Following on the successes of the FedRAMP program that certifies cloud services as secure to use for Federal government agencies, the home-grown StateRAMP program is forging ahead with similarly vital services to state and local governments and institutions of higher learning, state, and industry leaders explained on October 5 during MeriTalk’s StateRAMP: Taking the On-Ramp to Secure SLED Cloud Solutions online event. […]
Cybersecurity is the ultimate team sport, Jim Richberg says in a new MeriTV interview. It requires greater public-private cyber information sharing – called for in the May Executive Order on Improving the Nation’s Cybersecurity (EO) and backed up by several new pieces of legislation – but the conditions for it must be established over time, he advised. […]
On Oct. 8, President Joe Biden signed the bipartisan K-12 Cybersecurity Act of 2021 into law to provide school districts with resources to combat and protect themselves against cyberattacks. […]
For nearly two years, the Federal government has gone without a Federal chief statistician, but the Office of Management and Budget (OMB) is looking to change that. […]
In a recent letter to the Department of Justice (DoJ), the Department of the Treasury (Treasury), the Department of State (State Department), and the Department of Homeland Security (DHS) lawmakers urge the agencies to pursue all options available to protect American communities and infrastructure from the growing threat of ransomware. They emphasized the need for stronger coordination between departments, primarily to address the role of cryptocurrency in ransomware attacks. […]
The Department of Defense’s (DoD) Joint AI Center (JAIC) is soliciting help from industry to figure out what ways the center can use AI to automate the procurement process. The JAIC will have acquisition authority beginning in fiscal year 2022, and the solicitation will look to help make that process easier. […]
Sens. Shelley Moore Capito, R-W.Va., and John Hickenlooper, D-Colo., introduced legislation that would revamp the National Telecommunications and Information Administration’s (NTIA) Office for Policy Analysis and Development to have a stronger focus on cybersecurity efforts. […]
The Office of Management and Budget (OMB) is giving Federal agencies a three-month deadline to make initial strides at identifying the current state of endpoint detection and response (EDR) capabilities on their networks and to start undertaking additional work with the Cybersecurity and Infrastructure Security Agency (CISA) to quicken the pace of deploying those capabilities. […]
Bipartisan legislation was introduced in the House last week to boost U.S. supply chains and foster domestic manufacturing of “critical goods” by creating a Supply Chain Resiliency and Crisis Response Office in the Department of Commerce. […]
By 2023, nearly 30 percent of Federal employees will be eligible for retirement – a soon-to-be reality that keeps Federal agency and IT leaders up at night. How can leaders prepare for greater productivity, capture as much institutional knowledge as possible in the interim, and ensure mission continuity and efficiency as new employees onboard? Process and infrastructure automation is an essential part of the solution. […]
Microsoft’s new Digital Defense Report finds that Federal agencies and organizations have been the most targeted sector by cyber threat actors since the middle of last year, and that attacks emanating from Russia have been the most frequent. […]
The U.S. Army has decided to delay the massive overhaul of its enterprise IT personnel system in favor of conducting additional testing, which will push the launch date of the new system from December of this year to September 2022. […]
Sens. Ron Wyden, D-Ore., and Rand Paul, R-Ky., introduced a bipartisan bill this week that would prevent law enforcement agencies from searching phones, laptops, and other digital devices of those crossing United States borders. […]
With Federal agencies needing to move the bulk of their workforce to remote or hybrid environments since the start of the COVID-19 pandemic, the Cybersecurity and Infrastructure Security Agency’s (CISA) Continuous Diagnostics and Mitigation (CDM) program has worked with agencies to account for the increase in attack vectors and take a more proactive risk management stance, CDM Program Lead Richard Grabowski said. […]
Senators Maggie Hassan, D-N.H. and Joni Ernst, R-Iowa, introduced bipartisan legislation that would mandate the Department of Treasury and other Federal entities to review the use and mining of cryptocurrencies globally, and submit a detailed report on the issue to multiple congressional committees. […]
The Senate Homeland Security and Governmental Affairs Committee voted on October 6 to advance three Biden administration nominations to the Merit System Protection Board (MSPB). The committee’s action sends the nominations to the full Senate for consideration. […]
As part of a broader effort to enhance national security efforts at the agency, the Central Intelligence Agency (CIA) announced the creation of a new chief technology officer (CTO) position, and a new Transnational and Technology Mission Center. […]
Senators and healthcare IT experts raised concerns this week that many in the United States cannot benefit from the recent boom in telehealth services because of a lack of affordable high-speed internet access across the country. […]
The Cybersecurity and Infrastructure Security Agency (CISA) has released version 1.0 of its Trusted Internet Connections (TIC) 3.0 Remote User Use Case to provide guidance on securely implementing and configuring specific platforms, services, and environments. […]
The Department of Veterans Affairs’ (VA) Electronic Health Records Modernization (EHRM) program has been under fire in recent months after two VA Office of Inspector General’s (OIG) reports revealed program missteps and underreported, unreported, or unknown program costs. In response, the VA pledged to provide a full lifecycle cost estimate of the program – which Congress wanted to see within 90 days – but a VA official said today that the cost estimate will take at least 12 months to complete. […]
Sen. Elizabeth Warren, D-Mass., and Rep. Deborah Ross, D-N.C., introduced a bicameral bill this week that would require ransomware victims to report to the government when they have paid a ransom, with an aim of bolstering the flow of critical cybersecurity data. […]
The General Services Administration (GSA) is looking at government-wide telecommunications and IT acquisitions worth $100 million to ensure that climate risk is addressed in the supply chains for those services. […]
The White House will host an international ransomware gathering next week aimed at improving international cooperation among governments in the fight against ransomware-driven cyberattacks, said Jeff Greene, chief of cyber response and policy for the White House’s National Security Council. […]
The Department of Defense (DoD) has completed the market research phase for its proposed multi-vendor Joint Warfighter Cloud Capability (JWCC) cloud contract, which the Pentagon announced in July following its decision to cancel the single-vendor $10 billion Joint Enterprise Defense Infrastructure (JEDI) cloud services contract. […]
Paul Cunningham, chief information security officer (CISO) at the Department of Veterans (VA), explained this week how the agency is addressing cybersecurity vulnerabilities to protect its users and their health care and financial data as the agency has turned increasingly to providing telehealth services for veterans. […]
In light of this year’s cyberattack on Colonial Pipeline and other critical infrastructure targets in the United States, the Department of Homeland Security’s Transportation Security Administration (TSA) component is prepping a new cybersecurity directive covering “high-risk” railroad operations, according to DHS Secretary Alejandro Mayorkas. […]
With an increased focus on cybersecurity after a spate of high-profile cyberattacks on U.S. government and business organizations since late last year, members of Congress are continuing to call for a clearly defined national cyber deterrent policy. Three prime movers on cybersecurity legislation Congress – Sen. Angus King, I-Maine, and Reps. John Katko, R-N.Y., and Yvette Clarke, D-N.Y. – explained the need to codify a cyber deterrence policy at the Aspen Cyber Summit Oct. 6. […]
Reps. John Katko, R-N.Y., and Abigail Spanberger, D-Va., introduced a bipartisan bill in the House this week that aims to protect systemically important critical infrastructure (SICI) from cyberattacks. […]
The Senate Homeland Security and Government Affairs Committee voted today to approve the Cyber Incident Reporting Act, which would require critical infrastructure operators to report cyberattacks to the Federal government, and require most government and business entities to report to the government if they make a ransomware payment. […]
The Senate Homeland Security and Governmental Affairs Committee voted unanimously today to advance for full Senate consideration of a bill that would extensively overhaul the 2014 version of the Federal Information Security Management Act (FISMA) that sets cybersecurity requirements for Federal civilian agencies. […]