Cybersecurity News in Review

Robert DuPree
January 15, 2021 • 3 min read

This week’s cybersecurity news in review includes articles on the latest developments in and possible lessons from the SolarWinds breach, how the attack on the U.S. Capitol highlights the critical link between physical and IT security, DoD’s decision to pause a key cybersecurity initiative, and the growing shift within the Defense Department and services toward the zero trust approach to cybersecurity.

CISA says SolarWinds is not the only avenue used to hack agencies

Defense Systems cites DHS’ Cybersecurity and Infrastructure Security Agency (CISA) as concluding hackers have been successfully breaching federal agency networks by exploiting other vulnerabilities in addition to those associated with the SolarWinds Orion breach, which will make it that much more difficult for agency IT professionals to contain the damage.  Read more…

Key intel official says SolarWinds points to the need for zero trust software supply chain

Nextgov quotes William Evanina, director of the National Counterintelligence and Security Center, as warning that the vulnerability of critical infrastructure due to the SolarWinds hack will keep growing, highlighting the need for “a supply chain risk mitigation program that really is around zero trust.” He also cautioned that software security will be crucial with the advent of 5G networks. Read more…

Capitol attacks shows need for integrating physical, IT security

Dark Reading reports that the Jan. 6 siege of the U.S. Capitol building, which resulted in technology being accessed and even stolen by rioters, points out just how intertwined physical security and IT security are. It also shows how organizations should give equal priority to addressing both physical and IT security in an integrated manner. Read more…

DoD’s JRSS cyber project put on hold due to testing concerns

Bloomberg says poor test results have led the Pentagon to stop deployment on its classified networks of the $2 billion Joint Regional Security Stack (JRSS) cybersecurity project. JRSS is supposed to consolidate hundreds of U.S.-based and global systems in an effort to detect intrusions and prevent attacks.  Read more…

DISA to push zero trust across DoD

According to FedScoop, the Defense Department is embracing zero trust cybersecurity as a guiding principle, and not just for sensitive material, so DISA is looking to publish a guide for all DoD agencies to use to move to a zero-trust operating model. Read more…

Continued remote workforce leads Air Force to embrace zero trust

FedScoop reports the United States Air Force, in recognition that much of its workforce will be teleworking well beyond the end of the COVID-19 pandemic if not permanently, is pushing some “mission-critical” applications to a zero-trust environment in an effort to improve their cybersecurity. Read more…

Robert DuPree
Manager of Government Affairs
Robert DuPree is the manager of government affairs at Telos Corporation. Follow him on Twitter: @RFDuPree
Read full bio
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments

Subscribe to Our Newsletter

Although we may use your information for targeted marketing and advertising, as described in the Privacy Policy, we will never sell your information to any third party.