The Contracting Education Academy

Contracting Academy Logo
You are here: Home / Archives for cyber

By

Agencies faced 31,000 cyber incidents last year, but gave up no major breaches

The total number of incidents the government experienced last year dropped 12% from 2017, according to the Office of Management and Budget.

Federal agencies didn’t experience a single “major” cybersecurity incident in 2018, marking the first time in three years the government avoided such a severe digital incursion, according to a recent White House report.

Not one of the more than 31,000 cybersecurity incidents that agencies faced last year reached the “major incident” threshold, which is defined as an event that affects more than 100,000 individuals or otherwise causes “demonstrable harm” to the U.S, according to the Office of Management and Budget. The government fell victim to five major incidents in 2017 and 16 in 2016.

Overall, the total number of cyber events the government experienced dropped 12% from 2017, OMB officials told Congress in their annual report on the Federal Information Security Management Act.

While OMB called this downward trend “encouraging,” they warned that agencies shouldn’t let down their guard. Phishing and other email-based attacks remain a popular strategy for online bad actors, and the government is still struggling to attribute and label the thousands of attacks every year, officials said.

Keep reading this article at: https://www.nextgov.com/cybersecurity/2019/08/agencies-faced-31000-cyber-incidents-last-year-gave-no-major-breaches/159290/

By

DHS building a contract to manage all its cybersecurity operations centers

The single contract will likely have multiple awardees, each capable of managing the entirety of operations at each of the department’s 17 security centers.

The Homeland Security Department is building a contract vehicle of vendors able to manage its 17 unclassified security operations centers—the cybersecurity hubs for the government’s central cybersecurity agency.

The agency issued a request for information Aug. 7th outlining its tentative acquisition strategy and asking for feedback from industry on capabilities and approach to spinning up additional resources in times of crisis, such as during a large-scale cyberattack.

“The Department of Homeland Security has a complex and demanding mission,” the notice on FedBizOpps reads. “To assist in meeting that mission, DHS needs robust and effective information systems. It also needs to protect those systems from cyber threats posed by nation-states and criminal enterprises.”

Keep reading this article at: https://www.nextgov.com/cybersecurity/2019/08/dhs-building-contract-manage-all-its-cybersecurity-operations-centers/159032/

By

Another initiative to enhance cyber workforce launched

A White House order on strengthening cybersecurity nationwide in general includes a provision to create a rotational program to boost those skills in the federal workforce, the latest of many such initiatives.

The order instructs OPM and OMB to establish within three months a “rotational assignment program, which will serve as a mechanism for knowledge transfer and a development program for cybersecurity practitioners,” with provisions for training and mentoring.

Also, within six months OPM and other agencies are to “identify a list of cybersecurity aptitude assessments for agencies to use in identifying current employees with the potential to acquire cybersecurity skills for placement in reskilling programs to perform cybersecurity work.” Agencies are to incorporate those assessments into their personnel development programs.

The Senate recently passed a bill to create a similar rotational program and efforts have been under way for years to better define which federal positions involve cybersecurity skills and where there are shortages. The government meanwhile has increased its use of shortcut hiring procedures and incentive pay and has started a program of retraining employees to take on such roles.

Keep reading article at: https://www.fedweek.com/fedweek/another-initiative-to-enhance-cyber-workforce-launched/

By

Why the Navy is giving agencies, industry a much-needed wake-up call on supply chain risks

On page 6 of the Navy’s recent report about its cyber readiness, there is a jaw-dropping confession: “The systems the U.S. relies upon to mobilize, deploy and sustain forces have been extensively targeted by potential adversaries, and compromised to such extent that their reliability is questionable.”

Bill Evanina, director of the National Counterintelligence and Security Center in the Office of the Director of National Intelligence, wants that single sentence in the 80-page report to sink in for a second.

“The Navy’s report on their resilience and reliability is that watershed moment not only for the Department of Defense but for all agencies in the federal government, and I would even proffer in the private sector, to have an honest, internal look at their systems, their data, their capabilities and their protection mechanisms and where they have vulnerabilities and how the threats are manifested in their organizations,” Evanina said after speaking at the Intelligence and National Security Alliance (INSA) event on supply chain management in Arlington, Virginia, on April 1. “I think all agencies should take a hard look and say, ‘What can we do that is similar to this to look at our own processes and protection models?’”

The Navy report serves as a call to arms around the challenges every agency faces from systems under attack to attempts to steal information from its industrial base.

“The DON’s dependency upon the defense industrial base (DIB) presents another large and lucrative source of exploitation for those looking to diminish U.S. military advantage. Key DIB companies, primes, and their suppliers, have been breached and their IP stolen and exploited,” the report states. “These critical supply chains have been compromised in ways and to an extent yet to be fully understood.”

Keep reading article at: https://federalnewsnetwork.com/acquisition/2019/04/navy-giving-agencies-industry-much-needed-wake-up-call-on-supply-chain-risks/

By

Air Force Academy’s CyberWorx wants partners to help with outreach, tech transfer

The Air Force Academy’s cyber research and innovation arm is looking for a private-sector partner to help invigorate its outreach and technology transfer efforts.

The academy’s CyberWorx released a request for information Thursday seeking a partner that can boost the center’s efforts to engage industry—particularly small businesses—and academia in development of innovative cyber tools and improve the technology transfer process between the academy and private sector, in both directions.

CyberWorx was stood up in late 2016 to act as “a public-private design center focused on cyber capability that melds AF, academic and industry expertise with state of the art technology and innovative thinking to solve wicked operational problems,” according to the academy.

Keep reading this article at: https://www.nextgov.com/emerging-tech/2019/01/air-force-academys-cyberworx-wants-partners-help-outreach-tech-transfer/154257/

Contracting Academy Logo
75 Fifth Street, NW, Suite 300
Atlanta, GA 30308
info@ContractingAcademy.gatech.edu
Phone: 404-894-6109
Fax: 404-410-6885

RSS Twitter