Collaborate Disseminate
The Biden administration sees Chinese investments in Latin America as a potential precursor to cyber operations.
The post Mayorkas warns Latin American leaders of Beijing’s technology influence appeared first on CyberScoop.
Continue reading Mayorkas warns Latin American leaders of Beijing’s technology influence
DHS Secretary Alejandro Mayorkas said in a speech that the convergence of international and national threats is unprecedented.
The post DHS secretary says US faces ‘a new kind of warfare’ appeared first on CyberScoop.
Continue reading DHS secretary says US faces ‘a new kind of warfare’
Former DHS Secretary Michael Chertoff and former Deputy Attorney General Jamie Gorelick will lead a review of DHS’s disinformation work and help Secretary Mayorkas determine how to continue.
The post DHS halts Disinformation Governance Board amid strong backlash appeared first on CyberScoop.
Continue reading DHS halts Disinformation Governance Board amid strong backlash
The Homeland Security Department is launching a bug bounty program to invite researchers to probe its systems for flaws, DHS Secretary Alejandro Mayorkas said Tuesday. Under the “Hack DHS” initiative Mayorkas discussed at the Bloomberg Technology Summit, ethical hackers would receive between $500 and $5,000 for identifying vulnerabilities, depending on their severity. The department would verify flaws within 48 hours and fix them within 15 days, or for complex bugs, develop a plan to do so during that period. “We’re focused not only on protecting and enhancing the cybersecurity of the private sector and of the federal government at large but, of course, we as a department have to lead by example and so what we are very focused on is identifying vulnerabilities and addressing or remediating those vulnerabilities,” Mayorkas said. DHS is later to the bug bounty trend than some other federal agencies, with the Defense Department initiating its […]
The post DHS establishes its own bug bounty program, offering outsiders $500 to $5K for discovering flaws appeared first on CyberScoop.
Soon, a cybersecurity professional at the Department of Homeland Security could make as much money as the vice president of the United States, $255,800 — or more, up to $332,100, if they’re in a geographic market where that salary makes the offer competitive. It’s just one feature of a dramatic overhaul of how DHS hires cyber personnel rolling out on Nov. 15 after seven years in the making. The Cyber Talent Management System dispenses with traditional federal job classifications in place since 1949, changes how applicants prove themselves, ties pay increases to something other than longevity of service and much more. At a time when private sector organizations and government agenies struggle to recruit and retain cyber personnel, DHS officials and outside observers alike are hopeful the system will deliver results. It’s a priority not just for DHS Secretary Alejandro Mayorkas but for the chief of the Cybersecurity and Infrastructure […]
The post Seven years later, DHS set to roll out dramatic changes to system for hiring cyber pros appeared first on CyberScoop.
U.S. officials unveiled a suite of cybersecurity initiatives Wednesday, from cracking down on illicit cryptocurrency usages to increasing transparency about data breaches, as part of an ongoing White House effort to slow rampant cybercrime. The Justice Department signaled it will increase its focus on illicit use of virtual money, which is frequently used in ransomware attacks, and move to punish federal contractors that hide security incidents. In a separate plan, the Transportation Security Administration this year will require top air and rail transportation companies to report cyberattacks to the government, name an internal cyber chief capable of corresponding about cyber incidents and develop a plan for recovering from attacks. Deputy Attorney General Lisa Monaco unveiled two initiatives: a national cryptocurrency enforcement team and a civil cyber fraud initiative. Ransomware and cryptocurrency are “inexorably linked” because of the anonymity that cryptocurrency payments help afford, Monaco said at the Aspen Cyber Summit. […]
The post US to increase scrutiny on cryptocurrency, federal contractors in effort to slow hacking appeared first on CyberScoop.
U.S. cybersecurity officials are seeking to put their stamp on cyber incident reporting legislation, wading into debates on Capitol Hill about questions like how swiftly companies must report attacks to federal agencies — and what happens if they don’t. The head of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency testified at a Senate hearing Thursday in favor of requiring critical infrastructure owners and operators, federal contractors and agencies to report attacks to CISA within 24 hours of detection. There are three leading proposals in Congress, each with a different timeframe for reporting attacks. The leaders of the Senate Intelligence Committee favor a 24-hour deadline. A draft bill from leaders of the Senate Homeland Security and Governmental Affairs Committee would set the range at between 72 hours and seven days, as determined by CISA. And a draft from leading members of the House Homeland Security Committee proposes leaving […]
The post Biden administration officials push Congress to shape breach reporting mandates appeared first on CyberScoop.
Continue reading Biden administration officials push Congress to shape breach reporting mandates
President Joe Biden will huddle Wednesday with industry leaders to issue a “call to action” on cybersecurity and make “concrete announcements” to counter the fundamental causes of cyberattacks, according to a senior administration official. It’s a star-studded afternoon gathering scheduled to include the likes of Apple CEO Tim Cook and JPMorgan Chase CEO Jamie Dimon from the financial, technology, energy, insurance and education sectors, then feature discussions led by top administration officials. The White House has been working to secure commitments from industry in advance of the meeting, mostly in the areas of “technology and talent,” the official said in a background call with reporters on Tuesday. Two points of emphasis, the official said, are building technology that is secure from the outset, and better defending critical infrastructure after the ransomware attack on Colonial Pipeline led to a fuel scare. “We need to bake in security by design into tech,” […]
The post Apple, JPMorgan Chase bosses among industry heads set to gather at White House for cyber ‘call to action’ appeared first on CyberScoop.
Department of Homeland Security Secretary Alejandro Mayorkas encouraged attendees at the Black Hat cybersecurity conference to collaborate with the agency on defining the future of cybersecurity policy. “We need your creativity, your ideas, your boldness, and your willingness to push limits. We need you to help us navigate a path that has not yet been mapped,” Mayorkas said. “What’s at stake here is nothing less than the future of the internet, the future of our economic and national security, and the future of our country.” Mayorkas announced the impending launch of the Cyber Talent Management System, which will redefine hiring requirements for cybersecurity roles in the federal government and adjust pay rates to better fit the current workforce. He urged attendees to “lead the charge on the inside,” by joining the Cybersecurity and Infrastructure Security Agency and DHS. “This initiative…will give us more flexibility to hire the very best cyber […]
The post DHS boss Mayorkas encourages hackers to join government during Black Hat speech appeared first on CyberScoop.
Continue reading DHS boss Mayorkas encourages hackers to join government during Black Hat speech
The Transportation Security Administration on Tuesday handed down additional cybersecurity requirements for owners of major pipelines, this time focused on ransomware. It’s the second time the Department of Homeland Security’s TSA has issued a security directive to critical pipeline owners since ransomware attackers struck Colonial Pipeline in May, an incident that spurred panic-buying amid fears of a gas shortage. The specific requirements of the directive were not immediately clear. “This Security Directive requires owners and operators of TSA-designated critical pipelines to implement specific mitigation measures to protect against ransomware attacks and other known threats to information technology and operational technology systems, develop and implement a cybersecurity contingency and recovery plan, and conduct a cybersecurity architecture design review,” a DHS statement reads. The same month of the Colonial Pipeline attack, TSA threatened to fine certain pipeline owners — an estimated 100 companies — if they failed to meet cybersecurity guidelines. TSA […]
The post TSA pushes more cybersecurity mandates on critical pipeline owners, emphasizing ransomware appeared first on CyberScoop.