Apr
23

Changes coming to clearance process in 30 to 60 days, says ODNI

From: FCW

By Derek B. Johnson

***

William Evanina, director of the National Counterintelligence and Security Center, told attendees at an April 18 event hosted by the Aspen Institute that ODNI hopes to have new guidance out in the next 30 to 60 days that refines the questions background investigators are required to ask about applicants and condenses the front end of the clearance process so that candidates can start work while newer technologies like continuous monitoring conduct more granular analysis.

***

Apr
18

DHS Might Provide Cyber Services Directly To Industry Under New Strategy

From: Nextgov

By Joseph Marks, Senior Correspondent

SAN FRANCISCO – A new cybersecurity strategy due out within days from the White House envisions the Homeland Security Department providing cybersecurity services directly to critical infrastructure providers, such as hospitals, airports and energy companies.

The system, which Homeland Security Secretary Kirstjen Nielsen described as “security as a service,” would be a major step forward for the department, which, historically, has helped critical infrastructure mostly by sharing cyber threat information and helping them respond after a breach has already occurred.

Read Complete Article

Apr
16

DHS seeks growth in cyber budget

From: FCW

By Mark Rockwell

***

DHS is seeking more than $644 million just for a mix of programs to support federal agency cybersecurity, including the Continuous Diagnostics and Mitigation program and the network shield system known as EINSTEIN.

Nielsen told the House Appropriations Homeland Security subcommittee Chairman Rep. John Carter (R-Texas) that she was looking “at maturing the department.” That includes continuing efforts to communicate across agencies and collaborate on issues such as cybersecurity.

Read Complete Article

Apr
12

DHS Is Falling Short on Securing Its Classified Intelligence Systems

From: Nextgov

The department isn’t effectively managing continuous monitoring, the auditor said.

By Joseph Marks, Senior Correspondent

The Homeland Security Department isn’t doing enough to secure classified information on its intelligence systems, according to a report summary out Wednesday from the department’s inspector general.

The tools that continuously monitor those systems for cyber threats aren’t interoperable with each other, the auditor found.

Read Complete Article

Apr
12

Insiders compromised FDIC data; GAO audit finds FDIC working to improve IT security

From: BiometricUpdate.com

Anthony Kimery

There have been a number of serious insider breaches at the Federal Deposit Insurance Corporation (FDIC), including a former “employee” who “copied “highly confidential components of three sensitive resolution plans onto an unencrypted USB storage device and took the information upon abruptly resigning,” according to an Office of Inspector General (OIG) report in the Government Accountability Office (GAO) auditor’s report on the results of GAO’s audits of the 2017 and 2016 financial statements for the two funds FDIC administers—the Deposit Insurance Fund (DIF) and the Federal Savings and Loan Insurance Corporation (FSLIC) Resolution Fund (FRF).

Apr
09

OMB wants feedback on new ICAM policies

From: FCW

By Troy K. Schneider

The Office of Management and Budget on April 6 released a draft of new guidance for governmentwide identity, credential and access management (ICAM) and is seeking public comment for the next 30 days.

“Agencies must be able to identify, credential, monitor, and manage user access … across their enterprise in order to ensure secure and efficient operations,” the draft memo states. “In particular, how agencies conduct identity proofing, establish digital identities, and adopt sound processes for authentication and access control will significantly impact the security of their digital services.”

Read Complete Article

Apr
03

TIC still tripping up agencies’ cloud modernization efforts

From: FCW

By Derek B. Johnson

***

As a potential workaround, DHS is exploring other ways to monitor connections from cloud-based systems. Sean Connelly, cybersecurity architect at DHS, indicated that in certain areas, cybersecurity programs like EINSTEIN and Continuous Diagnostics and Mitigation may be better suited for monitoring cloud-based traffic.

“How TIC evolves and where there is data that is going to be architected in the cloud, there’s expectations that the CDM program would be able to monitor that data…probably better than TIC can at this point,” said Connelly.

Read Complete Article

Mar
29

DHS Will Soon Launch CDM Service for Smaller Agencies

From: FedTech

The shared services platform will include a multitenant cybersecurity dashboard for real-time threat monitoring.

by Phil Goldstein

Smaller agencies will soon get on the same footing as their larger brethren when it comes to cybersecurity support. The Department of Homeland Security will soon receive approval to extend its Continuous Diagnostics and Mitigation program as a shared service to smaller, non-CFO Act agencies, according to a key DHS office.

Kevin Cox, program manager for CDM at DHS, said on March 27 that officials were awaiting authorization for the platform, FeddScoop reports.

Read Complete Article

Mar
28

Cyber Defense Tool Is an Early Warning System for Grid Attacks

From: IEEE Spectrum

A new tool will enable grid operators to better detect not only a brutal physical attack, but also a hacker probing for vulnerabilities

By David C Wagman

***

Against those background events, a team of researchers working at the U.S. Energy Department’s Lawrence Berkeley National Laboratory completed work earlier this year on a project to design and implement a tool they say can detect cyberattacks and physical assaults on power distribution networks.

Their tool, developed after three years of work, uses micro phasor measurement units (μPMUs) to collect information about the physical state of the power distribution grid. Combining that data with SCADA (supervisory control and data acquisition) information provides real-time insights into system performance and alerts grid operators to even a minor disruption.

Mar
23

Lawmakers eye CDM legislation

From: FCW

By Derek B. Johnson

Following a joint hearing of the House Homeland Security and Government Oversight committees on implementation of the Continuous Diagnostics and Mitigation program, Cybersecurity and Infrastructure Protection Subcommittee Chairman Rep. John Ratcliffe (R-Texas) expressed optimism that federal agencies could move past a series of implementation stumbles and indicated to reporters that a legislative solution might be in the offing.

Ratcliffe, along with Reps. Will Hurd (R-Texas) and Jim Langevin (D-R.I.), sent a letter to the House Appropriations Committee on March 15 requesting $237 million in funding to agencies and the Department of Homeland Security for implementation of CDM in fiscal year 2019. After the hearing concluded, Ratcliffe told reporters that despite numerous implementation delays within agencies, he still believes the program can be effective.

Older posts «