Home  /  Empower and Protect  /  Cybersecurity News in Review

Cybersecurity News in Review

By Robert DuPree •  December 6, 2019
cyber security news

This week’s cybersecurity news in review includes several articles on some new Department of Homeland Security initiatives to require agencies to establish software vulnerability disclosure policies and grow its cyber workforce, a DHS briefing for senators on the threats posed by ransomware, updated cybersecurity guidance from the NSA for the cloud, and suggestions for how defense contractors can prepare now for the Pentagon’s CMMC cyber certification requirements. There is also coverage of the Air Force’s request for private sector help in developing new cyber and signals technologies, reported difficulties by small contractors in meeting DoD network cyber standards, and FBI warnings that the U.S. automotive industry has been the victim of cyber attacks in the past year.

DHS pushes for agencies to adopt vulnerability disclosure policies, procedures

Dark Reading reports that DHS’ Cybersecurity and Infrastructure Security Agency (CISA), concerned that most federal agencies do not have disclosure policies regarding software vulnerability, has issued a draft binding operational directive to require each civilian agency to establish such a policy as well as a strategy and procedure to facilitate and handle security weaknesses reported by outside experts.  Read more…

DHS establishing new cyber personnel management system to manage, attract cyber pros

The Department of Homeland Security is working to operationalize a new cybersecurity personnel management system. Fifth Domain says DHS’ Cybersecurity Talent Management System will change the way it manages and competes for cyber talent.  Read more…

Senate cyber caucus briefed by DHS on ransomware threats

Fifth Domain says the Senate’s cybersecurity caucus received a classified briefing from DHS officials Dec. 4 on the growing ransomware threats to businesses and state and local governments, and how Congress can help those entities mitigate these threats. Read more…

New cloud security guidance coming from NSA

The Wall Street Journal quotes a senior official with the National Security Agency’s Cybersecurity Directorate as confirming the agency will be issuing updated cybersecurity guidance for businesses and other organizations in the cloud. Read more…

How to prepare now for DoD’s vendor cyber certification program

Nextgov outlines a number of steps businesses can take today to be ready for January, when DoD’s new Cybersecurity Maturity Model Certification (CMMC) guidelines are expected to take effect. Read more…

Air Force seeks technologies for advanced cyber, signals intelligence

C4ISRNet reports that the Air Force Research Lab wants help from the private sector in developing advanced cyber and signals intelligence technologies. Read more…

DoD official sees network security standards as a bigger problem for smaller contractors

Nextgov quotes Kevin Fahey, assistant secretary of defense for acquisition, as saying while larger companies generally do well in meeting stricter DoD network security requirements, smaller defense contractors are having more difficulty, including in such areas as meeting standards for multi-factor authentication and FIPS-validated encryption. Read more…

FBI warns auto industry it has been the victim of cyber attacks, sensitive data exposed

Security Today cites a CNN as reporting on warnings by the FBI that hackers have successfully attacked the systems of several U.S. automotive manufacturers in the past year. The bureau advised the industry regarding how cyber attackers had targeted vulnerabilities in their systems to obtain financial and personal data. Read more…

Robert DuPree

Robert DuPree

Robert DuPree is the manager of government affairs at Telos Corporation. Follow him on Twitter: @RFDuPree See full bio...

The Empower and Protect Blog brings you cybersecurity and information technology insights from top industry experts at Telos.

Leave a Reply

Your email address will not be published.

twelve − 10 =