The Cybersecurity (CS) Digest is a curated bi-weekly news summary for cybersecurity professionals. It is transmitted in an HTML-formatted email and provides links to articles and news summaries across a spectrum of cybersecurity topics.
U.S. utilities are looking hard at their cyber vulnerabilities and whether they can get insurance to cover what could be a multi-billion dollar loss after hackers cut electric power to more than 80,000 Ukrainians last month.
The United States National Security Agency (NSA) is a notoriously secretive organization, but the head of its elite Tailored Access Operations (TAO) hacking team has appeared at Usenix's Enigma conference to tell the assembled security experts how to make his life difficult.
The new IT systems storing background investigation forms on millions of federal employees and contractors will use encryption to camouflage sensitive data.
High above the New Mexico desert, Google is experimenting with new wireless broadband tech that could one day replace LTE.
Miscreants have put together an especially pernicious strain of Android ransomware that threatens to bare your browsing history.
60+ Trojanized Android Games Lurking on Google Play - Net-Security
Dr. Web researchers have discovered over 60 Trojanized game apps being offered on Google Play through more than 30 different game developer accounts.
Russians’ Report Memristors - EE Times
Russian and Italian scientists, led by Vyacheslav Demin at the Moscow Institute of Physics and Technology and the National Research Center Kurchatov Institute (Moscow) have described a perceptron in detail in a paper by Demin and his collaborators titled Hardware elementary perceptron based on polyaniline memristive devices.
The Pentagon hasn't had updated information on maintenance of the F-35 jet since May because a Lockheed Martin Corp. database doesn't meet new government cybersecurity requirements, according to the Defense Department's testing office.
UpGuard, Formerly ScriptRock, Unveils First FICO-Like Score for Cybersecurity and Compliance - Dark Reading
UpGuard, formerly ScriptRock, today unveiled its Cybersecurity Threat Assessment Report (CSTAR), the industry's first and only comprehensive and actionable cybersecurity preparedness score for enterprises.
Pentagon Award to Recognize US Drone Operators - Security Week
According to a Pentagon memo due out Thursday, the military will introduce a new "R" designation -- known as a "device" -- that can be attached to medals given to drone operators and other non-combat troops, such as cyber warriors who hack enemy networks.
National Security Agency Plans Major Reorganization - In Homeland Security
The National Security Agency is undertaking a major reorganization, merging its offensive and defensive organizations in the hope of making them more adept at facing the digital threats of the 21st century, according to current and former officials.
Hacker group AnonSec has published a data dump that contains the details of 2,414 NASA employees, along with 631 videos recorded from various NASA aircraft and weather radars, and 2,143 flight logs.
There are one million cybersecurity job openings in 2016. Where are all of those jobs? This week we take a look at the cybersecurity job boom in the U.S. government sector.
GAO: Feds’ Einstein Program Comes Up Short - Gov Info Security
The U.S. government's intrusion detection and prevention program known as Einstein has limited ability to detect breaches of federal information systems, according to a new Government Accountability Office report.
VirusTotal, a malware-hunting subsidiary of Google, announced in a blog post it has a new tool that scans your computer's BIOS and UEFI firmware for malicious content.
Cyber Security of Critical Infrastructure - Department of Homeland Security
CSIAC serves on the EO 13636/PPD-21 Research & Development (R&D) Working Group (WG) run by DHS S&T. If you would like further information, contact Dr. Paul Losiewicz at firstname.lastname@example.org
The Cyber COI engages in multiple activities and forums for coordinating cyber S&T strategies, sharing innovative ideas and technical approaches, promoting technology transfer and upcoming business opportunities, and in jointly planning programs across the Department of Defense and other government agencies. Membership is based upon approval by the Cyber COI group administrator.
DOD OSBP officials acknowledged that cybersecurity is an important and timely issue for small businesses -and therefore the office is considering incorporating cybersecurity into its existing outreach and education efforts. During the review, GAO identified 15 existing federal cybersecurity resources that DOD OSBP could disseminate to defense small businesses.
DHS S&T Collaboration Community - Ideascale
The National Conversation is intended to bring together everyone to play a role in shaping the future of homeland security technology. This means responders, operational users, citizens, academia, and industry.
The Department of Defense Cyber Strategy - Department of Defense
The purpose of this strategy is to guide the development of DoD's cyber forces and strengthen our cyber defense and cyber deterrence posture. It focuses on building cyber capabilities and organizations for DoD's three primary cyber missions.
The Information Sharing Environment (ISE) broadly refers to the people, projects, systems, and agencies that enable responsible information sharing for national security.
Standards & Reference Documents - CSIAC
View all Best Practices and Reference Documents on the CSIAC website.
DoD Cyber Domain Resources - Department of Defense
DHS Cyber Security Strategy (“Blueprint for a Secure Cyber Future”, 2011) - Department of Homeland Defense
DIB CS/IA Voluntary Information Sharing Program - DoD DIBNet
DoD's DIB CS/IA program is a voluntary program to enhance and supplement DIB participants' capabilities to safeguard DoD information that resides on, or transits, DIB unclassified information systems.
US-CERT Bulletins - Department of Homeland Security
Bulletins provide weekly summaries of new vulnerabilities. Patch information is provided when available.
US-CERT Alerts - Department of Homeland Security
Alerts provide timely information about current security issues, vulnerabilities, and exploits.
NVD is the U.S. government repository of standards based vulnerability management data represented using the Security Content Automation Protocol (SCAP). This data enables automation of vulnerability management, security measurement, and compliance. NVD includes databases of security checklists, security related software flaws, misconfigurations, product names, and impact metrics.
Trustworthy CyberSpace: Strategic Plan For The Federal Cybersecurity Research and Development Program - NITRD
Committee on National Security Systems (CNSS) - Committee on National Security Systems
The CS Digest provides links to third party Websites. The CSIAC is not responsible for the availability of, and content provided on, third party Websites. You should refer to the policies posted by other Websites regarding their privacy and other topics before you use them. The CSIAC is not responsible for third party content accessible through the CSIAC CS Digest, including opinions, advice, statements, advertisements and endorsements, and you bear all risks associated with the use of such content.