Cyber – Home

A PubKGroup Product

About

PubKCyber is the go-to source for the most critical regulatory, policy, and oversight developments related to federal cybersecurity. Our coverage includes federal cyber regulations and policy, local and state activity, international law and agreements, federal regulatory body activity, congressional and agency oversight, and industry standards, as well as legal actions and court decisions related to cybersecurity, privacy, and fallout from security breaches.

Job Board

Ability to subscribe and post job announcements and advertisements online

PubKCyber Newsletter

A daily email summarizing the day’s top cyber developments relevant to contractors

PubK Event Board

A weekly community calendar emailed to your inbox

Coming in 2017:

A bimonthly update collecting critical developments, with added insight and context, and links to important resources

Sample Articles

When the U.S. Government Declares Companies Cyber-Insecure, We Should All Pay Attention

The federal government is increasingly taking the initiative to alert companies to the cybersecurity risks of certain foreign corporations, by issuing binding directives on agencies, passing laws, and promulgating regulations that include prohibitions on the use of these companies’ products, even by independent government contractors.

For example, the 2019 National Defense Authorization Act imposes new restrictions on procurements for certain telecommunications equipment or services from certain Chinese companies, including Huawei, ZTE, Hytera, Hikvision, and Dahua Technology.

Sheppard Mullin attorneys recommend that lawyers and cybersecurity professionals pay attention to the government’s various statements and prohibitions about foreign companies and their risks to cybersecurity, and that government contractors should study the NDAA’s provisions.

Further, they advise that a new executive order on this subject is expected soon.

Read the full post at Sheppard Mullen

Plan to Dumb-Down the Power Grid In Name of Cybersecurity Passed Senate

Before the Senate adjourned in December, it passed a bill to secure the nation’s electric power grid from cyberattacks, starting with a pilot program adding analog stopgaps and redundancies, in what the bill’s authors called a “retro” approach to robustness.

The Securing Energy Infrastructure Act was introduced by Senators Angus King (I-ME) and Jim Risch (R-ID), inspired by a 2015 Russian cyberattack which took down much of Ukraine’s energy grid, but didn’t prevent operators from restoring service fairly quickly using human-powered backup measures.

The bill would give the Secretary of Energy $10 million and 180 days to get a pilot program running, in cooperation with the energy industry. It included another $1.5 million for a 10-member working group to assess that partnership’s recommendations, that would include representatives from the departments of Energy, Homeland Security, and Defense, the Office of the Director of National Intelligence, and the North American Electric Reliability Corporation.

More at Route Fifty

HHS Releases Voluntary Cybersecurity Practices for Health Industry

The Department of Health and Human Services has released “Health Industry Cybersecurity Practices: Managing Threats and Protecting Patients,” a publication containing voluntary cybersecurity practices for healthcare organizations of all sizes. The guidance is the result of a two-year public-private partnership between HHS and more than 150 cybersecurity and healthcare experts.

The document presents both highly technical solutions and common sense practices applicable to a wide range of healthcare facilities. The core of the document explores the five most relevant threats to the healthcare industry, and recommends 10 cybersecurity practices to mitigate them. It also emphasizes the importance of moving quickly to address these threats.

More at NextGov

Democratic Senators Introduce Data Security Legislation

Before the end of the 115th Congress, 15 Democratic senators, led by Senator Brian Schatz (D-HI) introduced the Data Care Act, which would require those offering websites and apps, and other online providers, to take steps to safeguard personal information and stop the misuse of users’ data.

The bill would require prompt notification of individuals affected by data breaches; prohibit the use of individual identifying data in ways that harm users; and ensure that data protection duties extend to third parties. It would grant the FTC rule-making authority.

Meanwhile, the nonprofit digital rights group Center for Democracy & Technology has drafted a model for a broad national privacy bill, which proposes to set limits on the use, collection and sharing of personal information and also aims to provide individual rights to access, correct, delete and port data.

More at Healthcare Info Security

Agencies Faced More Than 35,000 Cyber Incidents in 2017, Watchdog Says

The Government Accountability Office reports that federal agencies reported more than 35,000 cyber incidents to the Homeland Security in 2017, up from nearly 31,000 in 2016, but substantially less than the 77,000+ reported in 2015.

Roughly one in five incidents last year involved violations of agencies’ online use policies, while email and phishing attacks made up another 21 percent. Web-based attacks and misplaced equipment accounted for about 23 percent of incidents. Nearly one-third of attacks didn’t fall neatly within any major category.

Only 6 of the 23 CFO Act agencies have put in place effective information security strategies, and inspectors general at 17 agencies found security shortcomings in their organization’s financial reporting process

Similarly, only 6 agencies reported meeting all nine of the White House’s cross-agency priority goals for cybersecurity, and the OMB found only 13 agencies were managing their overall cyber risk.

More at NextGov

Want to Read more?

Get a free account today.

Get Started

Publish With Us

You can publish with Pub K by sending us information on your blog or entering a post directly with us.

Publish With Us

Post An Event

Submit an event to our community events calendar (Free for Government Employees with an active membership!)

Post An Event

Contact

We'd love to hear from you.

Contact Information

700 6th St. NW Ste. 430
Washington, DC 20001

1-844-PUBKLAW (1-844-782-5529)

Member Support:
[email protected]

Technical Support:
[email protected]

Enterprise Sales:
Liz daRosa
[email protected]