Cybersecurity
Massive Hack Roundup: Attorney General Pins Intrusion on Russia
Here are the news and updates you may have missed.
Cybersecurity
Amid Massive Hack, Lawmakers Urge Trump to Sign Defense Bill with New Cybersecurity Legislation
As the government scrambles to understand the widening compromise, legislation to shore up the nation’s cyber defenses sits unsigned on the President’s desk.
Cybersecurity
House Committees Launch Investigation into Alleged Russian Hack of Federal Agencies
President-elect Joe Biden also promised to elevate cybersecurity “as an imperative” across government.
Cybersecurity
CISA: SolarWinds Is Not the Only Way Hackers Got Into Networks
The agency also warned that getting attackers out of networks will be complex—especially because they are monitoring IT and cybersecurity employees’ emails.
Cybersecurity
GAO Issues ‘Wake-Up Call’ Report on Agencies’ Lax Supply Chain Security Management
The bottom line is that none of the 23 agencies audited fully implemented foundational risk management practices.
Cybersecurity
Pentagon Preps for First CMMC Pilots in 2021
The Pentagon’s Cybersecurity Maturity Model Certification program will begin including security requirements in select solicitations starting next year.
Cybersecurity
What We Know About the SolarWinds Breach
The White House invoked Presidential Policy Directive-41 to coordinate a "whole of government" response.
Cybersecurity
CISA Orders Federal Agencies to Turn Off SolarWinds Products
A critical flaw in software used throughout government was reportedly used to breach a major security company and at least two federal agencies.
Cybersecurity
Reports: Suspected Russian Hackers Breach Commerce, Treasury Departments
U.S. officials are investigating what data may have been stolen and whether the hack is more widespread.
Cybersecurity
Presidential Advisers Make the Case for a New Cybersecurity Center for Sharing Threats
Current federal efforts to help mitigate threats against privately operated critical infrastructure fall short, according to a National Infrastructure Advisory Council report.
Cybersecurity
What DOD’s Cyber Certification Program Reveals About Info-Sharing Challenges
As the new regime takes effect, the tech industry’s lead trade association would rather higher level certifications be done by the department than independent third parties.
Digital Government
Tech Trade Group: IT Modernization Investment May Increase Under Biden
The group expects the Biden administration to expand IT modernization efforts, in part to respond to COVID-19.
Ideas
5 Ways to Improve Emergency Preparedness for Next Time
A permanent team that is focused solely on national preparation and ensuring that the relevant federal agencies are all on the same page should coordinate all five of these components.
Artificial Intelligence
Homeland Security’s Small Business Program Will Focus on Viruses, Security and Networks in 2021
The Small Business Innovation Research program identified 12 tentative topics as priorities for the coming year.
Cybersecurity
Tech Association Wants Biden Team to Focus on Public-Sector Supply Chain Security
A Biden administration might require even more of private-sector entities than President Trump has on the issue.
Emerging Tech
Pentagon Expanding 5G Efforts, DOD Official Says
The Pentagon will also be releasing guidance on securing the microelectronics supply chain, according to Defense Undersecretary for Acquisition and Sustainment Ellen Lord.
Cybersecurity
Government Reduces Representation Burdens for Supply Chain Rule Banning Some Chinese Equipment
Contractors continue to question inconsistent language and push for the need for more clarity around Section 889 Part B.
Cybersecurity
DOD Official Confident in Cybersecurity Certification Body’s Business Model
The volunteer group taking on the Pentagon’s new system of contractor audits has taken out lines of credit, the official said.
Cybersecurity
Industry Groups Spar Over NDAA Provisions on Sourcing of Electronics from China
Dueling letters to lawmakers support and oppose language requiring the department to phase out the procurement of some basic technology from adversarial nations.
Cybersecurity