The Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) said today that it is continuing to help Federal agencies remediate the Log4j vulnerability that CISA first warned about in December. […]
Sen. Gary Peters, D-Mich., is renewing calls for mandatory incident reporting legislation, after meeting virtually with Biden administration cybersecurity leaders on Jan. 5 for a briefing about the Log4j critical vulnerability. […]
A bipartisan group of senators led by Sen. Jacky Rosen, D-Nev., is asking Homeland Security (DHS) Secretary Alejandro Mayorkas and Transportation (DOT) Secretary Pete Buttigieg about the agencies’ ability to meet their responsibilities as co-Sector Risk Management Agencies (SRMA) to detect, prevent, and respond to cyber threats to critical transportation infrastructure. […]
As identity management takes a front seat in agencies’ zero trust security journeys, Federal and industry leaders agree that the government’s Identity, Credential, and Access Management (ICAM) framework is an essential element to the application of zero trust architectures, along with consolidating ICAM approaches within agencies. […]
Artificial intelligence (AI) can help make small improvements to discrete agency operations, or it can be a game changer that helps agencies meet their missions in ways we can’t imagine today. MeriTalk sat down with David Kushner, executive vice president of sales at enterprise IT solutions provider ViON to discuss how agencies can move beyond narrow use cases to achieve long-lasting, impactful change with AI. […]
The United States Air Force Research Laboratory (AFRL) said in a recent posting on SAM.gov that it wants industry to submit research white papers that drive toward the goal of using artificial intelligence (AI) technologies to help the service branch cut down on tasking order planning cycles. […]
The United States Marine Corps is seeking new technology capable of defending against enemy drone aircraft, according to a request for information (RFI) posted to SAM.gov on Jan. 5. […]
The White House Office of Science and Technology Policy (OSTP) issued a request for information (RFI) in the Federal Register today seeking examples of digital health technologies that could be used to strengthen “community health, individual wellness, and health equity.” […]
The Office of the National Cyber Director (ONCD) has appointed Nick Leiserson – who spent the previous decade working his way up to be Rep. Jim Langevin’s, D-R.I., Chief of Staff – deputy chief of staff for National Cyber Director Chris Inglis’ office. […]
The Office of Management and Budget (OMB) said in its annual report on governmentwide improper payments – defined as payments that shouldn’t have been made or were made for incorrect amounts – jumped to 7.2 percent in Fiscal Year 2021 with the increase driven in part by soaring rates of unemployment insurance fraud during the coronavirus pandemic. […]
The White House on Jan. 4 sent to the Senate fresh nominations for dozens of senior Federal government posts, including key positions at the Department of Energy (DoE), the Commerce Department’s National Institute of Standards and Technology (NIST), and the Federal Communications Commission (FCC). […]
The U.S. Army Institute of Surgical Research (USAISR) is partnering with two private medical research centers to develop a portable tool using machine learning technology that allows soldiers – even those without a medical background – to assess and treat burn wounds on the battlefield. […]
While the Federal government has been busy pouring billions of dollars into artificial intelligence (AI) technology development, it’s time to take stock of those efforts and start exploring the critical questions of what that work means for Federal agencies, employees, and citizens. […]
The Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) said today that all large Federal agencies have successfully mitigated the Log4j critical vulnerability that the agency discovered in early December 2021. […]
The Department of Defense’s (DoD) Defense Advanced Research Projects Agency (DARPA) announced the launch of its Guaranteeing AI Robustness Against Detection (GARD) program, which is designed to develop new defenses against adversarial attacks on machine learning (ML) models. […]
The Government Accountability Office (GAO) made seven new appointments to its Health Information Technology Advisory Committee (HITAC), according to a Dec. 20 press release. […]
The Office of Personnel Management (OPM) published a proposed rule in the Federal Register today that looks to rescind previous Trump-era Federal workforce policies centered around how agencies handle employee misconduct and poor performance. […]
The Office of Personnel Management (OPM) is extending the deadline for agencies to adopt skills-based hiring assessments, according to a memo from OPM Director Kiran Ahuja. […]
The United States Army has awarded Northrop Grumman a five-year, $1.4 billion contract for an Integrated Battle Command System (IBCS) to link disparate missile defense assets and bolster command and control functions. […]
The Federal Communications Commission on Dec. 30 released membership rosters for the six working groups of its Communications Security, Reliability, and Interoperability Council (CSRIC), which provides advice to the agency on how to improve security and reliability of U.S. communications systems. […]
The U.S. Patent and Trademark Office (USPTO) has awarded a seven-year, $87 million contract to Accenture Federal Services (AFS) to help streamline the trademark lifecycle through supporting and enhancing its Trademark Product Line (TMPL). […]
The Office of Personnel Management (OPM) has established new criteria for Federal agencies hiring data scientists by releasing its new occupational series for data scientists in government – a project that has been more than two years in development. […]
The Cybersecurity and Infrastructure Security Agency (CISA) has hired Daniel Bardenstein as its new tech and cyber strategy lead. […]
Information security remains a prevalent concern for the State Department based on numerous previous recommendations regarding fundamental information technology-related issues that still require close attention, according to a recent agency Office of Inspector General (OIG) report.
The report assesses 107 unclassified, open OIG recommendations from 19 reports addressed to the Bureau of Information Resource Management (IRM) as of July 30, 2021. OIG found that IRM had addressed three of the 107 recommendations and closed one duplicative recommendation related to risk management, one related to data protection and privacy, and one related to general IT policies. Additionally, OIG closed 14 recommendations in August 2021 as part of its normal compliance process.
However, the remaining 90 recommendations – 57 percent of which dated back to fiscal 2019 or earlier – remain relevant and require “close attention to close them,” the report read.
A larger number of the recommendations involve configuration management of products and systems to ensure information security. The other unaddressed recommendations pertain to several areas including as risk management, IT investments, contingency planning, and shared services.
To facilitate closing the remaining recommendations addressed to IRM, OIG made two recommendations to Carol Perez, the agency’s under secretary for management. OIG recommended her office develop a method for periodically reviewing IRM’s efforts – and indicated that step has since been taken.
OIG also recommended that Perez’s office verify IRM plans of action and milestones (POA&M) documented for all 90 recommendations. However, Perez disagreed with that recommendation, explaining that if the end goal is for IRM to solve open recommendations, developing an individual action plan for each recommendation is “overly cumbersome.”
“IRM’s staff, time, and resources are better spent working on compliance-related activities, maintaining a high standard of day-to-day operations, and communicating directly with OIG,” Perez wrote in her response to OIG.
However, OIG argued that under guidance from the National Institutes of Standards and Technology, agencies are required to develop a POA&M, and that Perez must submit a POA for the recommendation. […]
The Federal Communications Commission (FCC) has launched the Affordable Connectivity Program, which is the successor to the agency’s Emergency Broadband Benefit program. […]
The Department of Defense (DoD) has increased restrictions at the Pentagon as COVID-19 cases climb due to the omicron variant of the virus. The Pentagon remains at Health Protection Condition (HPCON) Bravo Plus, but is implementing additional measures to protect the workforce. […]
President Biden signed the $768 billion National Defense Authorization Act (NDAA) for fiscal year (FY) 2022 into law on Dec. 27, the White House announced. […]
The Cyberspace Solarium Commission, which has served as an influential incubation chamber for a big chunk of cybersecurity policies that have become Federal law and policy over the past two years, underwent a status change over the holidays. The commission, which was born as a Federally commissioned group, transitioned to a 501(c)3 non-profit over the new year. […]
A new report from the Data Foundation is evaluating Federal agencies’ abilities to implement the Foundations for Evidence-Based Policymaking Act (Evidence Act), and makes eight recommendations to better implement the law’s evaluation provisions. Top among those asks are requests for more agency funding and personnel resources to properly implement the law. […]
The Cybersecurity and Infrastructure Security Agency’s (CISA) National Risk Management Center (NRMC) is cataloguing significant progress it has made in developing its “National Critical Functions” (NCF) framework, and pointing to next steps in the effort. […]