Federal Government – Page 7

Senators introduce bipartisan bill to improve Internet of Things cybersecurity

Posted on August 2, 2017 by Chris Bing

A new bill introduced in the Senate Tuesday by Sen. Mark Warner, D-Va., and Sen. Cory Gardner, R-Colo., would establish a new set of cybersecurity standards for companies that hope to sell so-called “Internet of Things” devices to federal agencies. Inconspicuously named the “Internet of Things Cybersecurity Improvement Act of 2017,” the legislation mandates that any IoT product sold to the government must be able to receive software patches in case of a discovered vulnerability. In addition, the bill calls for manufacturers to discontinue the practice of hard-coding passwords into the firmware of devices — a process which is already condemned by security experts. Typically, a hard-coded password is hidden from the user and is intended for the manufacturer’s use only. But hackers have taken advantage of hardcoded passwords to break into IoT devices and incorporate them into distributed denial of service attacks. Notably, the bill also encourages curious researchers to […]

The post Senators introduce bipartisan bill to improve Internet of Things cybersecurity appeared first on Cyberscoop.

Continue reading Senators introduce bipartisan bill to improve Internet of Things cybersecurity→

Cybercrime Without Borders: Bridging Gaps Between Public and Private Sectors to Ensure a Safer Future

Posted on July 28, 2017 by Eli Ben Meir

Cybercrime affects businesses and government agencies equally, so why shouldn’t the public and private sectors collaborate to secure their critical assets?

The post Cybercrime Without Borders: Bridging Gaps Between Public and Private Sectors to Ensure a Safer Future appeared first on Security Intelligence.

Continue reading Cybercrime Without Borders: Bridging Gaps Between Public and Private Sectors to Ensure a Safer Future→

Estonia to Build Off-Site Data Center in Luxembourg

Posted on July 26, 2017 by David Strom

Pending negotiations with Luxembourg, Estonia will become the first nation to build an off-site data center in another country.

The post Estonia to Build Off-Site Data Center in Luxembourg appeared first on Security Intelligence.

Continue reading Estonia to Build Off-Site Data Center in Luxembourg→

New tool can help prevent government-mandated backdoors in software, Swiss researchers say

Posted on July 25, 2017 by Chris Bing

A new framework from a lab in Switzerland could help prevent malware like Petya from spreading, but would also make it difficult — if not impossible — for governments to force software companies to deliver backdoored software updates in secret. The Petya ransomware, and its wiperware variant NotPetya, spread on the wings of a software update unwittingly issued by Ukrainian accounting software company M.E. Doc. An attacker, who many believe to be agents of the Russian government, owned M.E. Doc’s network and injected malicious code into a legitimate software update. This new proof-of-concept technology, dubbed “Chainiac” by the Decentralized/Distributed Systems (DEDIS) lab at the Swiss Federal Institute of Technology in Lausanne (EPFL), offers a decentralized framework that eliminates such single points of failure and enforces transparency, making it possible for security analysts to continuously review updates for potential vulnerabilities. “What Chainiac is trying to do,” Bryan Ford, leader of the group that […]

The post New tool can help prevent government-mandated backdoors in software, Swiss researchers say appeared first on Cyberscoop.

Continue reading New tool can help prevent government-mandated backdoors in software, Swiss researchers say→

Here are the cybersecurity amendments added to the House’s defense bill

Posted on July 13, 2017 by Chris Bing

Lawmakers attached several cybersecurity-focused amendments to the fiscal 2018 National Defense Authorization Act in a last-minute effort Wednesday to change how the federal government defends itself from cyberattacks and how the military conducts offensive cyber-operations. The House was still working on the bill as of Thursday afternoon. The provisions added Wednesday joined an already lengthy list of items related to government cybersecurity initiatives. Because the NDAA is a policy bill and not a spending bill, congressional rules leave it more open to amendments. It’s common for lawmakers to use it as a vehicle for a wide range of legislative priorities. Most of the amendments added Wednesday have a military component, though. A total of five cybersecurity amendments were added Wednesday to the House’s version of the bill, which still faces a conference committee with the Senate version. Reps. Mike Johnson, R-La., Dan Lipinski, D-Ill., Gregg Harper, R-Miss., Robert Brady, D-Pa., Jose Correa, […]

The post Here are the cybersecurity amendments added to the House’s defense bill appeared first on Cyberscoop.

Continue reading Here are the cybersecurity amendments added to the House’s defense bill→

Technology Treatment Plan: The Health Care Cybersecurity Imperative

Posted on June 14, 2017 by Douglas Bonderud

The U.S. Department of Health and Human Services established guidelines to improve the state of health care cybersecurity throughout the sector.

The post Technology Treatment Plan: The Health Care Cybersecurity Imperative appeared first on Security Intelligence.

Continue reading Technology Treatment Plan: The Health Care Cybersecurity Imperative→

Building Upon Trump’s Executive Order on Cybersecurity

Posted on June 9, 2017 by Eli Ben Meir

President Trump’s executive order on cybersecurity sent a powerful message about the real-world implications of information security.

The post Building Upon Trump’s Executive Order on Cybersecurity appeared first on Security Intelligence.

Continue reading Building Upon Trump’s Executive Order on Cybersecurity→

Canada’s Bold New Carbon Pricing Plan Isn’t Enough to Meet Emissions Goals

Posted on May 18, 2017 by Jordan Pearson

But it’s a start. Continue reading Canada’s Bold New Carbon Pricing Plan Isn’t Enough to Meet Emissions Goals→

100-Day Government IT Roundup: Immigration, Innovation and Information Security in Trump’s America

Posted on May 12, 2017 by Douglas Bonderud

The state of government IT was a central issue during last year’s election and continues to drive decision-making within Trump’s administration.

The post 100-Day Government IT Roundup: Immigration, Innovation and Information Security in Trump’s America appeared first on Security Intelligence.

Continue reading 100-Day Government IT Roundup: Immigration, Innovation and Information Security in Trump’s America→

Cybersecurity Regulations Get Demanding

Posted on February 24, 2017 by Scott Koegler

CISOs must closely monitor their companies’ business transactions to maintain compliance with the growing number of international security regulations.

The post Cybersecurity Regulations Get Demanding appeared first on Security Intelligence.

Continue reading Cybersecurity Regulations Get Demanding→