Friday, July 3, 2020

Subscribers Only

Free

Critical Infrastructure Protection: Actions Needed to Enhance DHS Oversight of Cybersecurity at High-Risk Chemical...

The Chemical Facility Anti-Terrorism Standards (CFATS) program within the Department of Homeland Security (DHS) evaluates high-risk chemical facilities’ cybersecurity efforts via inspections that include reviewing policies and procedures, interviewing relevant officials, and verifying facilities’ implementation of agreed-upon security measures. In a recent audit, GAO found that the CFATS program has guidance designed to help the […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Federal CIO Says New Cyber Shared Services to Help Agencies Make More Informed Choices

A year after the Office of Management and Budget launched its new approach to shared services, it has formally designated the Cybersecurity and Infrastructure Security Agency as a cybersecurity shared service center. As a Quality Service Management Office, CISA will provide three main cyber services to start: Security Operations Center standardization Vulnerability Management standardization Domain […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

DHS Cyber Agency Launches New Telework Security Products

The Cybersecurity and Infrastructure Security Agency has released cybersecurity guidance documents to advise critical infrastructure operators, businesses, and federal agencies on safe telework practices during the pandemic. Much of the guidance focuses on secure videoconferencing; for federal agencies, CISA urges the use of Zoom for Government, which is different from the commercial service. For infrastructure […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

CISA Launches Telework Best Practices Site

The Cybersecurity and Infrastructure Security Agency has launched a website dedicated to the needs of companies and individuals who have adopted teleworking. The products on the new webpage include: Cybersecurity Recommendations for Critical Infrastructure Using Video Conferencing Cybersecurity Recommendations for Federal Agencies Using Video Conferencing Guidance for Securing Video Conferencing National Security Agency and CISA […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

CISA Urges Federal Agencies to Use Approved DNS Service

The DHS Cybersecurity and Infrastructure Security Agency is reminding government agencies that as their workforces switch to home offices, they are still required to use the approved EINSTEIN 3 Accelerated (E3A) DNS resolution service. In addition to ensuring that address lookups for legitimate services are not hijacked by potentially compromised DNS services, the E3A DNS […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

CISA Tapped as Shared Services Provider for Cyber

OMB has formally designated DHS' Cybersecurity and Infrastructure Security Agency as the first shared services provider under its Quality Service Management Office program. CISA...

Watchdog Finds White House and DHS Lack Adequate Plans for Cybersecurity Workforce

The Government Accountability Office reports that the Department of Homeland Security and the White House’s Office of Management and Budget – agencies in charge of reforming the federal cybersecurity workforce – haven’t decided which of them is in charge of several tasks for reforming the federal cybersecurity workforce. DHS officials told GAO that it was […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

CISA’s Coming Supply Chain Guidance to Align with Pentagon’s Vendor Certification Program

A task force of DHS's Cybersecurity and Infrastructure Security Agency plans to release supply chain guidance that incorporates aspects of DOD’s Cybersecurity Maturity Model...

US CISA and UK NCSC Issue COVID-19 Cybersecurity Threat Update

A joint advisory published by the UK National Cyber Security Centre and US Department of  Homeland Security’s Cybersecurity and Infrastructure Security Agency shows that cyber criminals and advanced persistent threat groups are targeting individuals and organizations with a range of ransomware and malware. Examples include emails containing malware which appear to have come from the […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Critical Update: How CISA Defines ‘Trust’ in the Trusted Internet Connection Policy

Federal agencies focused on IT and security are working on a framework and set of use cases identifying the best security practices for federal employees connecting to the internet across a variety of circumstances, a policy known as Trusted Internet Connection 3. CISA has issued draft documents for the effort, and one notion has emerged […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.