U.S. Government Contractors Score Poorly on Cyber Risk Tests

Posted: 02/20/2018 | Leave a Comment

Attacks against the supply chain are not uncommon. It represents the soft underbelly of large organizations that are otherwise well defended. The federal government is not an exception — in fact, federal agencies are especially reliant on their supply chain; and the security posture of that supply chain is of national importance.

https://www.securityweek.com/us-government-contractors-score-poorly-cyber-risk-tests

The DoD Cybersecurity Policy Chart

This chart captures the tremendous breadth of applicable policies, some of which many cybersecurity professionals may not even be aware, in a helpful organizational scheme.

View the Policy Chart

CSIAC Report - JFAC/DAU/CSIAC Cyber Experiment (CYBEX)

This report details key concerns discussed during the JFAC/DAU/CSIAC Software Assurance (SwA) Cyber Experiment (CYBEX). In addition to evaluating newly developed SwA guides for program managers and developers, the exchange included addressing/bringing back foundational software/system engineering concepts to address root of fundamental SwA issues as well as adopting common language in the areas of functionality and risk in order to identify issues early.

Read the Report

CSIAC Report - Emerging Developments in Cyberlaw: 2019

CSIAC SME and member of the American Bar Association’s Information Security Committee, Richard “Rick” Aldrich, gives a snapshot of emerging developments in cyberlaw, policy, standards, court cases and industry legal frameworks. These slides focus on emerging issues such as consumer privacy rights, forensic border search of computers, search consent, biometrics, expectations of privacy from cloud providers, and cyber insurance.

View the Slides