Tech firms, associations lead response to cybersecurity framework

The nation’s critical infrastructure is massive in its size, diversity and geographic spread — literally tens of thousands of financial, transportation, power, telecommunications, manufacturing, health care and government organizations from coast to coast. So it may have been a surprise to some when the National Institute of Standards and Technology posted a mere 52 responses last week to the Obama administration’s voluntary framework for improving critical infrastructure cybersecurity.

Exclusive: VA moving to close internal VistA security gap

The Department of Veterans Affairs has been working aggressively to eliminate dozens of instances of an internal security vulnerability that could allow individuals with the right set of skills and tools to gain unauthorized access to veterans data, the VA confirmed in an exclusive interview with FedScoop.

Could Shellshock be worse than Heartbleed?

Is Shellshock a greater threat than the Heartbleed vulnerability? The Technocrat weighs in.

Ready to cast your vote online? Don’t hold your breath

We do almost everything online, from banking to buying a house and managing our most private health care issues. So why will it take another 30 to 40 years before the Internet is secure enough to support online voting?

Why don’t more millennials want to work in cybersecurity?

This month marks the 11th straight year that the Department of Homeland Security has sponsored a National Cybersecurity Awareness Month. So why do so many young adults ages 18 to 26 — the so-called millennials — say they’re not sure what it means to have a career in cybersecurity?

FDA releases guidance on medical device cybersecurity

The Food and Drug Administration released final guidance Wednesday recommending that manufacturers take those security concerns into account from the inception of their design to mitigate cyber risks.

Can encryption stop the ‘balkanizing’ of the Internet?

Countries and companies around the globe are weighing if they should keep data within their own borders. Does that help or hurt the continued growth of the Internet?

Critical Mozilla vulnerability discovered

Researchers at Intel Security announced yesterday they have uncovered a critical vulnerability in the Mozilla Network Security Services (NSS) crypto library that could allow malicious parties to set up fraudulent sites masquerading as legitimate businesses and other organizations.

White hat hackers try breaching, find ‘critical vulnerabilities’

White hat hackers within the Department of Health and Human Services’ Office of the Inspector General set out to test the integrity of security earlier this year and found critical vulnerabilities, according to an IG report released Tuesday.

Halvorsen clarifies DOD’s cloud, mobile plans

The Defense Department is drafting plans that will give the military services the authority to contract for their own cloud services using a soon-to-be-developed common business case analysis template, the Pentagon’s acting Chief Information Officer Terry Halvorsen confirmed Tuesday.

Mobile users frequently sacrifice security for increased productivity

More than a third of federal workers within the next year will use mobile devices exclusively to complete their daily work and many acknowledge their organizations frequently sacrifice security for the productivity enhancements that mobility provides, according to a new survey from the Ponemon Institute.

Reinventing the FBI: The Comey vision

James B. Comey is only the seventh director in FBI history. And with only a year on the job, he is spearheading a quiet revolution in how the 106 year-old institution recruits, trains, organizes and develops its leadership. hearing reveals user data was disclosed

The recent breach a test server might not have put users’ personal information at risk, but a congressional oversight hearing Thursday revealed that early glitches during the site’s launch did.

The FTC’s expanding cybersecurity influence

As the Department of Homeland Security awaits public comments on its voluntary framework initiative—due Oct. 10—the Federal Trade Commission has been making an aggressive push to expand its authorities and force companies that have lax security programs to bolster their defenses.

Global security association helps translate NIST framework

The Information Security Forum, a U.K.-based association of leading companies from around the world, released a “mapping” document Monday that for the first time helps companies that currently use the ISF’s standard of good practice—known simply as the standard—to guide their information security programs to know if they are in compliance with the U.S. National Institute of Standards and Technology’s cybersecurity framework.

OPM to cut ties with security clearance contractor

The federal Office of Personnel Management plans to end the government’s relationship with U.S. Investigations Services LLC, the security clearance contractor that suffered a major cyberattack last month leading to the compromise of personnel records belonging to more than 25,000 federal employees.

Did Apple just make itself the biggest target in the world?

By introducing its new mobile wallet technology with the iPhone 6, Apple may have single-handedly blunted the attacks targeting retail point-of-sale systems. And by doing so, the company may also have made itself the biggest target in the world for cybercriminals.

GSA picks Valiant for enterprise IT security contract

The General Services Administration this week awarded Valiant Solutions a $33 million contract to serve as the agency’s first line of enterprisewide defense against cyber attacks.

Rogers sets course for a new era at NSA

His first 100 days as the new director of NSA now complete, Admiral Michael Rogers has planted a series of clear navigation beacons for his employees to follow as they seek to move beyond the Edward Snowden era. And he’ll be damned if one outlaw leaker and a handful of journalists are allowed to write the final chapter of NSA’s storied history.

Standard password protection is dead

With 1.2 billion new passwords stolen, feds should finally consider abandoning standard password protection.

Page 1 of 361 2 3 4 36