The Department of Justice (DoJ) is launching a four-month effort to reevaluate its strategies to combat cybersecurity threats in light of increases in ransomware and supply-chain attacks and the tendency of attackers to use U.S.-based infrastructure to launch their exploits, said the United States Deputy Attorney General Lisa Monaco on April 30 at a security conference in Germany. […]
The National Security Agency (NSA) is recommending that National Security System (NSS), Defense Department (DoD), and Defense Industrial Base (DIB) network owners perform a detailed risk analysis before creating cross-domain connections and currently connected operational technologies (OT). […]
The National Geospatial-Intelligence Agency (NGA) issued a request for information (RFI) for a cloud-based case management tracking system (CMTS). […]
The U.S. Department of Agriculture (USDA) has issued the seventh update in its quest for a cloud-based Common Enterprise Loan Origination and Servicing (CELOS) platform. […]
MeriTalk’s latest installment of the Continuous Diagnostics and Mitigation (CDM) research series, “CDM: More Critical Than Ever,” explores how the CDM program can help agencies build resilience after a series of high-profile cyberattacks involving SolarWinds Orion and Microsoft. […]
The Department of Energy (DoE) – with help from industry and the Cybersecurity and Infrastructure Security Agency (CISA – is kicking off a 100-day effort to improve electric infrastructure cybersecurity, the White House and DoE said today. […]
The Federal government is curtailing its “surge” response to the SolarWinds Orion and Microsoft Exchange hacks after seeing improvements in patching that have helped to remediate the impacts of the cyber attacks, the Biden administration said today. […]
A 2019 tweak by the Office of Management and Budget (OMB) to the definition of a data center – and thus how the Federal government proceeds with its Data Center Optimization Initiative (DCOI) aimed at sharply cutting the number of data centers that Federal agencies operate – is having the effect of leaving the government more vulnerable to cyberattacks, a Government Accountability Office (GAO) official concurred today. […]
President Biden today issued executive orders (EO) that blame, shame, and sanction the Russian government for perpetrating the SolarWinds Orion supply chain cyber attacks, and interfering with U.S. elections, among other transgressions. […]
According to Civilian Deputy for the Defense Information Systems Agency (DISA) Services Directorate (SE) Jeff VanBemmel, securing connections is one of the bigger challenges Defense Department Information Networks (DODIN) are facing today after years of a “castle-defense mentality.” […]
In a letter to top Federal cybersecurity experts, Homeland Security and Governmental Affairs Chairman Sen. Gary Peters, D-Mich., and Sen. Rob Portman, R-Ohio, ranking member on the committee, are requesting information on how U.S. cyber defenses were unprepared for the recent SolarWinds Orion and Microsoft Exchange compromises and on the limitations of the EINSTEIN system. […]
The Army’s Combat Capabilities Development Command (DEVCOM) is searching for a Commercial-Off-the-Shelf (COTS) Talent Acquisition and Hiring Event Management Software, according to an RFI posted on Beta.Sam.gov. […]
The U.S. Department of Agriculture (USDA) has issued a second update to its quest for a cloud-based Common Enterprise Loan Origination and Servicing (CELOS) platform. […]
Department of Homeland Security (DHS) Secretary Alejandro Mayorkas on March 31 previewed six “sprints” planned by DHS and its Cybersecurity and Infrastructure Security Agency (CISA) component throughout 2021 to bolster Federal cybersecurity across a range of areas including ransomware, industrial control system (ICS) security, and workforce development. […]
Cybersecurity experts stressed this week that Federal agencies must keep stay focused on future threats and on moving toward adoption of zero trust security concepts, although they acknowledged that the latter tasks is “easier said than done.” […]
As agencies have continued to close data centers by participating in the Office of Management and Budget’s (OMB) Data Center Optimization Initiative (DCOI), adapting to new technologies and cybersecurity must be front of mind for these closures, a Government Accountability Office expert said today. […]
The Department of Defense’s (DoD) Cybersecurity Maturity Model Certification (CMMC) program is under internal review at the Pentagon with an eye toward “potential improvements” to implementation of the program, a DoD spokesperson confirmed to MeriTalk. […]
When it comes to modernization and innovation for Federal agencies, the U.S. Air Force (USAF) is emphasizing that software and cybersecurity are foundational to its digital modernization strategy. […]
The National Institute of Standards and Technology (NIST) has released draft guidance to help local election officials reduce the risk of cyberattacks on election systems, and is seeking public comment on the draft. […]
A group of bipartisan senators wrote a letter to Jennifer Granholm, Department of Energy (DOE) secretary, to voice their support for keeping the Office of Cybersecurity, Energy, Security, and Emergency Response (CESER). […]
U.S. Customs and Border Protection (CBP) issued a request for information (RFI) regarding the private sector capabilities to support key capabilities of an Incident-Driven Video Recording System (IDVRS) program – body-worn cameras (BWC), video management systems (VMS), IT infrastructure, cloud-based storage systems, and other interrelated systems supporting incident-driven recordings. […]
The FedRAMP Program Management Office (PMO) announced March 24 that it has recently joined YouTube. The PMO said its channel will serve as “a one-stop source for quick, simple, informative videos on FedRAMP tutorials, and program updates.” […]
As adversaries from overseas continue to threaten the cybersecurity of U.S. companies and organizations, National Security Agency (NSA) director and U.S. Cyber Command (CYBERCOM) chief Gen. Paul Nakasone told senators today that Defense Department (DoD) agencies need to be able to operate more freely within the U.S. to deal with those threats swiftly. […]
Sen. Ed Markey, D-Mass., and Rep. Ted Lieu, D-Calif., reintroduced the Cyber Shield Act, which would create a voluntary system to certify cybersecurity protections for internet of things (IoT) devices. […]
With Federal government cloud spending on the rise, and four out of five Federal IT decision makers saying their agencies use multiple cloud platforms to satisfy different IT needs, cloud management capabilities are becoming more important than ever. […]
The Department of Homeland Security (DHS) is seeking comments on an Information Collection Request (ICR) to the Office of Management and Budget (OMB) to allow DHS to assist executive branch agencies in collecting cybersecurity vulnerability information and post the information on their own agency websites. […]
The Naval Sea Systems Command (NAVSEA) has issued an update to its request for information (RFI) seeking industry input as it looks to invest in ship-mounted cloud computing infrastructure as part of the Navy’s broader future strategy for network-centric naval warfare. […]
The United States Census Bureau is turning to cloud services, in the form of Software-as-a-Service (SaaS), to design and deploy surveys. […]
The Department of Labor (DOL) must clarify whether plan administrators are responsible for mitigating cybersecurity risks and set minimum expectations for protecting personally identifiable information (PII), a report by the Government Accountability Office (GAO) said. […]
The nine Federal agencies whose networks were compromised in the Russia-backed hack via SolarWinds Orion products are close to finishing their remediation reviews, and the government is planning new deployments of unspecified security and IT modernization technologies to avoid a repeat of the intrusions, a senior Biden administration official said during a background briefing on March 12. […]