Cybersecurity
-
Air Force Lt. Col. Andrew Wonpat, a member of the Air National Guard's Cyber Operations Group, said assessing non-traditional traits of employees is proving successful in expanding the pool of qualified cyber workers.
October 17, 2023 -
Insider cybersecurity threats are just as potent as Russian and Chinese hackers. Some employees make mistakes, clicking on that bad phishing link. Unhappy or disgruntled employees, that's another matter. Federal Drive Host Tom Temin talk with someone who says such people are far more susceptible than average to social-engineering attacks. Tom's guest was Max Shier, Chief Information Security Officer at Optiv.
October 17, 2023 -
NIST is updating its seminal Special Publication 800-53, which forms the basis of federal cyber requirements, to address an urgent gap in identity and authentication measures.
October 17, 2023 -
In the pantheon of cybersecurity risks our federal government currently has on its plate, a quantum cyberattack may not be the immediate “front burner” issue. But it’s still a red-hot risk. Cryptographic algorithms secure everything from our industrial control systems to our national defenses to the entire U.S. financial system.
October 16, 2023 -
Federal agencies and contractors alike face increasing cybersecurity, fraud, sanctions and supply chain risks stimulated by geopolitical events. Experts at Guidehouse say an important strategy to mitigate risk is to simply have knowledge of the dynamics of geopolitical issues and effects they throw off.
October 16, 2023 -
GSA plans to centralize its application security program amid a broader push to ensure the government only relies on secure software.
October 13, 2023 -
Building trust is essential for businesses working with the federal government. The key is to start by making the effort and investments necessary to secure your cyber supply chain. Acting in good faith and providing transparency will demonstrate trustworthiness and create more business opportunities.
October 13, 2023 -
In the realm of federal cybersecurity, change is both inevitable and necessary. The urgency of President Biden's 2021 Executive Order to implement a zero trust architecture by September 2024 has set the stage for a pivotal transformation. Yet, as the deadline draws near, it's apparent that while the directive's intent is clear, the path to its realization is fraught with complexity and challenges.
October 12, 2023 -
Carol Woody, principal researcher for the Software Engineering Institute at Carnegie Mellon University, said focusing exclusively on SBOMs can run the risk of missing the other half of the problem: How is the software purchaser going to use it, and what risks are inherent in that use?
October 12, 2023 -
This new rule gives the Federal Acquisition Security Council the ability to tell contractors when to exclude or remove a product deemed risky.
October 11, 2023 -
In the months following the arrest of Airman 1st Class Jack Teixeira, a member of the Massachusetts Air National Guard, for leaking national security secrets to his friends on Discord, the Defense Department has released new policies and procedures for how it handles classified information.
October 11, 2023 -
You can't manage what you can't measure. That's the idea behind a professional association known as the Factor Analysis of Information Risk (FAIR) Institute. The group seeks to advance quantitative measurement and management of risk to information, including in federal organizations.
October 11, 2023 -
Almost everything the government buys in the future could look like cybersecurity with some other product attached, if new proposed rules from the Federal Acquisition Regulation council take effect early next year. That's more a matter of when than if. Attorney Townsend Bourne, a partner at Sheppard Mullin, has read the proposed rules and joins Federal Drive host Tom Temin for this discussion.
October 10, 2023 -
The acquisition rules stem from recent cyber incidents like the SolarWinds breach.
October 04, 2023 -
Cyber threats continue to evolve challenging agencies with efforts not only to keep up with the technology, but to find and keep the right people who can stay one step ahead.
October 04, 2023
