The OMB has called for adopting multifactor authentication that includes verification of device-based security controls, continuous monitoring and authentication, and mandates a switch to phishing-resistant MFA by January 2023. govinfosecurity.com/blogs/phishing…

The HHS is saying that healthcare entities and their vendors should have thorough, documented and well-rehearsed incident response plans ready to execute. govinfosecurity.com/feds-urge-heal…

Federal agencies will soon be required to regularly scan their networks and digital assets for potential vulnerabilities and report their findings to CISA. The directive is an effort to gain more visibility into the risks facing federal networks. fcw.com/security/2022/…

A hacker breached the FBI cyber security forum, InfraGard, using a fake email address to pose as a chief executive of a U.S. financial institution, and is now selling details of InfraGard’s 80,000+ members. govinfosecurity.com/hacker-reporte…

The Biden administration is ramping up cyber security requirements for critical infrastructure and agencies are publishing new directives for public water systems, hospitals, public transportation and railroads in an effort to shore up national security. govinfosecurity.com/biden-administ…

A draft update to NIST digital identity guidelines includes standards for biometric proofing designed to ensure the tech’s effectiveness across demographic groups. fcw.com/digital-govern…

What’s the Air Force’s cyber status? A task force is currently mapping networks as a prelude to recommending changes in spending. The goal is to find and mitigate problems with critical systems ahead of a potential conflict. fcw.com/defense/2022/1…

In this video interview, Dan Wilkins, CISO for the State of Arizona, explains how to build a roadmap to improve maturity and how to overcome roadblocks. govinfosecurity.com/avoiding-roadb…

Phishing attacks aimed at government personnel are up 30% in 2021, with half the attacks seeking to steal credentials. The survey also reports that governments increased their reliance on unmanaged mobile devices at a rate of 55% from 2020 to 2021. securitymagazine.com/articles/98566…

A vendor working for a government contractor opened the gateway to a ransomware attack resulting in the Medicare administration having to issue 254,000 new identifiers and ID cards for affected beneficiaries. govinfosecurity.com/subcontractor-…

An expert panel discusses cloud cyber security concerns, with one expert saying, “The general misconception is that cloud systems are not as secure as traditional on-premise systems, but cloud systems are actually easier to keep up to date.” securityinformed.com/insights/indus…

They’re the everyday heroes whose work ensures that security and safety technologies are installed and supported so that people and property are protected. #securitytechnology #NationalSecurityTechnicianDay

Experts discuss the cyber security capabilities being built by the U.S. DoE and mistakes enterprises commonly make when building ransomware defenses. govinfosecurity.com/interviews/ran…

The U.S. government issues documents, stores sensitive PII and disperses payments across siloed environments that have inconsistent access requirements, which makes it a prime target for criminals, says Lorraine Bellon of Cloudflare. govinfosecurity.com/securing-feder…

The Department of the Navy (DON) announced its cybersecurity goals for FY 2023. The plan highlights a variety of ways in which security leaders can build on existing systems to improve their protection. securitymagazine.com/articles/98780…

Ransomware attacks continue to target governments and agencies. While 80% of state and local IT leaders think ransomware is a big threat, less than half have an incident response plan in place. securitymagazine.com/articles/98656…

Security ranks among the four trends in improving government employee engagement. Security approaches like passwords, tokens and other barriers are giving way to zero-trust security that gives governments an edge on fraud and ransomware. govexec.com/technology/202…

Recently at the Centers for Medicare and Medicaid, 254,000 records were exposed by a contractor that may have not adhered to the agency’s security obligations. govexec.com/technology/202…

The Pentagon has released a plan to direct defense agencies to implement zero-trust standards by 2027. The plan starts with getting departments on the same page in managing identity, credentialing, and access (ICAM). govexec.com/defense/2022/1…

A recent survey reports that most defense contractors are failing to meet DFARS cybersecurity requirements resulting in a direct threat to national security. fcw.com/security/2022/…