workforce – Page 5 – WindowsTechs.com

Bob Kolasky, head of CISA’s National Risk Management Center, leaving agency

Posted on January 26, 2022 by Tim Starks

Bob Kolasky, head of the National Risk Management Center at CISA, announced Tuesday that he is leaving the agency. Kolasky’s work with the NRMC since its formation in 2018 has put him in the middle of the federal effort to help critical infrastructure companies assess their cyber risk. He’s also been active in a lot of other agency business. He co-chairs the Information and Communications Technology Supply Chain Risk Management Task Force, leads CISA’s work on secure 5G network development, chairs the High-Level Risk Forum for the international Organisation for Economic Co-operation and Development and serves on the executive Committee for the Election Infrastructure Government Coordinating Council. Kolasky hasn’t announced his plans after leaving the center, nor has CISA named a successor. During his 15 years of government service, CISA Director Jen Easterly said, “Bob worked tirelessly to expand collaboration across state, local, tribal, and territorial governments and the private […]

The post Bob Kolasky, head of CISA’s National Risk Management Center, leaving agency appeared first on CyberScoop.

Continue reading Bob Kolasky, head of CISA’s National Risk Management Center, leaving agency→

DHS establishes its own bug bounty program, offering outsiders $500 to $5K for discovering flaws

Posted on December 14, 2021 by Tim Starks

The Homeland Security Department is launching a bug bounty program to invite researchers to probe its systems for flaws, DHS Secretary Alejandro Mayorkas said Tuesday. Under the “Hack DHS” initiative Mayorkas discussed at the Bloomberg Technology Summit, ethical hackers would receive between $500 and $5,000 for identifying vulnerabilities, depending on their severity. The department would verify flaws within 48 hours and fix them within 15 days, or for complex bugs, develop a plan to do so during that period. “We’re focused not only on protecting and enhancing the cybersecurity of the private sector and of the federal government at large but, of course, we as a department have to lead by example and so what we are very focused on is identifying vulnerabilities and addressing or remediating those vulnerabilities,” Mayorkas said. DHS is later to the bug bounty trend than some other federal agencies, with the Defense Department initiating its […]

The post DHS establishes its own bug bounty program, offering outsiders $500 to $5K for discovering flaws appeared first on CyberScoop.

Continue reading DHS establishes its own bug bounty program, offering outsiders $500 to $5K for discovering flaws→

Biden signs infrastructure bill that provides nearly $2 billion for cybersecurity

Posted on November 15, 2021 by Tim Starks

Presdent Joe Biden signed a $1 trillion infrastructure bill into law on Monday that includes nearly $2 billion for cybersecurity and related provisions. The biggest piece of digital security funding is a Federal Emergency Management Agency cyber grant program, administered in consultation with the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, that would distribute $1 billion over four years to state and local governments. An additional $21 million would go toward the Office of the National Cyber Director, which has been unable to make key hires since being established earlier this year due to funding shortages. In all, the legislation — known as the Infrastructure Investment and Jobs Act — is “the largest investment in the resilience of physical and natural systems in American history,” the White House boasted, one that “makes our communities safer and our infrastructure more resilient to the impacts of climate change and cyber-attacks.” […]

The post Biden signs infrastructure bill that provides nearly $2 billion for cybersecurity appeared first on CyberScoop.

Continue reading Biden signs infrastructure bill that provides nearly $2 billion for cybersecurity→

White House preps order to clarify top cyber roles in federal government

Posted on November 3, 2021 by Tim Starks

The Biden administration is working on an executive order that spells out the responsibilities of myriad top cybersecurity officials in the federal government, National Cyber Director Chris Inglis said Wednesday. Specifically, the idea would be to solidify the position of his office, only established by law in January, Inglis told the House Homeland Security Committee. “The statute has gone a long way, and the policies that we have described, have gone a a further distance in describing the what the roles and responsibilities are of the various layers in this space,” Inglis told the panel. “We are in discussion within the White House about when and how to effect an executive order that would bring additional clarity to these roles and responsibilities.” It would be the second major cybersecurity executive order of the administration, following on May’s sweeping directive for federal agencies and contractors to improve their digital defenses. The […]

The post White House preps order to clarify top cyber roles in federal government appeared first on CyberScoop.

Continue reading White House preps order to clarify top cyber roles in federal government→

CISA starts identifying targets most necessary to protect from hacking

Posted on October 29, 2021 by Tim Starks

The Cybersecurity and Infrastructure Security Agency has begun working to map out the U.S. critical infrastructure that, if hacked, could result in serious consequences for national security and economic interests, CISA Director Jen Easterly said Friday. Labeling such infrastructure is the subject of a proposal of the Cyberspace Solarium Commission, a congressional committee, which recommended identifying “systemically important critical infrastructure,” or SICI. Lawmakers have introduced SICI legislation in recent months, but Easterly said her Department of Homeland Security agency is proceeding ahead with or without a bill. “Notwithstanding whether this ends up in legislation or not, and I certainly hope it does, we are already thinking through the model,” she said at an event hosted by the Center for Strategic and International Studies. “We’re in a state now where a critical infrastructure is much more vulnerable than it should be. And frankly, that’s what I worry about most every day.” […]

The post CISA starts identifying targets most necessary to protect from hacking appeared first on CyberScoop.

Continue reading CISA starts identifying targets most necessary to protect from hacking→

National Cyber Director Chris Inglis, new cyber kid on the federal block, begins to stake a claim

Posted on October 28, 2021 by Tim Starks

National Cyber Director Chris Inglis is fleshing out what, exactly, his new office plans to do with itself. With a “strategic intent statement,” a personnel move, a pair of interviews and a newspaper op-ed, Inglis and his office on Thursday provided their most concrete objectives to date for a White House post that sprung into existence in January, and that Inglis won confirmation for in June. He joined a crowded field of feds focused on cyber, from other offices within the White House to departments and agencies like the FBI, the Department of Homeland Security’s Cybersecurity and Infrastructure Agency and the National Security Agency. Inglis said Thursday that it’s a natural, when looking at the disparate organizations in the federal government with cybersecurity responsibilities, to wonder who’s in charge. But he said there were “more appropriate” questions. “How do we bring coherence, how do drive public-private collaboration, how do we have […]

The post National Cyber Director Chris Inglis, new cyber kid on the federal block, begins to stake a claim appeared first on CyberScoop.

Continue reading National Cyber Director Chris Inglis, new cyber kid on the federal block, begins to stake a claim→

Federal CISO Chris DeRusha appointed deputy national cyber director, will serve both roles

Posted on October 28, 2021 by Tim Starks

Federal Chief Information Security Officer Chris DeRusha, who has played an integral part in responding to the SolarWinds hack, is getting a second gig as deputy national cyber director for federal cybersecurity. National Cyber Director Chris Inglis hailed DeRusha’s appointment on Twitter Thursday. “Personally announcing Federal CISO Chris DeRusha as the new Deputy National Cyber Director for Federal Cybersecurity,” Inglis tweeted. “We are excited to see how Chris’s dual designation as Federal CISO at @OMBPress will improve federal coherence in the cyber domain.” DeRusha steps into his additional role at a time when questions persist on Capitol Hill about the breakdown of cyber roles within the federal bureaucracy. The national cyber director’s office is the newest addition to that bureaucracy, established only this year. The office is coming into being as the Department of Homeland Security’s Cybersecurity Infrastructure and Security Agency is increasingly focused on incident response and information sharing in […]

The post Federal CISO Chris DeRusha appointed deputy national cyber director, will serve both roles appeared first on CyberScoop.

Continue reading Federal CISO Chris DeRusha appointed deputy national cyber director, will serve both roles→

CISA selects Kim Wyman, GOP official who criticized false election fraud claims, as election security leader

Posted on October 26, 2021 by Tim Starks

The Cybersecurity and Infrastructure Security Agency named a Republican secretary of state who has challenged GOP attempts to overturn the 2020 presidential race as its top election security official on Tuesday. Kim Wyman, Washington’s secretary of state since 2013, will take the job of senior election security lead at CISA, the Department of Homeland Security’s primary cybersecurity arm. “Her decades of experience, unparalleled expertise, and unimpeachable integrity have earned her bipartisan respect at every level of government,” said CISA Director Jen Easterly. “Free and fair elections are a cornerstone of our democracy; Kim and I share a common view that ensuring the security of our elections must be a non-partisan effort.” CNN first reported that the White House was expected to name Wyman on Monday. CISA hopes her state experience will bolster relationships with election administrators across the U.S., although Republicans who have pushed for ballot reviews in states such […]

The post CISA selects Kim Wyman, GOP official who criticized false election fraud claims, as election security leader appeared first on CyberScoop.

Continue reading CISA selects Kim Wyman, GOP official who criticized false election fraud claims, as election security leader→

Seven years later, DHS set to roll out dramatic changes to system for hiring cyber pros

Posted on October 20, 2021 by Tim Starks

Soon, a cybersecurity professional at the Department of Homeland Security could make as much money as the vice president of the United States, $255,800 — or more, up to $332,100, if they’re in a geographic market where that salary makes the offer competitive. It’s just one feature of a dramatic overhaul of how DHS hires cyber personnel rolling out on Nov. 15 after seven years in the making. The Cyber Talent Management System dispenses with traditional federal job classifications in place since 1949, changes how applicants prove themselves, ties pay increases to something other than longevity of service and much more. At a time when private sector organizations and government agenies struggle to recruit and retain cyber personnel, DHS officials and outside observers alike are hopeful the system will deliver results. It’s a priority not just for DHS Secretary Alejandro Mayorkas but for the chief of the Cybersecurity and Infrastructure […]

The post Seven years later, DHS set to roll out dramatic changes to system for hiring cyber pros appeared first on CyberScoop.

Continue reading Seven years later, DHS set to roll out dramatic changes to system for hiring cyber pros→

Burnout adds to cyber talent crisis, forcing bosses to get creative with hiring

Posted on October 19, 2021 by Jeff Stone

Outdated hiring practices in the cybersecurity sector aren’t as easy to ignore as they once were. While organizations have sought to fill security-related roles — there are nearly 900,000 open positions in the U.S. alone, by one 2020 count — existing professionals have spent nearly two years adjusting to widespread remote work, fending off hackers while balancing family responsibilities amid a pandemic that killed more than 700,000 Americans. Meanwhile, attackers have tightened their focus on critical infrastructure in the U.S., extorting hospitals and schools at a rate that leads to feelings of exhaustion more often than hope. The situation is forcing organizations to re-examine their recruiting strategies in a way that aims to expand the talent pool and support existing employees, according to Mari Galloway, CEO and founding board member of Women’s Society of CyberJutsu, a nonprofit dedicated to building awareness about career opportunities “I have burnout moments probably every […]

The post Burnout adds to cyber talent crisis, forcing bosses to get creative with hiring appeared first on CyberScoop.

Continue reading Burnout adds to cyber talent crisis, forcing bosses to get creative with hiring→