Home  /  Empower and Protect  /  Cybersecurity News in Review

Cybersecurity News in Review

By Robert DuPree •  July 27, 2020
cyber security news

This week’s cybersecurity news in review contains reports on how DHS is using its CDM program to protect vaccine research and other data during the COVID-19 response effort, whether the annual FITARA scorecard can lead to better cybersecurity, a major omission in CISA’s cyber risk strategy for industrial control systems, the VA’s request for private sector help in finding new cyber technology, audit concerns regarding the Interior Department’s IT operations and network security in this era of teleworking, and cyber provisions in the House bill to fund DHS next year. 

There is also coverage of a report that the GSA has replicated the Pentagon’s CMMC cyber requirements for contractors in its new STARS III contract, an update on the Air Force’s cyber reorganization and its selection of a Tennessee Air National Guard base to lead expansion of its cyber defense training efforts, how DISA and the NSA are teaming up to provide zero trust guidance to the defense community, an NSA public advisory providing VPN security guidance, and inclusion in the House and Senate NDAA bills of various Cyber Solarium Commission recommendations.

Finally, there are articles on the rise in medical community cyber attacks during the COVID-19 pandemic, and on increased public cloud security breaches this year even before the pandemic.

CDM cyber program working to secure agencies’ COVID-19 response, vaccine research

The head of the Homeland Security  Department’s Continuous Diagnostics and Mitigation (CDM) cybersecurity program says it is working to improve network visibility and data protection at agencies central to the coronavirus response, including vaccine research, FedScoop reports. Read more…

Does the FITARA scorecard show the way to boost agency IT modernization and cybersecurity efforts?

Looking at the FY 2019 agency cybersecurity scores required under the Federal Information Technology Acquisition Reform Act (FITARA), Federal News Network points out that while many agencies are still spending money to maintain older legacy IT systems, other agencies which have modernized their systems before the COVID-19 pandemic hit have benefitted from the newer technology.  But what can more can all agencies do to protect their systems? Read more…

CISA’s ICS cyber risk strategy fails to provide liability assurances to private sector

Nextgov warns that a new strategy from DHS’ Cybersecurity and Infrastructure Security Agency’s for protecting industrial control systems from cyberattacks relies on private sector risk information sharing with the government but without providing the liability protection demanded by firms. Read more…

VA wants help finding new technology to secure networks

FedScoop says the Department of Veterans’ Affairs has posted a request for information, looking for a managed service provider that can help find and track emerging technology critical to network defenses. Read more…

Interior Dept. IG finds telework security issues

Nextgov says an inspector general audit of the Interior Department’s teleworking efforts during the COVID-19 pandemic found three IT areas of concern that should be addressed for both the current situation and going forward. Read more… 

House bill would boost CISA funding, establish public-private center for cyber defense

FCW says the House version of the FY 2021 DHS appropriations bill would provide a significant funding increase for theCybersecurity and Infrastructure Security Agency (CISA), and would funding to help set up a new public-private Joint Cyber Center for National Cyber Defense. Read more…

GSA includes CMMC contractor cyber certification requirements in STARS III contract

FedScoop reports that even before they have gone into effect for military contractors, the new Defense DepartmentCybersecurity Maturity Model Certification (CMMC) cybersecurity standards for contractors have been included by GSA in the huge STARS III IT contract recently posted by that agency. Read more…

Air Force reorganizes its cyber teams

C4ISRNet provides an update on how the Air Force has been realigning the cyber mission force teams it provides to U.S. Cyber Command in an effort to improve its information warfare operations. Read more…

Air force picks Tennessee ANG base to lead cyber defense training expansion

C4ISRNet reports that the Air Force is expanding training for its cyber defense teams, and has picked the Air National Guard’s training and education center at McGhee Tyson Air National Guard Base (TN) to be the site leading the effort. Read more…

DISA, NSA teaming on zero trust guidance

Defense Systems quotes the head of the Defense Information Systems Agency as saying DISA is teaming with the NSA to deliver this fall the defense community’s first zero-trust reference architecture guidance. Read more…

NSA working on VPN security guidance

According to Defense Systems, the NSA is expected to soon release a public advisory on virtual private network (VPN) security practices, including a summary for executives and a more detailed technical document for network administrators, to help organizations better address cybersecurity issues posed by teleworking during the COVID-19 pandemic. Read more…

House, Senate NDAA bills include cyber panel recommendations

FCW reports that both the House and Senate versions of the FY 2021 National Defense Authorization Act (NDAA) include a number of provisions to implement recommendations made earlier this year by the Cyberspace Solarium Commission. Read more…

Medical data hacking on the rise during pandemic

USA TODAY reports that the medical community is being subjected to even more hacking attempts as many of its employees have worked from home during the COVID-19 pandemic. Read more…

Study: Public cloud security incidents on the rise

According to Bekker’s Blog published by Redmondmag.com, a recently released private sector study on the state of cloud security found a troubling increase in public cloud security breaches this year, and that was happening even prior to the teleworking boom resulting beginning in March from the COVID-19 pandemic. Read more…

Robert DuPree

Robert DuPree

Robert DuPree is the manager of government affairs at Telos Corporation. Follow him on Twitter: @RFDuPree See full bio...

The Empower and Protect Blog brings you cybersecurity and information technology insights from top industry experts at Telos.

Leave a Reply

Your email address will not be published.

3 × three =