U.S. intelligence officials have warned of increased attempts by hackers to exploit supply chain vulnerabilities. “Hackers are infecting a wide range of users through official software distribution channels…users do not expect malicious code to be introduced by updated from trusted software vend...
A new bipartisan bill would require federal agencies to conduct more extensive and thorough background checks on contractors’ and suppliers’ cyber security supply chains. The current system is described as “extremely complex,” but “ill-equipped” to deal with twice and three-times removed...
By John Scott For Want of a Patch For want of a patch the component was lost. For want of a component the stack was lost. For want of a stack the system was lost. For want of a system the message was lost. For want of a message the cyberbattle was lost. For want of a battle […]...
By Bob Gourley The 2014 Trusted Cyber Collaboration Workshop is being held 24-26 Sep in DC. This gathering, facilitated by the Transglobal Secure Collaboration Participation (TSCP) pulls together leaders in real secure information exchange, including information exchange across and between enterpr...
By Bob Gourley The Security Analysis and Risk Management Association (SARMA) and the Military Operations Research Society (MORS) are partnering to help advance the body of knowledge around global supply chain risk management on 5 and 6 May. Please see the details below and click here to register. Pl...
By RyanKamauff Here are the top cyber news and stories of the day. NIST publishes IT supply chain risk guidance – Supply Chain Risk management will be a growing concern as we continue to source almost all of our silicon and technology from foreign countries. The NIST document “calls ...
Cybersecurity gets a 74% increase in the Homeland Security Department’s fiscal 2013 budget request while overall department funding stays constant. More here. The Department of Energy, Justice, and Health and Human Services CISOs agreed that they are all having trouble keeping pace with mobile ris...
On Friday, 16 December, Michael Howard hosted a webinar for FedCyber on the Microsoft Security Development Lifecycle (SDL), Howard is Microsoft’s Principal Security Architect with nearly 20 years of experience in the field and literally wrote the book on SDL, a topic that keeps growing more re...