Cybercom event explores agency roles in cyber incident response

Cybersecurity and incident response are practices engrained in most every 21st century federal agency. But when it comes to a massive cyber attack requiring the aid of multiple, partnering groups, which agency does what? Last week, the U.S. Cyber Command demonstrated a specific framework for how several critical agencies can play complementary roles in the national cyber incident response process.

Senate defense spending bill slashes IT by half-billion, uplifts cyber

The Senate Appropriations Committee passed a fiscal year 2015 Defense Department spending bill Thursday that would cut defense IT spending by a half-billion and reduce President Obama’s military budget requests by $1.4 billion overall.

Threat Matrix: Episode 22—Securing the ‘Google era’ electric grid

In this episode of Threat Matrix, we look at a new report released July 15 by a group of national security experts that calls on Congress to immediately pass legislation that would enable real-time information sharing between the government and the private sector on cyber threats to the nation’s electric grid.

Miller calls on VA to answer for cybersecurity shortfalls

House Veterans Affairs Committee Chairman Rep. Jeff Miller, R-Fla., has called on five senior VA officials, including Acting Secretary Sloan Gibson, to testify at next week’s scheduled hearing on “longstanding information security weaknesses” that have enabled “data manipulation” throughout the agency.

NIST investigates forensic challenges in the cloud

With complications performing forensics in the cloud in mind, the National Institute for Standards and Technology created a cloud computing forensic science working group to enumerate and explore the challenges distinct to the cloud. Monday, NIST released a draft of the challenges discovered by the working group for public consideration. While the draft briefly explores 65 issues NIST’s group found, working group co-chair Dr. Martin Herman, a senior advisor for Forensics and IT at NIST, said the list is in no way exhaustive — just a first look at a very big problem.

‘Google era’ electric grid more vulnerable than ever

A new report released Tuesday by a group of national security experts calls on Congress to immediately pass legislation that would enable real-time information sharing between the government and the private sector on cyber threats to the nation’s electric grid.

Independent panel urges NIST to develop internal cryptography expertise

A group of outside experts recommend the National Institute of Standards and Technology hire more cryptographers and lessen its reliance on the National Security Agency for approving cryptographic algorithms, according to a report released Monday.

Symantec Canada reveals the dark side of mobile

A bold mobile security experiment carried out recently by Symantec Canada found that good Samaritans aren’t just nice people — they’re intrusively curious too.

Will smart cities power the future of cybercrime and mass surveillance?

Research by a group of European cybersecurity experts is raising new concerns about the increasing stealthiness of hacker techniques to command and control massive networks of compromised computers, including future scenarios involving smartphones, buildings and so-called “smart cities.”

Privacy advocates call for NSA reorganization

Critics of the National Security Agency’s bulk metadata collection programs are turning their attention to the spy agency’s alleged role in undermining Internet security standards to gain access to networks and computers around the world and are now calling for a fundamental change in its mission.

Consumer group calls for comprehensive cybersecurity legislation in 2014

The National Consumers League issued a report Monday detailing the impact hundreds of major data breaches last year have had on consumer confidence and the economy and started an online petition calling on the Obama administration and Congress to abandon the government’s hands-off approach to setting security standards and pass tougher cybersecurity and data breach notification laws this year.

Cloud-based services emerge as potential platforms for cyber attacks

Research from Trend Micro, a security solutions company, has found that Dropbox was recently targeted by cyber criminals for command-and-control purposes. The discovery was explained in a blog post last week by the company.

Energy sector facing emerging cyber-sabotage threat

An ongoing cyberespionage campaign targeting western energy companies and the control systems that power the electric grid and other major industrial operations is believed to also be capable of carrying out sabotage attacks, according to a new report by security firm Symantec Corp.

Threat Matrix: Episode 21 — Bitcoin challenges government

This week we hear from the Government Accountability Office, which recently released a new podcast on the emerging challenges that virtual currencies pose to federal financial regulatory and law enforcement agencies in carrying out their responsibilities.

Senate moves to reform FISMA

The Senate Homeland Security and Governmental Affairs Committee took a major step this week toward overhauling the aging Federal Information Security Management Act, lessening agencies’ static reporting requirements and striking a balance between FISMA’s checklist approach and the emerging concept of continuous monitoring.

New concerns about cybersecurity workforce shortage in critical infrastructure sectors

The size and scale of the nation’s critical infrastructure requires “hundreds of thousands” of people to manage, operate and secure, said Chris Blask, chairman of the Industrial Control System Information Sharing and Analysis Center, during a webcast June 25 that explored the ability of the U.S. education system to produce a cybersecurity workforce to protect the nation. “We have to have enough people who understand these issues. Just having enough people to do the work is potentially an unsolvable problem,” Blask said.

DHS releases quadrennial homeland security review

The Homeland Security Department Thursday released its strategic vision and priorities for the next four years as part of a process required by Congress known as the Quadrennial Homeland Security Review.

The real cybersecurity workforce challenge: Hiring the ‘best of the best’ hackers

Few would disagree that there is far greater demand for talented cybersecurity professionals than there are qualified people to fill those positions. But a new study released today suggests that the real cybersecurity workforce challenge is hiring and retaining the top 1 percent of the talent pool — the ‘best of the best’ hackers out there.

BlackBerry: We have the only mobile messaging software that meets FIPS standards

BlackBerry claims that BBM protected, its new mobile messaging system for enterprise, is the only one that meets the federal FIPS standards for encryption.

FCC chairman issues bold vision for improving cybersecurity

Federal Communications Commission Chairman Tom Wheeler Thursday said cybersecurity throughout the private sector must improve significantly beyond what existing voluntary frameworks have so far been able to deliver, but he stopped short of calling for new government regulations to get there.

Page 1 of 351 2 3 4 35