You can hear the clatter from the White House as it hammers out the details of a long-awaited national cyber security strategy. But, the Department of Defense (DoD) cyber policy strategists are writing out advice to keep Federal agencies safe from hackers’ webs today. […]

In the first nine months of 2017, 79,637 Federal employees either quit or retired, Politico reported. Compare that number to 56,036 who left the government during the first nine months of the previous administration in 2009 and that’s almost a 50 percent spike. […]

Tenable announced that it recently discovered a critical remote code execution vulnerability in two Schneider Electric applications used in manufacturing, oil and gas, water, automation, and wind and solar power facilities. […]

A gathering of crows is called a murder. A bunch of kangaroos is called a mob. And a gathering of IGs is–no, not a nuisance–it’s called CIGIE–the Council of Inspectors General on Integrity and Efficiency. And, CIGIE’s annual Top Management and Performance Challenges–TPMC report–boiled down IG reports from 61 different agencies–and leads with IT and security management issues across the government. […]

Users have the reputation of being the weakest link in cybersecurity, because of their potential to undo the most fortified cyber setup with an exposed password or absent-minded click in a phishing email. They’re the guy who forgets to lock one door in an otherwise secure building, or the kid who unwittingly reveals where the family keeps an emergency house key. […]

Cometh another Congressional hearing on the Department of Homeland Security–DHS–and its ability to lock down the entire nation’s cyber infrastructure. Cometh more finger pointing.  The Government Accountability Office–GAO–released a report on DHS’ uphill battle for cybersecurity. With no ostensible end to this job, it’s easy to tell Sisyphus to push harder. […]

Federal IT leaders have said it for years: the biggest barrier to improving cyber security is a lack of resources. Now, with new funding allocated in the President’s budget and the passage of the MGT Act – coupled with guidance outlined in the Cyber EO and IT Modernization Report – agencies have a path forward. The new standard for Federal cyber security, driven by focused policies and increased budgets, is centered around modern tactics, secure devices, and resilient networks. […]

Machine learning innovation is kicking into high gear. Investment in this field and data science increased 9.3 percent in 2016 to $2.4 billion, according to Gartner. On top of that, the Federal government is increasing its focus on machine learning, with the MGT Act, Technology Modernization Fund, and the President’s Management Agenda all supporting transformation efforts. […]

Conventional wisdom is that it takes a fairly long time to detect a cybersecurity breach. Typically, most research suggests, it takes two to three months, possibly longer. That may not be the case anymore, though, according to a recent report. […]

The Air Force has awarded five small businesses contracts that could top out at $950 million for the rapid development of new cyber capabilities. This contract continues an effort by the service, and the Department of Defense overall, to keep up with potential adversaries in the fast-changing cyber domain. […]

The Government Accountability Office–GAO–released a report exploring how Medicare beneficiary data are being shared with external organizations. When caring for patient record data, it seems government needs a better bedside manner and more. […]

Government employees are playing Russian roulette every time they open their inbox. […]

As government cyber warriors recover from their red-eye journey back from the RSA conference, there’s news on the leadership progression at the top cyber operational position in government. The Department of Homeland Security (DHS) named Paul Beckman as the DHS HQ CISO. Formerly deputy CISO for DHS HQ, Beckman replaces, who recently retired from government service.  […]

The internet has never been an especially safe place, but at least one small corner of it–email–was less perilous for most users in 2017. […]

In another example of how far the cyber domain is pervading every aspect of warfare, military units are beginning to add cyber protection testing to vehicles before they hit the road. […]

Bot-driven cyberattacks and other fast-spreading malware have been making some pretty big waves of late. The Mirai botnet, for example, launched several record-setting Distributed Denial-of-Service–DDoS–attacks starting in September 2016. […]

At the RSA Cybersecurity Conference in San Francisco, Department of Homeland Security (DHS) Secretary Kirstjen Nielsen made it clear that the United States has “a full spectrum of response options” to defend against cyber attacks and hacks. […]

Uncle Sam’s Russopobia got a shot in the arm from a recent Department of Interior (DOI) Inspector General report. […]

Last month, the Department of Homeland Security issued a rare public alert about a large-scale Russian cyber campaign targeting U.S. infrastructure. The news raised serious concerns about vulnerabilities in the nation’s power grid and other critical infrastructure assets.   […]

As every serious runner knows, preparing for a big race can be a daunting task; it takes time, patience, and determination to succeed.  Once the training schedule begins, the runner must be diligent with sticking to the task.  By neglecting even one workout, the runner can risk losing progress, and not finish the race. […]

Yogi Berra told us it’s like déjà vu all over again–and cyber stalkers let out a huge yawn at yesterday’s House Armed Services Committee hearing on cyber operations. This torturous exercise in reviewing technology security and public safety challenges associated with critical infrastructure was studded with the clichés and platitudes that set our nation up for a massive kinetic cyber attack. […]

Security is the great white whale of Federal IT–even as we make progress, it is just out of reach. Late last month, Zscaler announced it had prioritized rigorous security standards by achieving the Service Organization Control (SOC) 2, Type II Certification. […]

Opening day for the Nationals might be a week away, but four Beltway insiders have already knocked one out of the park. The latest omnibus spending bill, which passed through the Senate early Friday morning, includes $100 million for the MGT Act’s centralized revolving capital fund. President Trump signed the MGT Act into law late last year as an amendment to the National Defense Authorization Act. […]

On Tuesday, President Trump released his management agenda, which focused heavily on his IT modernization goals. Top of mind for the administration? Improving the customer experience, helping agencies better deliver on their missions, and reducing costs to the taxpayer. […]

Not all bots are bad. But in the wrong hands, botnets can be commanded to do some very nefarious things, like Distributed Denial of Service–DDoS–attacks to disrupt and bring down websites. There are also malware-based bots that are increasingly being used to steal data and personal information. […]

The Defense Information Systems Agency (DISA) has completed the transition of the Secret Internet Protocol Router Network (SIPRNet) to a virtual network, which increases its bandwidth tenfold, while supporting plans to extend SIPRNet to the very edges of the network via the commercial cloud. […]

New technologies and techniques are changing the cybercrime landscape in a significant way, creating new challenges for those entrusted with protecting networks and data. […]

In times of emergency, state governors have regularly called in the National Guard, for reasons such as assisting the recovery after natural disasters like Hurricane Katrina in 2005 or to suppress protests in Ferguson, Mo., in 2014. If voting systems are under siege, should they do the same? […]

Critical infrastructure protection is so vital to the United States’ national and economic security, as well as public health and safety, that disruption or destruction of any of the 16 critical sectors would have a debilitating effect on the nation. […]

Acronyms abound with a seemingly endless stream of Federal IT regulations and guidelines related to cloud and cyber security. Trying to make sense of the madness? On March 8, at “Cyber Convergence: Security, the Cloud and Your Data,” Federal visionaries will crack the code on some of the most critical developments in government’s IT agenda – from cloud-based application security to MGT, FITARA, and more. […]