NPPD – WindowsTechs.com

DHS’s cybersecurity office is a presidential signature away from a new name

Posted on November 14, 2018 by Greg Otto

The House of Representatives unanimously passed a bill Tuesday that would codify the Department of Homeland Security’s National Protection and Programs Directorate into law and give it a more relevant name. The CISA Act, which passed the Senate in October and now heads to President Donald Trump’s desk to be signed into law, would now brand the office as the Cybersecurity and Infrastructure Security Agency. The National Protection and Programs Directorate (NPPD) is currently the point office responsible for securing federal networks and safeguarding critical infrastructure from cyberthreats. “[Tuesday’s] vote is a significant step to stand up a federal government cybersecurity agency,” said Secretary Kirstjen M. Nielsen. “The cyber threat landscape is constantly evolving, and we need to ensure we’re properly positioned to defend America’s infrastructure from threats digital and physical. It was time to reorganize and operationalize NPPD into the Cybersecurity and Infrastructure Security Agency.” Chris Krebs, currently the DHS […]

The post DHS’s cybersecurity office is a presidential signature away from a new name appeared first on Cyberscoop.

Continue reading DHS’s cybersecurity office is a presidential signature away from a new name→

DHS’s top cyber office is about to get a name that reflects its mission

Posted on October 4, 2018 by Zaid Shoorbajee

The point office on cybersecurity in the Department of Homeland Security is on track for a rebrand. The Senate on Wednesday passed the Cybersecurity and Infrastructure Security Agency Act, which would both codify the office into law and give it a more relevant name. Under the bill, DHS’s National Protection and Programs Directorate (NPPD) would become the Cybersecurity and Infrastructure Security Agency (CISA). DHS established the NPPD in 2007; the legislation is essentially Congress’ official seal of approval. The House is expected to hold a final vote soon, sending the bill to President Donald Trump. NPPD leads the U.S. government’s efforts to secure federal networks and critical infrastructure. The office has also been spearheading the federal government’s election security efforts since the threats that became apparent in 2016. The office coordinates with state and local election offices on information sharing and cybersecurity best practices. “It is ridiculous that DHS needs an act of […]

The post DHS’s top cyber office is about to get a name that reflects its mission appeared first on Cyberscoop.

Continue reading DHS’s top cyber office is about to get a name that reflects its mission→

Do we need a ‘cyber 911?’ A former FBI cyber agent thinks so.

Posted on August 22, 2018 by Zaid Shoorbajee

Most Americans probably know how to get in touch with the police in cases where they’re physically threatened or hurt. However, reacting to a cybersecurity emergency isn’t so easy for the average person, says Andre McGregor, a former FBI cyber special agent. In a keynote at FedTalks in Washington, D.C. on Tuesday, McGregor argued that while the government has gotten better over the years at thwarting hackers, things are fuzzy from a constituent perspective. McGregor was the FBI case agent when Iranian hackers were allegedly attempting to hack the Bowman Avenue Dam in New York in 2013. He said the incident was “pivotal” in that it saw coordination among the FBI, other agencies, private sector vendors and utilities to aid in the investigation. But Mcgregor argued that the same story can’t be told for most breaches and cyberattacks. “You’ve got to think that if someone broke into my house, someone […]

The post Do we need a ‘cyber 911?’ A former FBI cyber agent thinks so. appeared first on Cyberscoop.

Continue reading Do we need a ‘cyber 911?’ A former FBI cyber agent thinks so.→

DHS vulnerability scanning program offline after Virginia office loses power

Posted on August 1, 2018 by Greg Otto

Two cybersecurity programs the Department of Homeland Security offers both states and the private sector have been temporarily knocked offline due to a power outage, while other services have been shifted to backup locations, multiple sources tell CyberScoop. The National Cybersecurity and Communications Integration Center (NCCIC), the 24/7 hub for monitoring cyberthreats across the government and critical infrastructure, has shifted operations to a backup location in Florida. The move was made after the Arlington, Virginia, building that houses NCCIC lost power last week due to heavy rains. Additionally, two other programs under NCCIC’s National Cybersecurity Assessments and Technical Services (NCATS) — Cyber Hygiene vulnerability scans and Phishing Campaign Assessment — have been offline since July 26. The Cyber Hygiene program remotely detects known vulnerabilities on internet-facing services. The Phishing Campaign Assessment program is part of a remote penetration testing service. Both programs are used by hundreds of customers across the country. Thirty-four states have received vulnerability scans through the Cyber Hygiene program, according to a DHS presentation given at […]

The post DHS vulnerability scanning program offline after Virginia office loses power appeared first on Cyberscoop.

Continue reading DHS vulnerability scanning program offline after Virginia office loses power→

Lawmakers, tech vendors fight over election cybersecurity efforts

Posted on July 12, 2018 by Chris Bing

Amid ongoing reports of foreign digital meddling in domestic elections, U.S. lawmakers are butting heads with the nation’s largest voting technology companies. Lawmakers ratcheted up the pressure Wednesday, criticizing the companies’ perceived disconnect from federal agencies and shining a spotlight on a diverse and historically unregulated industry. In emails to CyberScoop, the companies pushed back against those statements, highlighting their new and apparently ongoing partnerships with the Department of Homeland Security (DHS). In December, DHS and the Election Assistance Commission (EAC) launched a non-binding, public-private working group with some of the top vendors involved, called the Sector Coordinating Council. The group is tasked with helping government and industry quietly collaborate on election security efforts. A spokesperson for Nebraska-based Elections Systems and Software (ES&S) said nothing is more important to the company “than ensuring elections are secure and accurate, and any conjectures to the contrary are simply false.” “We welcome conversations about our practices,” the spokesperson […]

The post Lawmakers, tech vendors fight over election cybersecurity efforts appeared first on Cyberscoop.

Continue reading Lawmakers, tech vendors fight over election cybersecurity efforts→

Senate panel advances Krebs nomination to lead NPPD

Posted on May 7, 2018 by Sean Lyngaas

A Senate committee has approved Christopher Krebs to be undersecretary for the Department of Homeland Security’s National Protection and Programs Directorate, a key role for the department as it tackles digital threats to infrastructure and readies a new cybersecurity strategy. Krebs’s nomination, which President Donald Trump made in February, now goes to the Senate floor for a vote. During an April 25 confirmation hearing, Krebs described the undersecretary position as the “pinnacle of national risk management in cyber and physical infrastructure.” He also vowed to prioritize the department’s work on election security ahead of crucial midterm elections this fall. A group of former senior national security officials wrote to the Senate Homeland Security and Governmental Affairs Committee leadership last month in support of Krebs’s nomination, lauding his leadership during DHS’s response to the WannaCry ransomware attacks and the Meltdown and Spectre computer-chip vulnerabilities. Members of the committee, who have praised […]

The post Senate panel advances Krebs nomination to lead NPPD appeared first on Cyberscoop.

Continue reading Senate panel advances Krebs nomination to lead NPPD→

DHS security unit makes another big hire from elsewhere in government

Posted on April 11, 2018 by Chris Bing

The federal agency charged with protecting U.S. infrastructure — including its computer networks — has hired Daniel Kroese, the chief of staff for Republican Rep. John Ratcliffe, as a senior adviser. The National Protection and Programs Directorate (NPPD), part of the Department of Homeland Security, brings on Kroese as the Trump administration and Congress are seeking to harden U.S. cybersecurity, including its elections systems. Kroese, who announced the hire in an email to colleagues, will arrive at NPPD with close contacts throughout Congress. The move follows NPPD’s addition of Matthew Masterson, the former chairman of the Election Assistance Commission (EAC), as another senior adviser. Masterson’s role is focused on election security. It’s not clear yet what Kroese will specialize in at NPPD. “After a remarkable 4+ years, today will be my last day working for Congressman John Ratcliffe,” Kroese said in an email to colleagues. “I will soon be starting as Senior Advisor […]

The post DHS security unit makes another big hire from elsewhere in government appeared first on Cyberscoop.

Continue reading DHS security unit makes another big hire from elsewhere in government→

DHS says unauthorized Stingrays could be in D.C. area

Posted on April 4, 2018 by Sean Lyngaas

The Department of Homeland Security has acknowledged the presence of what appear to be unauthorized mobile surveillance devices in the Washington, D.C. area and elsewhere in the United States that could be exploited by foreign spies to track and intercept phone calls. The devices, often referred to as Stingrays after a popular model made by Harris Corp., imitate a cell tower to capture caller location and other associated data. While they have been used by U.S. law enforcement for years, their use for foreign espionage in the U.S. has been a source of speculation. In a March 26 letter to Sen. Ron Wyden, D-Ore., obtained by CyberScoop and other news outlets, DHS’s National Protection and Programs Directorate said the department has observed “anomalous activity” in or near the nation’s capital that “appears to be consistent” with such surveillance devices, which are also called international mobile subscriber identity (IMSI) catchers. The NPPD has not validated or attributed […]

The post DHS says unauthorized Stingrays could be in D.C. area appeared first on Cyberscoop.

Continue reading DHS says unauthorized Stingrays could be in D.C. area→

Matthew Masterson joins NPPD as senior cybersecurity adviser

Posted on March 26, 2018 by Zaid Shoorbajee

Former Election Assistance Commission Chairman Matthew Masterson is joining the Department of Homeland Security’s office that coordinates the agency’s election cybersecurity programs. Christopher Krebs, acting Under Secretary of DHS’s National Protection and Programs Directorate, announced in a press release Monday that the Office of Cybersecurity and Communications is bringing Masterson on as a senior cybersecurity adviser. “There are few who have Matt’s experience working with all levels of government and the private sector to protect our nation’s election systems,” Krebs said. “Matt is one of the most equipped to advise on this non-partisan issue and will be an asset to the organization. In a time where technology is constantly evolving, it is more important than ever that DHS maintains productive and trusted relationships with our partners.” Masterson served as an EAC commissioner from December 2014 until last month. Masterson has also served in various roles in Ohio’s Secretary of State’s office, […]

The post Matthew Masterson joins NPPD as senior cybersecurity adviser appeared first on Cyberscoop.

Continue reading Matthew Masterson joins NPPD as senior cybersecurity adviser→

Senate panel gives go-ahead to bill that would hit reset on DHS

Posted on March 8, 2018 by Zaid Shoorbajee

Congress is moving forward with a plan to reauthorize the Department of Homeland Security for the first time since its 2002 creation and establish a permanent, dedicated cyber office within the agency. The Senate Committee on Homeland Security and Government Affairs approved the legislation Wednesday. The current bill is a version of what the House passed in July. If it passes in the full Senate, it would still need to see action in the House, even though that side of Congress already passed two attempts to reauthorize DHS last year. The Senate bill would reorganize DHS’s National Protection and Programs Directorate into a dedicated cyber agency, called the Cybersecurity and Infrastructure Security Agency. NPPD was established in 2007 by DHS and therefore isn’t officially deputized by Congress. The new office would be headed by an department undersecretary. “Passing the Department of Homeland Security Authorization Act is an important step to strengthen DHS and to establish a process […]

The post Senate panel gives go-ahead to bill that would hit reset on DHS appeared first on Cyberscoop.

Continue reading Senate panel gives go-ahead to bill that would hit reset on DHS→