As the White House’s Office of Management and Budget (OMB) works to modernize the Federal Risk and Authorization Management Program (FedRAMP), one OMB official said this week that the agency is looking to scale the FedRAMP Marketplace and create new authorization paths. […]

The Defense Information Systems Agency (DISA) expects to roll out its Thunderdome program to 60 sites in fiscal year (FY) 2024 – thus far the agency has deployed the zero trust program to 23 sites, an agency spokesperson confirmed. […]

Federal CIO Clare Martorana forecasted this week that the hundreds of millions of dollars of investments that the Technology Modernization Fund (TMF) has made in recent years to jumpstart Federal agency security improvements will be bearing fruit within the next 12 months. […]

While the Cybersecurity and Infrastructure Security Agency (CISA) developed its Continuous Diagnostics and Mitigation (CDM) program in 2012 with a monolithic software architecture, a top CISA tech official said today the program is looking to evolve to become “a lot more flexible and modular.” […]

A review of the Defense Department’s component-level zero trust security implementation plans is painting a clearer picture of trends and challenges running through the three-dozen-plus plans – including the vital importance of proper funding for components, and achieving interoperability across component zero trust plans – to meet DoD’s 2027 zero trust deployment goal. […]

Former chief of the U.S. Fleet Cyber Command said today that the Federal government and industry must be prepared to work together in the face of adversarial attacks against U.S. critical infrastructure like the electric grid. […]

The Cybersecurity and Infrastructure Security Agency’s (CISA) Continuous Diagnostics and Mitigation (CDM) program is focusing closely on a range of goals for the remainder of fiscal year (FY) 2024 including expanding the program’s asset management capabilities to include mobile and cloud services, and leveraging the fruits of the program’s endpoint detection and response (EDR) capabilities to help CISA provide better security intelligence across Federal civilian agencies. […]

Two members of the Technology Modernization Fund (TMF) Board said today that the group is prioritizing shareable playbooks so all of the Federal government can benefit from agencies’ modernization projects. […]

The Technology Modernization Fund (TMF) announced two new investments today totaling over $47 million that will help NASA and the Department of Labor (DoL) address security vulnerabilities and update legacy technology. […]

How do Federal cyber practitioners adapt to an increasingly complex attack surface? Where do Federal security leaders turn to reimagine the future cyber landscapes? Find answers to both of those questions at Adapt 2024: Reimagining Our Federal Cyber Future – a one-day event that brings together IT, cybersecurity, and operations leaders to unpack the complex security challenges that face U.S. government agencies. […]

The Department of Defense (DoD) is on track to meet its 2027 zero trust cybersecurity framework goal, top Pentagon officials said this week. […]

The Department of Defense (DoD) officially approved zero trust implementation plans from all of its components last month, and the agency is now looking to focus on “minimum viable solutions” for the plans by tackling specific security-related issues each year. […]

Despite Congress recently rescinding $100 million in funding for the Technology Modernization Fund (TMF), a top TMF official today shared that none of the fund’s current projects are at risk from that move, and that the TMF Board plans to soon announce awards for  several additional AI-driven projects. […]

The General Services Administration (GSA)’s new roadmap for its Federal Risk and Authorization Management Program (FedRAMP) is pivoting to look more at the “whole customer journey,” a GSA official said this week. […]

Matt House, who runs the Cybersecurity and Infrastructure Security Agency’s (CISA) Continuous Diagnostics and Mitigation (CDM) program, previewed today that his office is working on an effort to better explain how the CDM program supports the Federal government’s push toward zero trust security architectures, and specifically the Zero Trust Maturity Model (ZTMM) that CISA last updated in April 2023. […]

The General Services Administration (GSA) announced on Monday that a new electric vehicle supply equipment (EVSE) product, provided by Atom Power, has achieved authorization under the Federal Risk and Authorization Management Program (FedRAMP). […]

The General Services Administration’s (GSA) Federal Risk and Authorization Management Program (FedRAMP) released a new roadmap today outlining how the program will evolve in the next 18 months, focusing on key goals such as customer experience (CX) and cybersecurity leadership. […]

The fiscal year (FY) 2024 Financial Services and General Government (FSGG) appropriations bill released by the House and Senate Appropriations Committees today aims to rescind $100 million in funding for the Technology Modernization Fund (TMF) that Congress approved in 2021 as part of a $1 billion infusion into the fund. […]

Brian Conrad, acting director of the General Services Administration’s (GSA) Federal Risk and Authorization Management Program (FedRAMP), is stepping down from his position. […]

MeriTalk recognized 14 Federal agencies for their excellence in IT during the FITARA Awards ceremony at Tech Tonic on Thursday, joined by Rep. Gerry Connolly, D-Va., ranking member of the House Oversight Subcommittee on Cybersecurity, Information Technology, and Government Innovation. […]

Rep. Gerry Connolly, D-Va., is pledging that Congress will continue to undertake vibrant oversight of Federal agency IT and cybersecurity-related progress through the FITARA Scorecard that has been published twice a year – usually by the House Oversight and Accountability Committee – since 2015. […]

Two of the Federal government’s top cybersecurity officials praised a new White House report this week that offers four recommendations to fortify the resilience of the nation’s critical infrastructure – including establishing performance goals and ramping up funding for agencies that oversee the sectors. […]

The Department of Defense (DoD) has officially approved zero trust implementation plans from all 41 of its components as it inches closer to its goal of implementing a zero trust architecture across the entire department by 2027. […]

As Federal agencies continue on their zero trust journeys, Federal officials on Thursday stressed the importance of being intentional with their cybersecurity tools and budgets in order to remain a step ahead of adversaries. […]

A top NASA official on Feb. 29 used a catastrophic visual to capture the challenge of securing both operational technology (OT) devices and IT in the push for zero trust. […]

The Department of Defense (DoD) is well on its way to implementing an enterprise-wide zero trust architecture following review of implementation plans from DoD organizations, the department’s zero trust lead said today, although the process has not been without its bumps in the road. […]

The head of IT at the Department of Justice (DoJ) today laid out how zero trust must be incorporated into the five strategic pillars of “good IT operations,” including enhancing cybersecurity and elevating the workforce.   […]

MeriTalk’s gearing up for our Tech Tonic Paddy’s Day Parade at Mortons in DC on March 14th. We’ll lead off with Federal IT’s favorite leprechaun, Congressman Gerry Connolly, lilting on the new CIO FITARA report card. […]

It’s been two years since the White House sent marching orders to agencies on implementing key zero trust security initiatives. Join MeriTalk and Gigamon on Feb. 29 in Washington, D.C. for a holistic look at the government’s progress and how to secure the future of government. […]

Top officials from several private sector firms that are helping the Federal government modernize its technology and cybersecurity capabilities told MeriTalk that last week’s FITARA Scorecard gradings for the largest Federal agencies in several IT-driven categories are shining a necessary light on government’s need to make more progress in implementing longstanding cloud policy directives. […]