As threats increase, audit finds federal agencies struggle to implement cyber plans
“Until agencies more effectively implement the government’s approach and strategy, federal systems will remain at risk,” GAO warned.
White House email domains are sitting ducks for phishing attacks: study
Only one of the 26 email domains managed by the Executive Office of the President uses DMARC.
What's lurking in federal mobile tech? Apps, devices could hold nasty surprises.
When federal agencies have for the first time to include mobile devices and apps in their information security reporting for FY2018 starting this October, they may be in for a nasty surprise, if the experience of the Department of Homeland Security is anything to go by.
Federal agencies often don't know who's attacking them online, OMB says
For nearly a third of the cybersecurity incidents reported to the Department of Homeland Security by federal agencies, the agency had no information about what kind of attack took place or where it was targeted, officials said Wednesday.
No longer 'federal,' no longer exclusively 'cyber' — NIST security controls break out
The National Institute of Standards and Technology has removed the word "federal" from the title of its magisterial catalogue of cybersecurity and privacy controls.
What's in the NIST cybersecurity controls catalogue update?
The latest revisions to NIST's canonical SP 800-53 catalogue of cybersecurity controls integrate privacy measures and make the document more welcoming to non-feds.