• IG: computer systems connected to DHS network are not secure

    DHS IG reports that DHS has failed to validate the security of computer systems that connect to the primary network, introducing vulnerabilities and putting sensitive information at risk; specifically, the IG detected vulnerabilities in systems connecting to the main department network from Customs and Border Control (CBP); Immigration and Customs Enforcement (ICE); and the Science and Technology Directorate (S&T), including missing security patches, weak passwords, and a lack of access controls that prevent unauthorized users from opening sensitive applications

  • Aussies revamp cyberdefense strategy

    The Australian federal government has decided to stop supporting AusCERT in favor of a new computer emergency response team more focused on providing an early warning system for utilities, banks, and other critical infrastructure firms

  • Obama's 29 May 2009 cybersecurity speech: a year on

    On 29 May 2009 president Obama said “America’s economic prosperity in the 21st century will depend on cybersecurity”; since then the United States has moved systematically toward enhancing cybersecurity through the following initiatives, but much remains to be done

  • Commander of U.S. Cyber Command calls for cyber rules of engagement

    Commander of the newly created U.S. Cyber Command says there need to be two sets of rules of cyber engagement — one to cover peacetime situations and another for war; General Keith Alexander said the issue is complicated by the possibility that an adversary may use a neutral country’s computers to launch the attack

  • 21st Century Technologies acquires D.C.-area cyber-security firm

    21st Century Technology (21CT), a developer of advanced intelligence analytics software to combat terrorist threats and cyber threats, acquires a specialist in defenses against network intrusions

  • Lookingglass named finalist for Best Cyber Security Company

    Lookingglass Cyber Solutions’s ScoutVision allows corporations to monitor networks and infrastructure they are not in control of, but rely upon for day-to-day operations; the company is finalist in Maryland Incubator of the Year Awards program

  • Agency wants data on enterprise cyber forensics system products

    TSA solicits information about commercially available computer security forensics technologies it could use for information technology security; TSA is interested in products that would give the agency the ability to scan, capture, identify, report, and resolve IT forensics matters

  • DHS considers merging infrastructure protection, cybersecurity units

    The connectedness between the U.S. critical infrastructure assets and the Internet steadily increases, so the missions of DHS’s infrastructure protection and cybersecurity units become more intertwined as well; the department considers merging the two units

  • Melissa Hathaway highlights nine important cyber bills

    Congress is getting more and more involved in cyber issues; Melissa Hathaway, former White House cybersecurity official, examines the pending legislation and highlights nine bills — out of the 40-odd bills at various stages in the legislative process — which she considers to be the most important ones to watch

  • U.S. Cyber Command launched

    The United States launches a new military command — the U.S. Cyber Command — and Army General Keith Alexander receives a fourth star and will serve as CyberCom’s first commander; the mission of CyberCom is to synchronize the Defense Department’s various networks and cyberspace operations to better defend them against the onslaught of cyberattacks

  • TSA awards CSC a $489 million IT infrastructure contract

    TSA awards CSC an IT infrastructure protection contract worth approximately $489 million for a five year life cycle; the contract is for the deployment, maintenance, and enhancement of TSA’s IT infrastructure capabilities

  • Federal agencies outline government's cybersecurity goals

    Government representatives outlined to the attendees at the IEEE Symposium on Security and Privacy the current U.S. cybersecurity research and development goals — and needs; the representatives outlined the need for a better understanding of the economics of security in order to gain a clearer picture of what types of investments would help defenders, and they asked for solutions that might again shift the advantage away from attackers

  • Cyber bill would create strong cyber director post, tighten cyber monitoring of agencies

    New bill being debated in the House Of Representatives would create a cyberspace director position that requires confirmation from the Senate and create a national cyberspace office; the legislation would also provide the new cyber coordinator position with budgetary authority, which is presently lacking

  • The boom (or is it a bubble?) in federal cybersecurity

    The Obama administration and Congress are allocating more funds to cybersecurity; much of that new spending, estimated at $6 to $7 billion annually just in unclassified work, is focused on the Washington region, as the federal government consolidates many of its cybersecurity-focused agencies in the area; some VCs warn of a cybersecurity bubble

  • Cybersecurity summit pays little attention to control system's security

    Despite threats of infrastructure attacks, scant attention was paid to control systems during a global security conference; the problem is safeguarding infrastructure’s control systems against attackers is that such protection requires a different approach to securing PCs or networks; Windows-based security products will not help; says one expert: “All the devices that sense things — temperature, pressure, flow, and things like that — are not Windows, those are proprietary, real-time or embedded, and there’s no security there”