Welcome to MeriTalk News Briefs, where we bring you all the day’s action that didn’t quite make the headlines. No need to shout about ‘em, but we do feel that they merit talk. […]

Booz Allen Hamilton has won a task order worth up to $1.03 billion to provide services under the Continuous Diagnostics and Mitigation (CDM) Program to CDM’s Group D Federal agencies, according to contracting information on the General Services Administration’s (GSA) Federal Procurement Data System. […]

State-sponsored cyberattacks are the new normal in adversarial international activity, whether on large or small scales. […]

At a House Homeland Security Committee hearing on Wednesday, July 25, to examine findings of the Federal Cybersecurity Risk Determination Report and Action Plan released by the Office of Management and Budget (OMB) in May, lawmakers and private sector witnesses hailed new legislation as a necessary – but on its own insufficient – step to bring down the security risks of three-quarters of Federal agencies deemed in cyber danger. […]

The National Security Agency’s (NSA) Office of Inspector General (OIG) has for the first time released its semi-annual report to Congress as an unclassified document, and in the process shed light on IT deficiencies at the agency. The report, released Wednesday and covering the period of October 1, 2017 to March 31, 2018, highlights multiple audits that found numerous issues in the governance of NSA’s IT infrastructure and its subsequent ability to mitigate cybersecurity risk. […]

The House Oversight and Government Reform Committee’s information technology and government operations subcommittees held a joint hearing Wednesday to key in on the most salient, persistent, and omnipresent issue in Federal agency IT: cybersecurity. On hand to testify were Federal CIO Suzette Kent, and Comptroller General Gene Dodaro, seeking to illuminate congressional inquirers on Federal agency progress to mitigate the wide range of cyber risks. […]

The Defense Information Systems Agency’s (DISA) plan to move a key cybersecurity service to the cloud is in keeping with the push toward cloud computing for many of the Department of Defense’s operations, including those involving classified information. The question at the moment is whether the cloud services DISA wants to tap into are secure enough to handle the job. […]

Welcome to MeriTalk News Briefs, where we bring you all the day’s action that didn’t quite make the headlines. No need to shout about ‘em, but we do feel that they merit talk. […]

Federal CIO Suzette Kent, testifying today at a joint subcommittee hearing of the House Oversight and Government Reform Committee, said that the Federal government intends to complete all of the tasks outlined in the Federal IT Modernization Report by the end of the year. She said that the majority of those tasks are already complete, and that many have beaten the timelines the government had set for itself. […]

The Government Accountability Office (GAO) released an interim report today detailing four major challenges and 10 critical actions that it says must be taken in order to stem the growing tide of cybersecurity threats facing the nation and Federal agencies. […]

Today’s House Committee on Oversight and Government Reform (OGR) covered the waterfront on election cybersecurity issues but came up with little that differed much from many of the other election cybersecurity hearings that have happened on the Hill over the last few months. The greatest hits were once again discussed–concerns over involvement in the 2016 election, threats facing the 2018 midterm elections, and how to respond to Russia cyber aggression towards U.S. election infrastructure and technology. […]

The House Homeland Security Committee today voted to recommend two bills, the Advancing Cybersecurity Diagnostics and Mitigation Act and the Department of Homeland Security Chief Data Officer Authorization Act, aimed at strengthening and solidifying IT operations of the Department of Homeland Security (DHS) and to guard against evolving cybersecurity threats. […]

In the push to keep Federal IT systems secure, cybersecurity teams find themselves overloaded with information and tools and would like to see automation help them turn information into actionable intelligence, IT and industry leaders said during a FedInsider webinar on July 19. […]

The National Defense Authorization Act (NDAA) for FY 2019 took a big step toward passage with the release of the conference report late yesterday that unifies House and Senate NDAA legislation and places in sharp focus concerns about growing cyber and electronic warfare threats and ways that the United States should address them. […]

Welcome to MeriTalk News Briefs, where we bring you all the day’s action that didn’t quite make the headlines. No need to shout about ‘em, but we do feel that they merit talk. […]

In 2016, criminals stole $1.6 billion from the Internal Revenue Service (IRS) by using false identities to claim fraudulent tax refunds, according to IRS estimates. In a report released today, the Government Accountability Office (GAO) zeroes in on IRS’ authentication efforts as a way to reduce fraud and save tax payer dollars, and offers 11 recommendations for IRS consideration. […]

Support for S. 2593, the Secure Elections Act of 2018, is growing in the Senate as four more legislators signed on as cosponsors late last week. […]

The Department of Justice (DoJ) said Thursday it was putting in place a new policy governing disclosure by DoJ and other Federal agencies of “foreign influence operations” being conducted in the United States. The agency said the new policy “provides guideposts for Department action to expose and thereby counter foreign influence threats, consistent with the fundamental principle that the Department always must seek to act in ways that are politically neutral, compliant with the First Amendment and designed to maintain the public trust.” […]

As the National Defense Authorization Act (NDAA) for FY2019 makes its way through the House-Senate conference process, Senate Republicans today agreed to drop their ban on China-based communications equipment maker ZTE in favor of the House’s more lenient version of that measure. […]

A new Defense Department (DoD) Risk Management Framework (RMF) – due to be delivered to agency leaders in roughly seven weeks – will have strong implications for the way the department’s cybersecurity professionals perform their tasks, according to John Bergin, IT and Business System Reform Lead at DoD. […]

Grant Schneider, currently the acting Federal chief information security officer, has been named Federal CISO on a permanent basis, the Office of Management and Budget (OMB) announced on Thursday. As CISO, Schneider is tasked with implementing cybersecurity practices across the executive branch, as well as serving as a policy advisor for the Trump administration. […]

Welcome to MeriTalk News Briefs, where we bring you all the day’s action that didn’t quite make the headlines. No need to shout about ‘em, but we do feel that they merit talk. […]

Federal agency .gov domains have less than three months left to come into compliance with binding operational directive (BOD) 18-01, issued by the Department of Homeland Security (DHS) last October, which requires the use of Domain-based Message Authentication, Reporting and Conformance (DMARC). A DHS representative on Wednesday said that progress in implementing DMARC has been strong, but that initial implementation is far from the finish line. […]

The House Intelligence Committee today heard testimony from several witnesses who warned that China is actively working to infringe upon the intellectual property rights of U.S. entities, engages in cyberespionage against the United States, and poses a growing cyberthreat to the country. […]

Margaret Weichert, deputy director for management at the Office of Management and Budget (OMB) and one of the Trump administration’s most visible point persons promoting its plan to reorganize numerous aspects of Federal civilian agencies, said on Wednesday that the first fruits of that plan may be efforts to standardize aspects of the Federal cybersecurity workforce, ease the backlog of Federal background checks, and make improvements in the provision of government digital services generally. […]

Rep. John Ratcliffe, R-Texas, introduced legislation today to codify into law the Department of Homeland Security’s Continuous Diagnostics and Mitigation (CDM) Program, in order “to advance and modernize” the program and ensure procedural policies for it. […]

Welcome to MeriTalk News Briefs, where we bring you all the day’s action that didn’t quite make the headlines. No need to shout about ‘em, but we do feel that they merit talk. […]

Following a July 16 letter by former government officials requesting disclosure of 2020 Census cybersecurity policies, the U.S. Census Bureau issued a statement today affirming its “robust cybersecurity program” and ensuring interested parties that cybersecurity remains paramount at the bureau. However, it said it was declining to reveal all of its encryption policies “as a matter of data security.” […]

The Office of the Inspector General (OIG) found that the General Accountability Office (GAO) isn’t fully compliant with the Federal Information Security Modernization Act of 2014 (FISMA), according to a report released yesterday. […]

The House Oversight and Government Reform Committee (OGR) on Tuesday approved by voice vote a bill which would allow Federal agency heads to limit access to certain websites or deploy cybersecurity measures if they feel that it is necessary to secure their IT systems, but not before strong vocal dissent about the scope of the legislation. […]