Cyber Security Exchange
A vertical community of Federal cyber security leaders, project managers, industry, and government IT community stakeholders focused on public-private collaboration and best-practice exchange.
Anatomy of a DIB Hack: Feds Share Methods, Mitigations
The Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) released an advisory this week detailing how multiple nation-state hacking groups potentially targeted a Defense Industrial Base (DIB) sector organization’s enterprise network as part of a cyber espionage campaign.
Tagged CISA, DIB
Leave a comment
US Ranks Number 1 in New ‘Cyber Power’ Report
The United States ranks number one as a world “cyber power” leader, according to a new report from Harvard University’s Belfer Center for Science and International Affairs.
Feds Set Roadmap for SLTTs in Ransomware Fight
Federal officials urged state and local government and education leaders this week to focus on some of the Federal government’s top existing resources in the fight against ransomware attacks – including one principle that’s easy to say but harder to do – don’t meet ransom demands.
Tagged CISA, Cybersecurity, GAO, K-12, ransomware
Leave a comment
GAO: Feds Could Improve Collaboration When Helping SLTTs With Ransomware Attacks
A new report from the Government Accountability Office (GAO) found that Federal agencies are successfully helping state, local, tribal, and territorial (SLTT) governments prevent and respond to ransomware attacks; however, there is still room to improve collaboration. The GAO offered three recommendations for Federal agencies to improve collaboration.
CISA Orders Agency Actions on Asset Visibility, Vulnerability Detection
The Cybersecurity and Infrastructure Security Agency (CISA) has issued a binding operational directive (BOD) that sets baseline requirements for Federal civilian agencies to identify assets and vulnerabilities on their networks, and to provide data to CISA on those assets and on vulnerability detection.
Biden, NCD, CISA Kick Off Cybersecurity Awareness Month
President Biden has declared October 2022 as Cybersecurity Awareness Month – making it the 19th consecutive year of that designation.
CISA Rolls Out Protective DNS Offering to Federal Agencies
The Cybersecurity and Infrastructure Security Agency (CISA) announced this week that its Protective Domain Name System (DNS) – the agency’s latest shared service offering – is available to all Federal civilian agencies to enhance their cyber defenses.
Tagged CISA, Cybersecurity, Protective DNS
Leave a comment
Bill Adding CISA to Open Source Security Beat Heads to Senate Floor
The Senate Homeland Security and Governmental Affairs Committee on September 28 approved by voice vote the Securing Open Source Software Act, which aims to put more Federal government muscle behind protecting open source software following the emergence of the Log4J vulnerability late last year.
CISA, NSA Release Guidance for Securing ICS, OT
The Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) released a new cybersecurity advisory on September 22 to help owners and operators of critical infrastructure better protect operational technology (OT) and industrial control systems (ICS) assets from the increasing probability of cyberattacks.
Tagged CISA, ICS, NSA, OT
Leave a comment
Bipartisan Senate Bill Would Protect Open Source Software
Sen. Gary Peters, D-Mich., chairman of the Homeland Security and Governmental Affairs Committee, and Ranking Member Rob Portman, R-Ohio, introduced bipartisan legislation on Sept. 22 that aims to protect open-source software in response to issues raised by the Log4j vulnerability that emerged in December 2021.