Cyber Security

A continuing webinar series from WPI:

Summer Cyber Reboot @ 11:00 – 12:00 – click below to register

The Cybersecurity and Infrastructure Agency is releasing a new tool to counter supply chain cyber threats. CISA’s new guidance, in partnership with NIST, is meant to counter the threat of supply chain cyber threats like the SolarWinds breach. [April 2021]

GovCon Expert Chuck Brooks: Top Cybersecurity Trends Impacting GovCon Industry – GovCon Wire Read More [April 2021]

CMMC board preps for staff changes [March 2021]

Cybersecurity Agency Takes Over Management of .Gov Domain – The official domain for .gov websites shifted from the government’s landlord to the government’s central cybersecurity shop. Management of the internet domain reserved for government agencies and services—the .gov domain—has officially shifted from the government’s landlord to its cybersecurity agency.

Last year, Congress enacted the DOTGOV Act as part of the fiscal 2021 appropriations bill, which put a stronger focus on securing .gov websites by, among other things, moving management of the domain under the purview of the Homeland Security Department’s Cybersecurity and Infrastructure Security Agency, or CISA. That move became official Monday.[March 2021]

DLA Intelligence publishes new controlled unclassified information policy — FORT BELVOIR, Va., Feb. 23, 2021 — Say goodbye to For Official Use Only. A Defense Logistics Agency policy published Jan. 28 by DLA Intelligence provides new guidance on labeling unclassified information that’s sensitive but doesn’t require classification. [March 2021]

WEAPON SYSTEMS CYBERSECURITY – Guidance Would Help DOD Programs Better Communicate Requirements to Contractors – GAO-21-179: Published: Mar 4, 2021. Publicly Released: Mar 4, 2021.

The Department of Defense has struggled to ensure its weapons systems can withstand cyberattacks. Since we last reported, DOD has taken some positive steps toward that goal, like conducting more cyber testing. But we found that DOD programs aren’t always incorporating cybersecurity requirements into contract language. And contractors are only responsible for meeting the terms written in a contract. Some contracts we reviewed had no cybersecurity requirements when they were awarded, with vague requirements added later. We recommended that DOD issue guidance on incorporating weapon systems cybersecurity requirements into contract language. [March 2021]