The National Security Agency is expanding funding for several universities to continue scientific research into cybersecurity. The intelligence agency awarded contracts to North Carolina State University, the University of Illinois Urbana-Champaign and Carnegie Mellon University in 2012 and recently announced that these three universities along with the University of Maryland would receive additional funding.
The 13 cloud computing contracts that the Postal Service awarded in recent years inadequately addressed data security, says the USPS office of inspector general. Contracting officials worried that integrating policies from the agency's handbook on cloud security would drive up the cost of the contracts.
Public policy can help address U.S. cybersecurity, but it should not be viewed as an issue that can be solved through legislation or regulation. Rather, public policy can help improve cybersecurity management, says a new report from the National Research Council.
"It's amazing to me how little" investors think about cybersecurity in their decisions, said Suzanne Spaulding, head of the National Protection and Programs Directorate.
The FBI is warning healthcare providers that lax cybersecurity standards will leave their computer systems more vulnerable to hackers as the industry transitions to electronic health records.
The Energy Department developed the document in collaboration with industry. The guidance focuses on protecting the industrial control systems behind energy delivery, rather than information technology more generally.
Cyber espionage in 2013 tended to be committed by state-affiliated actors, target the United States, and originate in East Asia or Eastern Europe, says an annual report by security researchers at Verizon.
Private sector cloud providers with a FedRAMP provisional authorization making them eligible to sell services to federal agencies will have about a year to implement the new minimum set of security controls.
As part of a nationwide effort to modernize public safety communications, jurisdictions in many states have begun bringing online emergency services IP networks. However, IP connectivity – which will deliver voice, video, text and data calls to public safety answering points – present a cybersecurity challenge that PSAPs have not previously had to consider.
A random number generating algorithm under suspicion of National Security Agency tampering will no longer carry government approval. The National Institute of Standards and Technology announced Monday it will remove the algorithm in question, the Dual Elliptic Curve Deterministic Random Bit Generator, from its publication containing pseudorandom generator standards.