Category Archives: Jeanette Manfra

Why DHS is telling all feds to implement DMARC email security

Posted on by

An email security program that the Department of Homeland Security has made mandatory for U.S. agencies will stop hackers, online scammers and spies from impersonating federal email addresses — and boy, is it ever needed. It comes as new figures suggest that more than 1 in 4 emails from .gov addresses might be malicious criminal spam. Domain-based Message Authentication, Reporting and Conformance (DMARC) is the industry standard measure to prevent the spoofing of emails — when hackers make their messages appear as if they come from trusted correspondents, explained DHS Assistant Secretary for Cybersecurity and Communications Jeanette Manfra. “It’s a reasonable action that agencies can take; it’s in line with industry best practices; and it has broad, scalable impact across the whole [online] ecosystem,” Manfra told CyberScoop in an interview, outlining her rationale. “It was one of the first things we started work on” after she was appointed acting assistant secretary earlier this year. Agari, a company […]

The post Why DHS is telling all feds to implement DMARC email security appeared first on Cyberscoop.

Continue reading Why DHS is telling all feds to implement DMARC email security

DHS orders feds to adopt DMARC email security

Posted on by

The Department of Homeland Security is using new powers to order federal agencies to adopt a form of email security that guards against spam and phishing. A DHS Binding Operational Directive announced Monday in New York City by Assistant Secretary for Cybersecurity and Communications Jeanette Manfra gives federal agencies 90 days to implement Domain-based Message Authentication, Reporting and  Conformance (DMARC) for their email systems. “It’s a real sign that DHS and the federal government are stepping up and leading by example,” said Phil Reitinger, CEO of the Global Cyber Alliance — a non-profit that advocates for internet security. DMARC is the industry standard measure to prevent hackers from spoofing emails — making their messages appear as if they’re sent by someone else. Spoofing is the basis of phishing, a hacking technique used in both crime and espionage, in which an email appearing to a come from a trusted friend or company provides an infected attachment or directs readers to a website where login and […]

The post DHS orders feds to adopt DMARC email security appeared first on Cyberscoop.

Continue reading DHS orders feds to adopt DMARC email security

DHS cybersecurity mission facing real challenges

Posted on by

As the Department of Homeland Security’s cybersecurity responsibilities continue to expand, the agency is beginning to show signs that it may not have the resources to keep up. Although the department has made significant progress on programs designed to defend federal networks from malware, many key cyber leadership positions remain unfilled, the hiring process for new cyber talent is dangerously slow and the enterprise cybersecurity strategy that was due in March is now six months late with no estimate of when it will be complete. “I understand the Trump administration did not fill leadership positions relevant to the DHS cybersecurity strategy with any real sense of urgency, and ongoing vacancies may be contributing to the delays. But the strategy is six months overdue and that is not acceptable,” said Rep. Cedric Richmond, D-La., during a House Homeland Security Subcommittee hearing Tuesday. The hearing continued a drumbeat of Congressional criticism during […]

The post DHS cybersecurity mission facing real challenges appeared first on Cyberscoop.

Continue reading DHS cybersecurity mission facing real challenges