CISA's Michael Duffy provides an overview of the past, present and future of the landmark CDM program in an exclusive interview.
In the world of quantum computers, the need for an advanced approach to cybersecurity is more necessary than ever. As a result, thought leaders in the post-quantum cryptography (PQC) space are looking for ways to…
Yes, there’s a federal cybersecurity workforce gap, but it’s not a pipeline issue, says Pluralsight’s Aaron Rosenmund. “We have this massive talent gap at an intermediate and advanced level. You can’t go recruit them.” Learn what you can do instead.
CISA’s zero trust model provides federal agencies with a clear path to follow, making it another vital tool to help define the zero trust journey — one that will help them meet the September 2024 deadline set by the Office of Management and Budget's memo.
Tom Voshell, vice president, Federal Program Office at Coupa Software, joins host Roger Waldron on this week's Off the Shelf to discuss data management and cyber security with a focus on the Department of Defense’s upcoming release and implementation of an updated version of its Cybersecurity Maturity Model Certification (CMMC 2.0).
The Biden administration and major consumer tech players are launching an effort to put a nationwide cybersecurity certification and labeling program in place. The program announced Tuesday is to help consumers choose smart devices that are less vulnerable to hacking. Officials liken the new U.S. Cyber Trust Mark initiative to the Energy Star program, which rates appliances’ energy efficiency. The initiative will be overseen by the Federal Communications Commission. Industry participation is voluntary. Amazon, Best Buy, Google, LG, Logitech and Samsung are among industry participants. The labels are for products including baby monitors, home security cameras, fitness trackers, TVs and smart climate control systems. The labels could be ready by next year.
Bills to modernize cybersecurity hiring, broaden AI training and streamline regulatory documents advance out of the House Oversight and Accountability Committee.
A purpose-built, on-premises collaboration solution gives your organization a secure environment to centralize the technology tools, content and communications needed to respond to and audit any incident that threatens your mission.
In January 2022 the Office of Management and Budget published its M-22-09 memorandum on zero trust that mandated compliance with specific goals by the end of fiscal 2024.
Marine Innovation Unit expands its staff as it takes on more projects and moves toward full operational status.
The White House on Thursday released an implementation plan for its National Cybersecurity Strategy. The plan outlines 65 high-impact initiatives agencies must meet to stay ahead of emerging threats, and sets a timeline to complete those goals.
As technology evolves and becomes more complex, so do the techniques of malicious actors looking to compromise systems and steal sensitive data.
U.S. officials say state-backed Chinese hackers foiled Microsoft’s cloud-based security and hacked the email of officials at multiple U.S. agencies that deal with China ahead of Secretary of State Antony Blinken’s trip to Beijing last month. The surgical, targeted espionage accessed the mailboxes of a small number of individuals at an unspecified number of U.S. agencies and was discovered by the State Department. Officials said none of the breached systems were classified. The hack was disclosed late Tuesday by Microsoft, which said email accounts were haced at about 25 organizations globally beginning in mid-May. A U.S. official said the number of U.S. organizations impacted was in the single digits.
CISA says a federal agency was only able to detect the infiltration of its email accounts because it had access to Microsoft's "enhanced" logging capabilities.
SecOps teams must be able to determine what is blatantly spyware. The software is probably sending out specific information and capturing data. All this type of data — application, network and device information — must be correlated and analyzed for a better understanding of what’s going on within the entire IT infrastructure.