24 May 2019

US Officials Say Foreign Election Hacking Is Inevitable

The US intelligence officials on Wednesday warned that election hacking by foreign threat actors as an inevitability that needs to be accepted, while the real focus of the government’s defensive efforts should be on making systems resilient enough to rule out catastrophic consequences. While addressing a House Oversight and Reform

Read More
21 May 2019

Political Parties Still Have Cybersecurity Hygiene Problems

Even though the Democratic National Committee (DNC) has bolstered its cyber security since Russian state-backed hackers infiltrated the organization in 2016, its security hygiene still doesn’t cover certain best practices, an investigation by SecurityScorecard found. The same is true for the Republican National Committee (RNC), while smaller US parties tend to

Read More
20 May 2019

More Orgs Use Booby Traps for Counterintelligence

Neustar recently released a new report showing that one out of five organizations use forensic investigations and other techniques in order to identify attackers. Other possible methods include the use of honeypots and collections of fake data to lure threat actors. If a threat actor falls for the trap and

Read More
16 May 2019

When all else fails, organizations realize they must share threat intel

A new IronNet survey shows that over 94% of organizations share certain intelligence (such as malicious IP’s and domains) as a form of collective defense and the same number of firms is open to share more intel with industry peers if this will boost their threat detection efforts, while 92%

Read More
08 May 2019

At nations’ request, U.S. Cyber Command probes foreign networks to hunt election security threats

Ever since US cyber security experts succeeded in thwarting Russian attempts at election meddling during the 2018 midterm elections by taking a Russian troll farm offline, the Department of Defense’s (DOD) Cyber Command has been probing networks in foreign countries in order to identify and shut down interference campaigns targeting

Read More
07 May 2019

Microsoft Debuts ElectionGuard to Secure Voting Processes

In order to help countries secure their democratic elections, Microsoft has released an open source software development kit (SDK) designed to secure existing modern voting systems by providing continued verification and validation of results by third parties, including voters and candidates. The SDK called ElectionGuard is part of Microsoft’s broader

Read More
06 May 2019

2020 Campaign Staffers Being Trained to Handle Cyber Threats

The US Department of Homeland Security (DHS) is reaching out to the campaigns of presidential candidates for 2020 in an attempt to help them protect themselves against interference campaigns by state-backed hackers and other threat actors. The DHS is offering to share threat intelligence with campaigns and test the security

Read More
06 May 2019

Government embracing digital transformation but struggling to implement data security

A new report by Thales looks at the data threats affecting federal agencies in the US. It shows that 60% of agencies have suffered a data breach in the past and over one-third (35%) experienced one in the past year. The research also found that almost all (98%) of agencies

Read More
03 May 2019

White House ramps up efforts to expand cyber workforce

The US government continues to pursue new ways to boost its cybersecurity workforce. Under an executive order signed by President Donald Trump on Thursday, government agencies will need to step up their efforts “to provide access to cybersecurity skills training, to identify the most-skilled cybersecurity workers and to advance career

Read More
02 May 2019

Only six TSA staffers are overseeing US oil&gas pipeline security

A recent security audit[pdf] of the Transportation Security Administration (TSA) by the US Government Accountability Office (GAO) has exposed serious shortcomings in the TSA’s efforts to protect the US pipeline system for oil and gas. The report shows that both the physical security and cybersecurity of this critical system, which

Read More