Tuesday, January 25, 2022

Subscribers Only

Free

FCC Proposes Greater Requirements for ISPs to Notify About Data Breaches

FCC chair Jessica Rosenworcel has floated a proposal to increase requirements for internet service providers to report their security breaches, to reflect the changing frequency and nature of these threats as well as new state reporting laws. The proposed rule would remove a current mandatory waiting period of seven business days for carriers to notify […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

GAO: Agencies’ Implementation of FISMA Requirements Was Inconsistent

As authorized by the Federal Information Security Modernization Act of 2014, GAO reviewed 23 federal civilian agencies, looking at their reports and other performance data to evaluate the effectiveness of their implementation of cybersecurity policies and practices, and the extent to which their officials consider FISMA effective at improving the security of their information systems. […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Commerce Dept. Pilots Informational Forums Between Acquisition and Vendors

The Department of Commerce has launched a pilot of the Government and Business Exchange, a program to improve the agency’s understanding of vendors’ cybersecurity and IT capabilities, and their understanding of its needs. GABE will consist of 30-minute sessions – held virtually for now – hosted by Commerce’s Enterprise Services–Acquisition office, in which they share […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

DoD Launches Dialog with Colleges about Strategic Cybersecurity

The Defense Department has launched the University Consortium for Cybersecurity (UC2), a hub to facilitate back-and-forth exchanges on strategic cybersecurity issues with colleges and historically Black universities and colleges, as well as larger research universities. UC2 stems from a section in the National Defense Authorization Act for fiscal 2020, which required DoD to develop consortia […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Cybersecurity Workforce Also Seeing “Great Resignation”

The so-called “great resignation,” in which record numbers of people are quitting their jobs – with experienced leaders retiring early and middle managers seeking less stressful remote work – is starting to affect cybersecurity. In addition to the pandemic-related stresses across industries, among cyber professionals there is also exhaustion from simultaneously growing cyber threats. The […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

CISA, FBI, and NSA Release Cybersecurity Advisory on Russian Cyber Threats to U.S. Critical...

CISA, the FBI, and the NSA have released a joint Cybersecurity Advisory that provides an overview of Russian state-sponsored cyber operations, including commonly observed...

Fastest 5 Minutes: CMMC, Bid Protests, NDAA

This week’s episode covers an update on the Cybersecurity Maturity Model Certification program, a GAO report on DHS’ controls to protect personally identifiable information, a Federal Circuit decision regarding prejudice in the bid protest context, and highlights from the National Defense Authorization Act for FY2022, and is hosted by Peter Eyre and Monica Sterling. Crowell […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

CISA Director Praises Federal Response to Log4j Vulnerability

Although the response to the Log4j vulnerability by the cybersecurity community has been “exceptional,” CISA director Jen Easterly warns that the attack vector could be a sleeping bear, biding its time to act. Easterly has highlighted the work of the agency’s Joint Cyber Defense Collaborative, an effort to develop cyber defense operations in partnership with […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

House Committee Presents Draft to Reform FISMA

The House Oversight and Reform Committee has released a “discussion draft” of a bill to reform the Federal Information Security Management Act of 2014, which largely aligns with a bill that passed the Senate Homeland Security and Governmental Affairs Committee last fall. At a hearing to review the draft, expert witnesses expressed the importance to […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Four New Cyber War Exclusions from Lloyd’s Market Association

The Lloyd’s Market Association recently released four model clauses to exclude coverage for “war” from cyber insurance policies. The exclusions align with the requirement that all insurance policies written at Lloyd’s must exclude losses caused by war. Given the insurance industry’s weakening appetite for cyber risks, the issue for insureds is the extent to which […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.