The Continuous Diagnostics and Mitigation (CDM) Program – for several years a bedrock asset in the government’s bid to improve Federal agency cybersecurity – is having a decisive impact in furthering agency work on requirements of the Biden administration’s year-old Cybersecurity Executive Order (EO), new research findings from MeriTalk shows. Long before the 2021 Cyber […]

As the General Service Administration’s (GSA) Federal Risk and Authorization Management Program (FedRAMP) program looks to transition to Revision 5 (Rev. 5) baselines – in accordance with the National Institute of Standards and Technology’s (NIST) Rev. 5 security and privacy controls – Acting Director of FedRAMP Brian Conrad said the agency has been  able to decrease the number of controls for improved usability. […]

House Government Operations Subcommittee Chairman Gerry Connolly, D-Va., said today he is looking for final congressional approval in the near term for legislation he has championed for the past several years that would codify into Federal law the General Services Administration’s Federal Risk and Authorization Management Program (FedRAMP). The program certifies the security of cloud technologies for Federal government use. […]

Nearly two-thirds – 63 percent – of Federal mission and IT officials surveyed earlier this year believe their agencies are on track to meet the Office of Management and Budget’s zero trust security targets by the end of Fiscal Year 2024, according to new research published today by General Dynamics Information Technology (GDIT). […]

The U.S. Chamber of Commerce has written a letter to both Senate and House Appropriations committees expressing its support of adding $300 million or more to the Technology Modernization Fund (TMF) for fiscal year (FY) 2023. […]

Reps. Anna G. Eshoo, D-Calif., and Blake Moore, R-Utah, have introduced legislation to bolster the production of U.S.-made printed circuit boards (PCB) and to strengthen related supply chain security. […]

The never-ending rise of cyberattacks on government agencies and critical infrastructure providers underlines the urgent need for both government and the private sector to accelerate toward more agile and resilient cybersecurity models. Government and industry cybersecurity experts will point the way forward to more resilient security postures when they gather on Thursday, May 19 from […]

The Office for the Director of National Intelligence (ODNI) report that details intelligence agencies’ surveillance practices annually shows that the FBI ran approximately 3.4 million searches against U.S. citizens using data collected from Section 702 inquiries without a warrant. […]

One of Federal agencies’ primary challenges is ensuring that they are properly managing and securing sensitive data, particularly controlled unclassified information (CUI). Even though CUI is unclassified, it requires special handling and safeguarding. The Defense Counterintelligence and Security Agency notes that loss of aggregated CUI is one of the most significant risks to national security. […]

Several industry groups have written to Congress urging the allocation of additional funding for technology modernization across the Federal government as part of the fiscal year (FY) 2023 budget and by meeting or exceeding the budget request for the Technology Modernization Fund (TMF) for 2023. […]

A Small Business Administration (SBA) Office of Inspector General (OIG) report summarizing the results of its fiscal year (FY) 2021 Federal Information Security Modernization Act (FISMA) evaluation rates SBA’s overall program of information security as “not effective.” […]

Join MeriTalk and Cohesity on May 3 from 1:30 p.m. to 2:30 p.m. Eastern time for a fresh assessment of high value asset protection at Achieving Cyber Resiliency: A Roadmap to Protect Agency High Value Assets webinar. […]

The Defense Information Systems Agency’s (DISA) Thunderdome zero trust project, along with associated identity, credential, and access management (ICAM) efforts, is currently in the process of standing up capabilities in a lab setting before testing it in fielded networks and eventually doing an operational assessment this fall. […]

Historically, Federal agencies have been instructed to be secretive on cyber matters, but a key step in fortifying the software supply chain is clear and constant information sharing, according to Jeanette McMillian, the assistant director for Supply Chain and Cyber at the National Counterintelligence and Security Center. […]

As the one-year anniversary of the Biden administration’s cybersecurity executive order (EO) nears, join Federal government and industry experts on May 19 for MeriTalk’s in-person Cyber Central conference to explore how agencies are building a more resilient government cybersecurity posture. […]

A Defense Information Systems Agency (DISA) official said today that the next focus area for work on the agency’s Thunderdome zero trust prototype project is user convenience. […]

The Technology Modernization Fund (TMF) said today it awarded $10.5 million to the Department of Veterans Affairs (VA) for the agency to implement the General Services Administration’s (GSA) Login.gov single sign-on technology across multiple VA websites. […]

The Transportation Security Administration (TSA) has appointed Yemi Oshinnaiye to serve as its next chief information officer (CIO), an agency spokesperson confirmed to MeriTalk. […]

Federal agencies are continuing to work towards implementing zero trust security architectures, but which of the Office of Management and Budget’s (OMB) security pillars will take precedence in zero trust development? […]

The Government Accountability Office (GAO) needs to do more work to protect data and systems through privacy program improvements, an agency Office of Inspector General (OIG) report found. […]

The Cybersecurity and Infrastructure Security Agency (CISA) is partnering with the Office of the Director of National Intelligence (ODNI) to promote a call to action for organizations to focus on protecting information and communications technology (ICT) supply chains, under the banner “Fortify the Chain.” […]

The Biden administration is asking for $300 million of additional money for the Technology Modernization Fund (TMF) in Fiscal Year 2023 – an amount that would backfill most of the $320 million that the fund has awarded to Federal agencies since it received its $1 billion infusion in the American Rescue Plan Act last year. […]

Federal agencies are showing urgency and pushing hard to meet challenging zero trust security implementation deadlines following rollout of the Office of Management and Budget’s (OMB) zero trust strategy in January, government and industry experts agreed during a March 15 webinar hosted by MeriTalk and Merlin Cyber. […]

Senate leadership is making the legislative moves necessary to begin work in earnest on reconciling two different versions of innovation and competition legislation that features billions of funding to boost domestic semiconductor production and create a new technology directorate at the National Science Foundation (NSF). […]

In a posting on USAJobs.gov, the Office of Management and Budget (OMB) announced it is looking for a new deputy Federal CIO to replace Maria Roat, who is retiring at the end of March. […]

Federal Chief Information Security Officer Chris DeRusha gave a relatively upbeat assessment today on strides that Federal IT leadership and agencies have been making on implementing the Cybersecurity Executive Order that the Biden administration issued ten months ago. […]

The Consolidated Appropriations Act of 2022 (H.R. 2471), introduced by Rep. Rosa DeLauro, D-Conn., would fund the Federal government through the end of fiscal year (FY) 2022 and includes language on cyber incident reporting for critical infrastructure (CI) requirements. […]

Gerald Caron, CIO and assistant inspector general for information technology at the Department of Health and Human Services (HHS) Office of the Inspector General (OIG), said today he wants Federal agencies to move away from looking at zero trust as a checklist and instead focus on its practical effectiveness to prevent cyberattacks. […]

Two senior House leaders on Federal technology issues said today they are looking for decisive action soon on legislation to update the Federal Information Security Management Act (FISMA), and codify and improve the General Services Administration’s Federal Risk and Authorization Management Program (FedRAMP). […]

As Federal agencies embark on their years-long transition to zero trust security architectures, the technologies feeding into network endpoint security loom large on the list of essential pillars upon which zero trust relies.   […]