Cybersecurity News in Review

Robert DuPree
September 13, 2021 • 4 min read

This week’s cybersecurity news in review includes coverage of the Biden Administration’s new cybersecurity guidance on zero trust and cloud, private sector concerns about the SEC’s Solar Winds probe, new cyberattacks on healthcare organizations, and a report on the rise of credential-based hacking. There are also articles on industry concerns about the Pentagon’s CMMC cybersecurity certification initiative, an eye-opening public blast from the departing Air Force software chief, a new strategy by the military services to address cyber software issues, an update on a  new Space Force cyber certification process, and efforts by the House Armed Services Committee to address concerns about DoD cybersecurity through the annual defense policy bill.

 

Biden Administration issues new guidance on zero trust, cloud

FCW reports on three new draft guidance documents from OMB and CISA designed to help the Biden Administration’s push to adopt zero trust and cloud security.  OMB’s

federal zero trust strategy and CISA’s zero trust maturity model and cloud security technical reference architecture seek to provide federal agencies with the way forward to sustain a multi-year push towards zero trust. Read more…

Agency tech officials say deadlines would help them better follow new zero trust strategy

FedScoop cites several federal technology officials as saying additional deadlines are needed to help prioritize agencies actions to follow OMB’s new draft federal zero trust strategy.  Read more…

Corporate execs concerned about exposure from SEC’s Solar Winds investigation

According to Reuters, the Securities and Exchange Commission is looking deeper into the SolarWinds hack and a number of private sector executives are concerned that the information the SEC digs up could increase their liability.  Read more…

New healthcare cyber attacks reinforce concerns about sector securty

Some recent cyberattacks against health providers in Arizona and California comes after a study reported that midsize healthcare organizations, which are already facing challenges due to the pandemic, are seeing higher costs after cyberattacks compared with larger organizations, Dark Reading reports. Read more…

Credential hijacking is new attack vector for hackers

Nextgov cites an annual report from cybersecurity company CrowdStrike that finds attackers are not relying as much on malware, but rather using stolen credentials and built-in tools to avoid detection by antivirus products.  Read more…

Trade groups warn DoD about silence regarding CMMC status

FCW says some major technology trade organizations are voicing their concern over the lack of communication and transparency from the Pentagon regarding its Cybersecurity Maturity Model Certification (CMMC) program. Read more…

USAF software boss vents on his way out

Federal News Network says the Air Force’s chief software officer has resigned after three years on the job, voicing publicly via social media his frustrations and disappointment regarding funding, staffing and prioritizing basic IT issues DoD-wide, among other things.  Read more…

Military services using cyber software teams to address vulnerabilities

C4ISRNet reports that, within DoD, each of the individual service’s cyber components has organized teams of coders, engineers and tool developers to “build rapid prototypes and new solutions, extend existing platforms, conduct vulnerability research and malware analysis, and test and evaluate software.” Read more…

Space Force working to finalize cybersecurity certification process for certain commercial communications systems

According to Breaking Defense, the U.S. Space Force is looking to complete its work to establish a new cybersecurity certification process for commercial communications megaconstellations in Low Earth Orbit. Read more…

House panel wants boost in cyber funding

FedScoop discusses how  the House Armed Services Committee has added $4.2 billion in “cyber and innovation” funding to its version of the FY 2022 National Defense Authorization Act. Read more…

Armed Services Committee approves cyber, tech proposals

Breaking Defense reports on the House Armed Services Committee’s adoption of a large block of amendments addressing cybersecurity, 5G, artificial intelligence, and other technology matters.  Read more…

Robert DuPree
Manager of Government Affairs
Robert DuPree is the manager of government affairs at Telos Corporation. Follow him on Twitter: @RFDuPree
Read full bio
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments

Subscribe to Our Newsletter

Although we may use your information for targeted marketing and advertising, as described in the Privacy Policy, we will never sell your information to any third party.