Derek B. Johnson
SCMagazine
Washington, DC, United States
Contact Derek
Discover and connect with journalists and influencers around the world, save time on email research, monitor the news, and more.
| Recent: |
|
| Past: |
|
Past articles by Derek:
Biden's national cyber strategy wants to redirect responsibility from users, to manufacturers
The strategy, released Thursday morning, seeks to create “fundamental shifts” across two areas: broadly moving responsibility for insecure technology from the users and small businesses who are often victims of cyber attacks to the manufacturer and building more long-term investments in the way such technology is designed, built and secured. → Read More
FTC kicks off potentially massive new regulation on commercial surveillance
The Federal Trade Commission narrowly voted to explore new regulations on commercial data surveillance, saying the growing practice raises the risk of data breaches, manipulation of consumers and other harmful practices. → Read More
Early Log4j mitigation, asset inventory led to a better security position
An analysis released by CyCognito found a stark difference between companies that rushed to identify and close off assets that were exposed to the corrupted Apache code early, and those that did not. → Read More
Biden's nominee to lead State's cyber office says role fills foreign policy gap
Nathaniel Fick, nominated to serve as the ambassador at large for the Bureau of Cyberspace and Digital Policy at State, sketched out a more robust leadership role for American cyber diplomacy during a Senate hearing Wednesday. → Read More
National data privacy law draws mixed reaction from civil liberties, industry groups
The House Energy and Commerce Committee on Wednesday passed the American Data and Privacy Protection Act, billed as a comprehensive privacy law, as well as legislation addressing ransomware and IoT devices. → Read More
Swalwell bill looks to put teeth behind national cyber director's interagency authorities
The Proactive Cyber Initiatives Act of 2022, introduced by Rep. Eric Swalwell, D-Calif., would insert language into federal law that explicitly puts the Office of the National Cyber Director in charge of “deconflicting overlapping jurisdictions between agencies regarding cybersecurity activities and authority to mitigate risks.” → Read More
White House to hold summit on addressing the thousands of unfilled cybersecurity jobs
The Biden administration has already hosted summits on ransomware and open-source software security. Now it’s taking a similar approach to tackle problems in the cybersecurity workforce. → Read More
DIU seeks a 'thought leader' to oversee cutting-edge cyber, tech work for US military
The organization is headquartered not in Washington, but Silicon Valley, and its primary mission involves working with nascent startups and other companies on new or innovative forms of technology and acclimating them to the byzantine rules and regulations of doing business with the federal government. → Read More
National Science Foundation wants to manage loan payments for cyber scholarships
The agency is proposing a regulation that would allow it to take over management of student loans for the Cyber-Scholarship-for-Service program, something they say would allow for more favorable repayment terms for some students who fail to meet the program’s requirements. → Read More
House wants Congress in the loop for government's post-quantum transition
The House passed the Quantum Computing Cybersecurity Preparedness Act, which would press agencies to identify specific systems and devices for the transition and require the executive branch to provide regular updates to Congress. → Read More
Ukraine's cyber agency tracks 'significant increase' in malware-directed attacks
Drawing from its national Vulnerability Detection and Cyber Incidents/Cyber Attacks Response System, the agency has observed another 24 registered incidents and 19 billion “events” targeting state and critical infrastructure, with the main targets being the Ukrainian government, local authorities and mass media institutions. → Read More
A guide to House cyber amendments in the NDAA
In a Congress where gridlock often reigns supreme and there are precious few “must-pass” bills, the annual defense authorization process has quickly become a vehicle for members to insert preferred legislation that might not otherwise get a full hearing or vote. → Read More
Moody's says Costa Rican response shows 'resilience' of sovereign governments to ransomware
According to Moody’s, a bond credit ratings business that now regularly tracks the economic fallout from cyberattacks, the news headlines and surface damage done to Costa Rican IT infrastructure has overshadowed a more complex picture. → Read More
CISA reiterates two-year timeline to implement breach-reporting rules
Concern raised over incident-reporting regulations for critical infrastructure and publicly traded companies under development by CISA and the SEC, respectively, may overlap. → Read More
Lawmakers want DoD to parse cyber roles, explore partnerships with CISA and colleges
A House committee wants Pentagon leadership to report how the Defense Department delineates roles and responsibilities within cyberspace among its different component agencies. → Read More
Questions over Cyber Command support, operations raised in defense authorization bill
The House Armed Services Committee passed an amended version of the NDAA that authorizes $131 billion to bolster research and development for the Department of Defense, establishes a cyber threat information collaboration environment between and requires military leaders to further clarify how they define information operations and give Congress a 48-hour heads up before engaging in clandestine… → Read More
Feds dole out another $100 million in cloud, security investments for agencies
On Tuesday the General Services Administration announced that it was making a trio of awards under the Technology Modernization Fund that will pay for security upgrades to the U.S. Department of Agriculture’s primary IT network, stand up a multi-cloud security operations center at the Federal Trade Commission and modernize of the Department of Homeland Security’s information sharing network. → Read More
NSO Group's reported sale to US contractor alarms cybersecurity experts
Reports of an impending deal between the notorious spyware vendor and L3Harris troubles some about the potential for spyware to spread throughout state and local governments. → Read More
House budget writers look to dole out big bucks to CISA, other DHS cyber programs
House appropriators want to give CISA $400 million more than requested, while two immigration-related agencies would also see notable bumps in their cyber and technology spending. → Read More
NSA cyber chief says there has been ‘enormous’ amount of hacking in Ukraine war
“People’s eyebrows will go up and say ‘well I thought there was supposed to be a bunch of hacks but we’re still waiting on those hacks. I would argue there’s a significant amount of activity, Rob Joyce said at RSA → Read More