Federal IT executives must move quickly to apply patches for the recently discovered Meltdown and Spectre security vulnerabilities, but should also be on the lookout for potential performance hits and unforeseen glitches associated with the bug fixes. […]

President Donald Trump last week issued an Executive Order on veterans’ health care that included an announcement that the Department of Veterans Affairs (VA) would adopt the same electronic records systems as the Department of Defense (DoD), signing off on what was already a done deal. Emphasis on “deal,” because although the departments are on board with a project that could cost $10 billion over 10 years, history raises doubts as to whether a unified health records system can actually be achieved. […]

Last year brought a great deal of change to Washington, D.C., from a new administration moving into the White House to D.C. United building a new stadium. As 2018 starts up with seemingly limitless IT opportunities ahead, MeriTalk takes a look back on the top Federal IT stories from 2017. […]

After years on the backburner, electronic warfare (EW) is moving up the ranks as an integral part of the Pentagon’s military focus. The Army last month received approval to move ground-based EW efforts into the Terrestrial Layer Intelligence System, joining cyber, signals, and other intelligence as part of the Multi-Function Electronic Warfare (MFEW) structure. The service wants to include airborne EW later this year. […]

Usually agencies want to speak highly of their IT operating systems, so to hear Deputy Secretary of the United States Department of Agriculture (USDA) Steve Censky call the USDA operating model “splintered and out of date” on Dec. 14 was a bit of a shock.   […]

Password manager company, Dashlane, has added a twist with its list of the “Worst Password Offenders” of 2017, naming high-profile people and organizations that fell into the bad-password trap. President Trump was deemed the worst offender, primarily because of simple passwords reportedly used by cabinet members and policy directors. Outside parties were also the culprits for the Department of Defense, specifically for its contractor, Booz Allen, as well as the Republican Party (stemming from a careless data analytics firm). Paul Manafort, for using “Bond007” as a password, and Sean Spicer, for apparently tweeting his passwords, also came in for scorn. […]

Email is a core network application for both the private sector the and government, and has become an essential business communication tool. Since email is nearly ubiquitous and often poorly secured, it also has become a vector for fraud and data theft. Phishing emails can compromise not only Federal networks and databases, but also trust in government communications. […]

Since blockchain first appeared in 2009 as the digital ledger for Bitcoin cryptocurrency transactions, it has steadily taken the online world by storm, in the process practically becoming a synonym for security. Even if a lot of people still don’t know what it is, they’re beginning to hear it more and more. IBM, for instance, has taken to mentioning “blockchain for security” in its TV ads. And in a sure sign of pending mainstream acceptance, a “Blockchain for Dummies” book is now available. […]

The National Institute of Standard and Technology (NIST) released the second draft of the proposed update to its Framework for Improving Critical Infrastructure Cybersecurity. The new draft aims to clarify, refine, and enhance the framework as well as “amplifying its value and making it easier to use,” NIST officials said. […]

As the Principal Deputy Director of National Intelligence, Sue Gordon has no shortage of cybersecurity data at her fingertips, but the key to cyber success is connecting the dots cross-government and in partnership with the private sector. […]

With rapid growth in smart devices, exploding data volumes, and the shift to the cloud, it is becoming more and more challenging to protect critical systems and information. Government and industry leaders convened at the Symantec Government Symposium in Washington, D.C. on Tuesday to discuss these complex challenges and the solutions needed to address them. […]

SBA has made it a priority to provide cybersecurity assistance for small businesses, reaching out to local chambers of commerce, technology vendors, and banks that serve small businesses to raise awareness of the benefits of cybersecurity threat prevention sharing through conferences.                                      […]

Federal leaders are well aware that cyber attacks are growing in sophistication, while at the same time an increasing number of employees access Federal networks from a growing variety of devices. […]

With the midterm elections of 2018 fewer than 12 months away, Congress is showing heightened concern over the potential for disastrous cyber attacks on the nation’s electronic voting systems. […]

Two House panels investigating the Equifax Inc. data breach are zeroing in on “technical and process” failures that led to the loss of personally identifiable information, including Social Security numbers, belonging to more than 145 million Americans, according to recently released documents. […]

Cloud and cyber are converging to drive today’s IT modernization conversation. These two critical components of government’s IT agenda are the drivers behind one of the most critical mission objectives: keeping agency data safe. […]

The Army and Navy recently announced that their Cyber Mission Teams were fully operational, and the U.S. Cyber Command now has all of their planned complement of 133 teams in business. With its people (totaling more than 6,000 service members and civilians) in place, U.S. cyber forces can now look to machines to help carry out effective operations in the cyber domain. […]

As applications, data, and everything IT shifts to the cloud, so too does cybersecurity. It’s more than just securing the cloud — it’s about actually using the cloud, and the advanced analytics it enables, to protect organizations. Security models are changing, and the cloud is a pivotal enabler of that change. […]

A team at the Georgia Institute of Technology, backed by the Defense Department’s research arm, is developing tool that will give cybersecurity investigators that kind of look at a cyber intrusion, quickly providing layers of detail not currently available, in what researchers say is the first instance of automated forensics. […]

As Feds get smarter about Artificial Intelligence on the cyber frontier, seems agencies’ IT defenders are suffering from schizophrenia about cyber cyborgs. That’s the topline takeaway from the new MeriTalk “Federal Cyber AI IQ Test” study. […]

The FBI currently has a backlog of nearly 7,000 crime-connected phones that its experts are unable to crack. And it’s going to get much worse, law enforcement leaders say. […]

Managing cyber risks means fighting a moving target, and bad actors are too often one step ahead. Even as cyber professionals protect systems from malware, phishing, and DoS attacks, new attack vectors including the IoT and AI are emerging. Federal agencies needs a continuous discussion on the evolving defense practices needed to identify vulnerabilities, prepare for changes in cyber attack strategy, and identify fundamental flaws in defense plans. […]

With the advent of cloud, IoT, and other next-gen technologies, the Federal government’s digital footprint is growing at an exponential rate.  But as the amount of data continues to explode, so do the number of cyber adversaries and vulnerabilities in our government’s networks.  And without the proper resources and capabilities to manually defend against this deluge of cyber threats, artificial intelligence (AI) could be the missing link in fully securing our government. […]

In the event of a cyberattack, it’s important for information about the attack to be shared with the public in order to prevent further problems. Jeanette Manfra, assistant secretary for the Office of Cybersecurity and Communications at the Department of Homeland Security, said that the agency shares timely, accurate information with its partners and constituents so that they can take proper action to protect themselves. […]

The May Cybersecurity Executive Order and the White House’s IT Modernization Report have encouraged agencies to look for ways to use shared services to improve cybersecurity. The Department of Justice has been looking into using shared services before the push from the White House, giving the agency a head start at shared services centered on cybersecurity for the enterprise. […]

The Justice Department has evidence to charge six Russian government officials for involvement in the hack of the Democratic National Committee. U.S. authorities are considering charging the Russian officials to make it difficult for them to travel, but they are unlikely to be arrested and prosecuted in the U.S. […]

Tanium, along with its partner World Wide Technology, received a potential five-year, $750 million contract from the Defense Innovation Unit Experimental (DIUx), the Defense Department’s Silicon Valley outfit, to provide managed cybersecurity services to Federal agencies. […]

The Department of Commerce has made strides to manage the IT costs and oversight of new systems before the 2020 Census, after reports of poor oversight and planning. A Government Accountability Office report, released in October, found that the Census Bureau faced challenges in managing and overseeing the IT programs, systems, and contracts supporting the 2020 Census. […]

The Continuous Diagnostics and Mitigation Program last week held its first data exchange between the Federal CDM dashboard and an agency dashboard. All of the CFO Federal agencies have agency dashboards to comply with the CDM program, and the Federal dashboard is in production. […]

The Department of Energy plans to roll out an enterprise risk management framework that would provide cybersecurity data about the agency in one place and enable better information sharing between departments.
“The enemy isn’t a hacker in the basement,” said Micah Czigan, director of the Integrated Joint Cybersecurity Coordination Center for DOE. “The enemy is a world power nation-state.” […]