information through widespread procurement reforms.
GAITHERSBURG, MD -- The National Institute of Standards and Technology is planning to issue a draft second revision to its guidelines for controlled unclassified information handled by the Defense Department and government contractors, in order to better address "advanced persistent threats," according to a key NIST official.
The Pentagon is taking a more active role in protecting critical infrastructure -- including telecom and financial services -- based on concerns that system vulnerabilities could undermine national security, just as the Defense Department's own cybersecurity practices are being questioned by congressional investigators.
Harvey Rishikof, a key author of a MITRE Corp. report on securing the Pentagon's cyber supply chain, expects changes in defense acquisition rules will be an initial step in implementing the recommendations, which he says will have sweeping implications for the design of networks and IT products.
The Pentagon should throw its considerable political weight behind a longstanding proposal supported by industry to revise the anti-terrorism SAFETY Act by expanding its liability protections to address cybersecurity measures, according to recommendations in a MITRE Corp. report on securing the military's supply chain.
Tony Scott, the federal government's former chief information officer, praised the Defense Department's proposal for consolidating its cloud computing operations, known as JEDI, as a significant move in addressing longstanding issues related to IT modernization, including cybersecurity.
The National Institute of Standards and Technology has released for comment its draft risk-management framework on security and privacy issues related to government information systems, citing a Defense Science Board finding about national security risks from outsourcing information technology services and components to potential foreign adversaries.
Defense Department Chief Information Officer Dana Deasy downplayed the likely effectiveness of the National Institute of Standards and Technology developing a framework of standards on contractor and vendor cyber risks, arguing the issue is too broad and constantly changing to leave it to such an approach.
Policy initiatives unfolding at the departments of Homeland Security and Defense are aiming for breakthroughs on addressing longstanding cyber supply-chain concerns, which could force major changes in how the government makes purchasing decisions, its interactions with industry in setting those requirements and the role of the Pentagon in protecting domestic digital assets -- including privately owned networks.
The Senate Homeland Security and Governmental Affairs Committee Wednesday unanimously approved a bipartisan bill that would establish a federal acquisition council to address supply-chain cybersecurity risks, in a move intended to "bridge the information gap" in purchasing decisions by civilian agencies and the Pentagon.
The Defense Department is helping the federal government respond to growing and evolving cybersecurity threats by moving into non-traditional areas for the military such as protecting financial institutions and election systems, based on recent comments by high-ranking Pentagon and administration officials.