Information Security

Home Information Security Page 2

DHS CISA, DOE Cyber leaders on using automation for threat detection

“Cyber leaders at the Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Energy (DOE) believe automation can make dramatic improvements to threat detection and vulnerability management processes at federal agencies, but the cybersecurity workforce shortage still challenges federal agencies’ overall cyber health. According to CISA Tech and Cyber Strategy Lead Daniel Bardenstein, detection is one of several areas […] The post DHS CISA, DOE Cyber leaders on using automation for threat detection appeared first on G2Xchange FedCiv.

Federal News Network: Homeland Security’s bug bounty pilot went so well, the agency is...

“DHS is ready to expand its cyber bug bounty program after a successful pilot. The Department of Homeland Security is planning eight new bug bounty programs next year and is seeking to set up a new contract to handle that effort. DHS released a request for information asking for industry feedback on its approach to this indefinite delivery, indefinite quantity […] The post Federal News Network: Homeland Security’s bug bounty pilot went so well, the agency is looking to expand upon it appeared first on G2Xchange FedCiv.

Federal News Network: Homeland Security’s bug bounty pilot went so well, the agency is...

“DHS is ready to expand its cyber bug bounty program after a successful pilot. The Department of Homeland Security is planning eight new bug bounty programs next year and is seeking to set up a new contract to handle that effort. DHS released a request for information asking for industry feedback on its approach to this indefinite delivery, indefinite quantity […] The post Federal News Network: Homeland Security’s bug bounty pilot went so well, the agency is looking to expand upon it appeared first on G2Xchange FedCiv.

VA RFQ: Vendor Credentialing Services

Notice ID: 36C25022Q0555 “Requirements:  The Louis Stokes Cleveland Department of Veterans Affairs Medical Center (10701 East Blvd Cleveland, Ohio 44106) is requesting vendor credentialing monitoring services to ensure credentialing compliance and accountability of the clinical vendors coming into the facility and to manage all foot traffic – visitors, employees, and vendors – with a single […] The post VA RFQ: Vendor Credentialing Services appeared first on FedHealthIT, a service of MileMarker10.

Listen: DOL Deputy CISO Karl Hellmann on making Zero Trust work

“At CyberScoop’s Zero Trust Summit, Department of Labor Deputy Chief Information Security Officer Karl Hellmann explains how his agency is making zero trust work…” Listen to the podcast here. Source: New acquisition leader at the Pentagon; TSP technology update; Making ZT work at DOL – April 27, 2022. FedScoop Radio. The post Listen: DOL Deputy CISO Karl Hellmann on making Zero Trust work appeared first on G2Xchange FedCiv.

Listen: DOL Deputy CISO Karl Hellmann on making Zero Trust work

“At CyberScoop’s Zero Trust Summit, Department of Labor Deputy Chief Information Security Officer Karl Hellmann explains how his agency is making zero trust work…” Listen to the podcast here. Source: New acquisition leader at the Pentagon; TSP technology update; Making ZT work at DOL – April 27, 2022. FedScoop Radio. The post Listen: DOL Deputy CISO Karl Hellmann on making Zero Trust work appeared first on G2Xchange FedCiv.

DOC NIST official says Revised cybersecurity supply-chain guidance Imminent

“The National Institute of Standards and Technology is about to publish guidance for securing enterprises against supply chain hacks following the SolarWinds event and other major third-party attacks targeting critical infrastructure. ‘The flagship cybersecurity supply chain risk management guidance is [Special Publication 800-161],’ NIST’s Angela Smith said. ‘We’re going to actually be releasing the first major revision—revision one—by the end […] The post DOC NIST official says Revised cybersecurity supply-chain guidance Imminent appeared first on G2Xchange FedCiv.

DOC NIST official says Revised cybersecurity supply-chain guidance Imminent

“The National Institute of Standards and Technology is about to publish guidance for securing enterprises against supply chain hacks following the SolarWinds event and other major third-party attacks targeting critical infrastructure. ‘The flagship cybersecurity supply chain risk management guidance is [Special Publication 800-161],’ NIST’s Angela Smith said. ‘We’re going to actually be releasing the first major revision—revision one—by the end […] The post DOC NIST official says Revised cybersecurity supply-chain guidance Imminent appeared first on G2Xchange FedCiv.

MeriTalk: Information Sharing a Key Component to Securing Software Supply Chain

“Historically, Federal agencies have been instructed to be secretive on cyber matters, but a key step in fortifying the software supply chain is clear and constant information sharing, according to Jeanette McMillian, the assistant director for Supply Chain and Cyber at the National Counterintelligence and Security Center. McMillan emphasized that constant information sharing is important not just amongst Federal agencies […] The post MeriTalk: Information Sharing a Key Component to Securing Software Supply Chain appeared first on G2Xchange FedCiv.

FedScoop: Industry still faces ‘a lot of ambiguity’ around CMMC implementation

“Federal contractors still face a lot of unknowns about how the Pentagon’s controversial Cybersecurity Maturity Model Certification program will be implemented, the head of a leading trade association told lawmakers Tuesday…” “After receiving major pushback from contractors about the burdens and cost of implementation and conducting an internal review, the Department of Defense in November announced that it was revamping […] The post FedScoop: Industry still faces ‘a lot of ambiguity’ around CMMC implementation appeared first on G2Xchange FedCiv.

EDITOR PICKS