OPM Sets Timeline for Federal Cybersecurity Workforce Assessment Act Implementation

From: ExecutiveGov

The Office of Personnel Management has established a time frame for the implementation of federal law that requires agencies to identify personnel information technology and cyber-related functions across the government.

Mark Reinhold, associate director of employee services at OPM, said in a memo dated Aug. 1 that agencies must determine the percentage of IT and cyber personnel who hold industry-recognized certifications as well as develop a strategy to  mitigate staff training gaps by December.

Read Complete Article


DHS considers adding election system as critical cyber infrastructure

From: | 1500 AM

By Nicole Ogrysko

The Homeland Security Department is actively considering whether it should add the nation’s election system — or the individual systems that 9,000 local and state jurisdictions use to collect, tally and report votes — as an entity that needs DHS protection from cybersecurity attacks.

“We should carefully consider whether our election system, our election process, is critical infrastructure, like the financial sector, like the power grid,” DHS Secretary Jeh Johnson said during an Aug. 3 breakfast with reporters hosted by the Christian Science Monitor. “There is a vital national interest in our election process, so I do think we need to consider whether it should be considered by my department and others as critical infrastructure.”


What Are the Risks of Hacking Infrastructure? Nobody Really Knows

From: Motherboard

Robert M. Lee is the CEO and Founder of Dragos and a SANS Certified Instructor and course author. He gained his start in security as an Air Force Cyber Warfare Operations Officer identifying nation-state cyber attacks on critical infrastructure while serving in the Intelligence Community. He may be found on Twitter @RobertMLee.

The systems we rely on most for some of the nation’s most sensitive infrastructure, such as the power grid, manufacturing, oil and gas facilities, and water utilities, face cybersecurity threats we do not fully understand. This leads to a gap in reporting that can be filled by “experts” with questionable experience and hyped-up metrics.

» Newer posts