Cybersecurity

Identity management is one of the main pillars of the Cybersecurity and Infrastructure Security Agency’s (CISA) Zero Trust Maturity Model, but CISA’s program lead for the Trusted Internet Connection (TIC) program office Sean Connelly said that while identity is an important pillar, it should not be the only pillar agencies focus on. […]

Big Data Analytics

The Department of Energy (DoE) could improve how it manages its fraud, waste, and abuse practices by improving access to the data used by the agency and its contractors for data analysis, as well as using all tools available to keep the department’s research secure, according to a Nov. 26 DoE Office of the Inspector General (OIG) report. […]

As the Senate returns to work on Nov. 29 with the completion of debate on the Fiscal Year (FY) 2022 National Defense Authorization Act (NDAA) at the top of its agenda, lawmakers will be looking to tack on a host of cybersecurity-related amendments to the defense spending bill. […]

As the Federal government continues to focus on boosting the nation’s cybersecurity hygiene, Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly said Nov. 18 that visibility and modernization are the keys to improving the nation’s cybersecurity posture. […]

Data

The United States Postal Regulatory Commission is working to hire its first-ever chief data officer (CDO) and establish a Data Governance Board, Michael Kubayanda, nominee for commissioner at the Postal Regulatory Commission, told a Senate committee. […]

After a potential setback late last week, Sens. Gary Peters, D-Mich., and Rob Portman, R-Ohio, are still looking to attach their legislation to reform the Federal Information Security Modernization Act (FISMA) added to the Senate’s fiscal year (FY) 2022 National Defense Authorization Act (NDAA) making its way through the chamber, a Senate Homeland Security and Governmental Affairs Committee staffer told MeriTalk. […]

Federal money spending government

An FBI official did not deny prior reports that the agency held the decryption key from the Kaseya ransomware attacks for multiple weeks without giving it to parties victimized by the attacks but told the House Oversight and Reform Committee at a Nov. 16 hearing that it chose to do so in the interest of figuring out how to achieve the widest-ranging impact from the key. […]

three-keys-to-cybersecurity

The Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) released new Cybersecurity Incident and Vulnerability Response Playbooks today, completing a vital assignment from President Biden’s Cybersecurity executive order (EO). […]

Cybersecurity

Sponsors of two major pieces of legislation that would make formative changes to the way that private sector companies report cyberattacks to the government – and how Federal government agencies conduct their own cyber defenses – are hitching their hopes for passage to annual defense spending legislation that traditionally gets strong bipartisan support from lawmakers. […]

With K-12 educational institutions increasingly targeted by ransomware and other cyber attacks during the coronavirus pandemic, the Government Accountability Office (GAO) is pushing the Department of Education to update its plans – which currently date from 2010 – for addressing cyber risks faced by schools. […]

We’re experiencing an evolution towards a cloud-native government, where capabilities are viewed as modular and shared like a commodity. To meet mission requirements into the future, this evolution will allow agencies to continuously adapt – flexing these modular, shared cloud-based capabilities to their changing needs. […]

Cloud

With an international focus on climate change after the United Nation’s Climate Change Conference, Department of Energy (DoE) CIO Ann Dunkin said today that data center consolidation is helping to reduce the agency’s carbon footprint, and pointed to the further use of scalable cloud-native apps as the next step in that campaign. […]

Congressional backers of another big shot of funding for the Technology Modernization Fund (TMF) are not ready to take no for an answer. After a proposed $1 billion of additional funding for TMF was stripped late last month from House Democrats’ committee-level proposals for the Build Back Better Act, a new amendment to the legislation offered by Rep. John Yarmuth, D-Ky., would add $250 million of TMF funding as part of a larger $500 million proposal to advance IT modernization programs. […]

Cyber America Connected Internet of things

After more than two months of angling and dealmaking, the House of Representatives voted to approve the $1 trillion Infrastructure Investment and Jobs Act – also known as the Bipartisan Infrastructure Framework – on November 5, sending the bill along with its $2 billion in cyber funding and $65 billion in broadband appropriations to President Biden’s desk for final approval. […]

Cybersecurity

Federal agencies as a group are “close” to completing work to put in place the first two of the Continuous Diagnostics and Mitigation (CDM) program’s four key capabilities, said Betsy Kulik, senior advisor for the Cybersecurity and Infrastructure Security Agency’s (CISA) CDM program, at a November 4 online event organized by FCW. […]

Pentagon Military Defense DoD

After a lengthy review process, the Department of Defense today issued an update to its Cybersecurity Maturity Model Certification (CMMC) program – dubbed CMMC 2.0 – that will simplify some of the cybersecurity requirements for contractors in the Defense Industrial Base (DIB) looking to do business with the government. […]

CISA
cybersecurity
Cybersecurity

With an evolving cyber threat landscape and adversaries that are growing more sophisticated by the day, National Security Agency (NSA) Director Gen. Paul Nakasone – who also heads United States Cyber Command (CYBERCOM) – today pointed to partnership and collaboration as the best way to protect the nation from cyber threats. […]

CISA

An official at the Cybersecurity and Infrastructure Security Agency (CISA) is applauding the work of a private cybersecurity firm that, in collaboration with CISA, helped victims of the BlackMatter ransomware group, according to a new report from the New York Times. […]

NIST

Dr. Laurie Locascio, the White House’s nominee to be the next director of the National Institute of Standards and Technology (NIST), told senators this week that she will prioritize cybersecurity of internet of things (IoT) devices, and bridging the cyber workforce gap if she is confirmed to head the agency. […]

Cybersecurity
CISA

The Senate Appropriations Committee released nine appropriations bills for fiscal year (FY) 2022 on October 18 including a Homeland Security funding bill that would give the Cybersecurity and Infrastructure Security Agency (CISA) a 30 percent budget increase over FY2021 levels, to $2.638 billion. […]

The Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) released a joint advisory on Oct. 18 warning organizations that the BlackMatter ransomware group is targeting U.S. critical infrastructure entities. […]

cybersecurity

The Joint Cyber Defense Collaborative created in August by the Cybersecurity and Infrastructure Security Agency (CISA) has the potential to greatly help Federal government authorities and private sector firms better “connect the dots” on global threats in cyberspace, said National Cyber Director Chris Inglis in remarks on October 13 during CISA’s National Cybersecurity Summit event. […]

ransomware

Cybersecurity and Infrastructure Security Agency (CISA) Executive Director Brandon Wales said today that the private sector needs to do more to help the government combat ransomware attacks, and expressed hope that the recently formed Joint Cyber Defense Collaborative (JCDC) effort between government and industry will go a long way toward providing a coordinated approach to deal with those and other cybersecurity threats. […]

cloud

Following on the successes of the FedRAMP program that certifies cloud services as secure to use for Federal government agencies, the home-grown StateRAMP program is forging ahead with similarly vital services to state and local governments and institutions of higher learning, state, and industry leaders explained on October 5 during MeriTalk’s StateRAMP: Taking the On-Ramp to Secure SLED Cloud Solutions online event. […]

Categories