The Office of Management and Budget (OMB) released a memo on implementing the first phase of the Foundations for Evidence-Based Policymaking Act, including deadlines for naming agency chief data officers (CDO), creating data governance bodies, and developing learning agendas. […]
The Internet Society’s Online Trust Alliance (OTA) released its Cyber Incident & Breach Trends Report for 2018 today, which found that cyber incidents cost $45 billion last year on a worldwide basis. The report also emphasized that 95 percent of those incidents could have been avoided. […]
In a report submitted to Congress June 26, the Election Assistance Commission (EAC) provided a comprehensive update regarding U.S. election systems and security, and identified how EAC data can be used to shore up election cybersecurity. […]
The Office of Management and Budget in coordination with the Department of Homeland Security recently proposed an update to the Trusted Internet Connections (TIC) policy: TIC 3.0. Still in draft form, TIC 3.0, proposes increased cloud security flexibility for federal agencies, and the opportunity to use modern security capabilities to meet the spirit and intent of the original TIC policy. […]
Members of the House Homeland Security Committee’s Subcommittee on Cybersecurity, Infrastructure Protection, and Innovation discussed at a June 25 hearing ways the Federal government can help state and local governments (SLGs) deal with their cybersecurity challenges, including providing funding and opportunities to collaborate. […]
The Office of Management and Budget (OMB) finalized the Data Center Optimization Initiative (DCOI) policy on June 25, largely keeping the draft policy in place despite criticisms from Congress and industry. […]
The Census Bureau did not implement security baselines and basic security practices for its cloud implementation, leading to “severe risks to 2020 Census cloud environments,” according to an audit from the Department of Commerce Inspector General released June 19. […]
The Office of Management and Budget finalized its Cloud Smart policy today, making no major changes from the draft policy released in September 2018. […]
The Department of Agriculture (USDA) is seeing strong results from its effort to expand data analytics across the agency, and is meeting targets and exceeding goals on stakeholder buy-in, according to a June 20 update to the agency’s goals under the President’s Management Agenda. […]
In its June update to its agency goals under the President’s Management Agenda, the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) revealed it is unlikely to meet goal on cyber hygiene scanning, intrusion detection, and high value asset vulnerability mitigation. […]
With vendors in various stages of approval for companies in the Federal Risk Assessment and Management Program (FedRAMP) program, getting a cloud offering approved and at the right level can be confusing, but new guidance from the FedRAMP program management office (PMO) aims to fix that. […]
Sens. Gary Peters, D-Mich., and Rob Portman, R-Ohio, introduced the State and Local Government Cybersecurity Act on June 18. […]
The National Institute of Standards and Technology (NIST) released a draft of a new publication offering additional guidance for securing Controlled Unclassified Information (CUI) in non-Federal systems, aimed at protecting high value assets from foreign adversaries. […]
The General Services Administration (GSA) pedestalled the National Oceanic and Atmospheric Administration (NOAA) for its successful cloud migration in a June 18 blog post. […]
Sens. Cory Gardner, R-Colo., and Ed Markey, D-Mass., introduced the Hack Your State Department Act on June 12. […]
The National Institute of Standards and Technology (NIST) released the finalized version of Special Publication (SP) 800-205 today, offering a guide for implementing attributes in Federal access control systems. […]
A new zero-day flaw has been discovered in a TP-Link Wi-Fi extender, according to an IBM blog post published today. […]
The United State Patent and Trademark Office (USPTO) did not properly manage its active directory, leaving multiple vulnerabilities and showing little improvement from previous audits of the agency’s cybersecurity posture, according to a Department of Commerce Office of Inspector General (IG) report released June 13. […]
Among the many amendments that representatives will pitch next week to adjust the House spending package, Reps. Anthony Brown, D-Md., and Tim Walberg, R-Mich., look to introduce amendments to increase cybersecurity funding. […]
Seven companies – Box, Dropbox, Okta, Slack, Twilio, Workday, and Zendesk – announced the launch of the Enterprise Cloud Coalition (ECC) on June 13. […]
The FedRAMP program has provided more authorizations to software-as-a-service (SaaS) applications and reduced the time to authorization in the last three years of the program, according to an analysis of the program. […]
Today, Reps. Jim Himes, D-Conn., and John Ratcliffe, R-Texas introduced new legislation that would establish election interference as a Federal crime. The bipartisan bill, dubbed the Defending the Integrity of Voting Systems Act, would make it a Federal crime to hack a voting system used in a Federal election. […]
The latest survey by Unisys of consumer security concerns found that Americans are more alarmed about the possibility of identity theft and bankcard fraud than they are about national security in general. […]
Federal agencies should strive to bring talent with cloud migration and development skills in-house rather than hiring contractors to handle migrations, said Major Gen. John Ferrari, director of the Army Program Analysis and Evaluation Office. […]
The Congressional Budget Office (CBO) estimated on June 7 that H.R.1648, the Small Business Advanced Cybersecurity Enhancements Act of 2019, will cost about $2 million annually to implement, and $11 million in total between 2019 and 2024, if the bill is enacted. […]
Sen. Ron Wyden, D-Ore., requested information on how the Department of Justice (DoJ) is securing its offensive cyber tools in a June 5 letter to Attorney General William Barr. […]
The National Oceanic and Atmospheric Administration (NOAA) extended a request for information on a potential enterprise data exchange to share weather observations across the globe. Responses are now due by June 17. […]
The Office of Management and Budget (OMB) released the finalized framework of the Federal Data Strategy, as well as a draft of its year one action plan today, cementing the administration’s approach to data under the President’s Management Agenda and setting out new activities for agencies to complete. […]
A study from the Cloud Security Alliance found that organizations continue to move to the public cloud, but security concerns still linger around data leakage and unauthorized networks. […]
The Congressional Budget Office (CBO) released its cost estimate for the Small Business Administration (SBA) Cyber Awareness Act, H.R. 2331 and S. 772, on May 20, and said the bill would cost nothing to implement. […]