Telecom

NSA chief explains new cyber directorate | FCW

Posted by

0


The National Security Agency’s new cyber directorate wants to bridge gaps between government agencies and the defense industrial base, according to the agency’s chief Gen. Paul Nakasone.

“NSA’s new cybersecurity directorate, which opened for business last week, will give us a laser focus on these challenges,” said Nakasone, who also leads U.S. Cyber Command, during an Oct. 9 keynote at the FireEye Cyber Defense Summit in Washington, D.C.

Nakasone named three reasons behind standing up the cybersecurity directorate, which is headed by Anne Neuberger and stood up Oct. 1: to combat an evolving threat landscape, capitalize on ability to set security standards and make vulnerability assessments, and enhance partnerships with Cyber Command, Homeland Security, FBI and industry.

Source: NSA chief explains new cyber directorate — FCW

CISA requests administrative subpoena power over ISPs | FCW

Posted by

0


The Cybersecurity and Infrastructure Security Agency is seeking new authorities to issue administrative subpoenas to compel internet service providers to turn over customer information that allows the agency to identify owners of critical infrastructure systems that have identified cybersecurity vulnerabilities.

FCW has confirmed the department has submitted a proposal for legislative language to Congress, and a spokesperson for the House Homeland Security Committee said the committee is currently “vetting the proposal.” The proposal was submitted earlier this year and a briefing at the staff level has taken place. Other sources close to the committees have indicated that not every member has been briefed on or seen the proposal yet.

TechCrunch was first to report on the proposal.

Source: CISA requests administrative subpoena power over ISPs — FCW

Former Navy Secretary: Effective Cybersecurity Requires Persistent Presence | Nextgov

Posted by

0


If you lead an organization of any size in the United States today, you sit atop a powerful technology stack. Your communications, calendar and finances coordinate instantly, globally—as long as the networks keep working, and you have access to that data. Disrupting those networks creates chaos.

In nearly eight years as Secretary of the Navy, I faced a steep challenge on how to manage cyber threats at the pace of 8 million attempted intrusions a day in an organization of 900,000 people.

Here’s how we maintained presence in the cyber domain—and you can too …

Source: Former Navy Secretary: Effective Cybersecurity Requires Persistent Presence – Nextgov

NSA official: ‘Dumb’ software supply chain attacks still prevalent | FCW

Posted by

0


While much of the discussion around supply chain security has focused on the parts, components and gear that make up an organization’s physical IT assets, a growing number of experts are making the case that vulnerabilities in the software supply chain may represent the larger cybersecurity threat over the long haul.

A 2018 survey of 1,300 IT security professionals by cybersecurity firm CrowdStrike found that nearly 80% of respondents said their organizations needed to devote more resources to their software supply chain, and 62% said the issue was being overlooked during IT spending decisions.

That lack of attention may be creating easy pathways for malicious hackers. According to Cheri Caddy, director of public private partnerships at the National Security Agency, rudimentary, easily exploitable software vulnerabilities are still the most common ways bad actors get into systems and networks.

Source: NSA official: ‘Dumb’ software supply chain attacks still prevalent — FCW

Samsung ends mobile phone production in China | Reuters

Posted by

0

null
The South Korean tech giant’s ceased phone production in China follows other manufacturers shifting production from China due to rising labor costs and the economic slowdown.

Sony also said it was closing its Beijing smartphone plant and would only make smartphones in Thailand.

But Apple (AAPL.O) still makes major products in China.

Source: Samsung ends mobile phone production in China – Reuters

GSA Certifies Two More Vendors Ahead of Task Order Deadline on $50B Telecom Contract  | Nextgov

Posted by

0


Two more vendors on the General Services Administration’s $50 billion Enterprise Infrastructure Solutions telecom contract received an authority to operate, or ATO, verifying they can provide a baseline of cybersecurity for the infrastructure that enables agencies’ IT to function.

BT Federal and Harris have been added to the list of completed ATOs, where they join AT&T, CenturyLink and Verizon. The remaining four vendors—CoreTech, Granite, MetTel and MicroTech—are still in progress, GSA confirmed.

Source: GSA Certifies Two More Vendors Ahead of Task Order Deadline on $50B Telecom Contract  – Nextgov

Protection from Ransomware Attacks Isn’t as Simple as Insurance | Nextgov

Posted by

0


Local governments facing an onslaught of ransomware attacks are increasingly turning to insurance to protect them if hackers successfully take control of a city’s computer system.

But experts warn that local governments may not be getting the level of protection they need through basic policies. And when insurance companies opt to pay ransoms, rather than cover the (sometimes exorbitant) cost to recover data, they make local governments a bigger target for hackers.

Source: Protection from Ransomware Attacks Isn’t as Simple as Insurance – Nextgov

The Pentagon is Standing Up a Nonprofit to Assess Vendor Cybersecurity  | Nextgov

Posted by

0


The Defense Department is looking to stand up a nonprofit organization to measure the strength of its contractors’ cybersecurity practices.

The group would be responsible for running the vendor accreditation process under the Pentagon’s new Cybersecurity Maturity Model Certification, or CMMC. The framework, which was released in draft form last month, will serve as a yardstick for determining if contractors are taking sufficient steps to protect the sensitive military data that resides on their networks.

Source: The Pentagon is Standing Up a Nonprofit to Assess Vendor Cybersecurity  – Nextgov

NIST looking for partners to secure energy IoT | FCW

Posted by

0

null
The National Institute for Standards and Technology is looking to enter into cooperative research agreements for products and technical expertise that can secure energy-related internet-of-things devices.

In a posting scheduled to be published Oct. 8 in the Federal Register, NIST is asking all interested organizations to submit letters of interest to enter a Cooperative Research and Development Agreement with the agency to “provide an architecture that can be referenced and develop guidance for securing [industrial IoT devices] in commercial and/or utility-scale distributed energy resource environments.”

Source: NIST looking for partners to secure energy IoT — FCW

Jim Langevin’s view from the Hill | FCW

Posted by

0


Few lawmakers in Congress today cover as much ground in cybersecurity policy as Rep. Jim Langevin (D-R.I.).

From his perch as chairman of the House Armed Services Committee and a member of the House Homeland Security Committee, Langevin has visibility and input into many of the most critical offensive and defensive issues confronting the U.S. government in cyberspace today. He’s also co-founder of the Congressional Cybersecurity Caucus and a member of the U.S. Cyber Solarium Commission.

Source: Jim Langevin’s view from the Hill — FCW