Several Federal government officials involved in migrating government agencies toward adoption of zero trust security principles agreed during a September 30 ATARC webinar that agencies need to first think through the goals of adopting zero trust architectures before undertaking technology deployments to get there. […]
The Technology Modernization Fund (TMF) Board on September 30 announced seven new awards totaling $311 million to fund Federal agency investments into zero trust networking and digital identity, standardizing secure data and information sharing, and improving interagency collaboration. […]
The U.S. Army Corps of Engineers is looking to enhance its cybersecurity efforts with zero trust security concepts, according to the Corps’ Chief Information Officer (CIO), Dovarius Peoples. […]
The Department of Commerce’s (DoC) Bureau of Industry and Security published a request for comments to gain feedback on what should be included in a report on supply chains for critical sectors and subsectors of the information and communications technology (ICT) industrial base. […]
Sen. Gary Peters, D-Mich., chairman of the Committee on Homeland Security and Governmental Affairs, said on Sept. 15 that the United States’ supply chains are not resilient, and strengthening those supply chains is going to be critical for U.S. competitiveness going forward. […]
Federal CIO Clare Martorana today previewed the goals of ongoing efforts and forthcoming direction from the Office of Management and Budget (OMB) on improving customer/citizen experience (CX) with the Federal government, and set the bar high for expectations for service improvements that will follow. […]
StateRAMP, the nonprofit formed earlier this year by leaders from state and local governments and the private sector to help state and local governments manage their third party supplier cybersecurity risks, has released the initial roster of its Authorized Vendor List (AVL). […]
The House Energy and Commerce Committee was still in the process late Monday of marking up its portion of the $3.5 trillion budget reconciliation bill working its way through the House, but at our deadline was making a big splash with $10 billion of proposed funding for supply chain security. […]
Now that the Office and Management and Budget (OMB) and the Cybersecurity and Infrastructure Security Agency (CISA) have released their new directives for Federal civilian agencies to move to zero trust security principles and expanded cloud adoption, what are some near-term steps that Federal IT and cybersecurity officials should think about as they get ready to put those directives into action? […]
The Biden administration’s latest set of directives that aim to move Federal agencies toward zero-trust security architectures and more cloud adoption are receiving positive initial reviews from Federal IT officials, although leaving some to wonder where funding will come from for agencies to follow through on the directives. […]
The Office of Management and Budget (OMB) and the Cybersecurity and Infrastructure Security Agency (CISA) both published key draft guidance documents today that provide the next set of road maps for Federal civilian agencies to transition to zero trust security concepts over the next three years and to guide agencies to securely migrate to cloud services. […]
The General Services Administration (GSA) announced today that Raylene Yung will lead the Technology Modernization Fund (TMF) as its executive director. […]
Federal IT modernization may see a significant increase in funding, $3.35 billion to be exact, if an amendment from Rep. Gerry Connolly, D-Va., is successful. […]
Nicolas Chaillan, the first-ever chief software officer (CSO) of the United States Air Force (USAF) and co-lead of the Department of Defense (DoD) Enterprise DevSecOps Initiative, announced his resignation today in a post on LinkedIn. […]
Like all Federal agencies, the Office of Personnel Management (OPM) is working on complying with President Biden’s cyber executive order (EO). To help comply with the EO and aid OPM’s modernization mission, the agency has funding requests out to the Technology Modernization Fund (TMF) Board to help OPM with the move to zero trust and cloud modernization, OPM CIO Guy Cavallo said August 31. […]
Ransomware attacks are on the rise and adversaries are developing more sophisticated cyberattacks, but Federal cyber experts agree that “the vast majority” of ransomware attacks active today can be prevented by good basic cyber hygiene practices. […]
The National Archives and Records Administration (NARA) is making bids with the Technology Modernization Fund (TMF) for funding that will help the agency improve cybersecurity and replace legacy systems that run high-value assets, said Sheena Burrell, NARA’s Deputy CIO, at a GovLoop event on August 19. […]
The Federal Risk and Authorization Management Program (FedRAMP) authorization journey can sometimes be a confusing one to navigate, but experts agree that the National Institute of Standards and Technology’s (NIST) Open Security Controls Assessment Language (OSCAL) formats are helping to speed the FedRAMP approval process. […]
With the coronavirus pandemic continuing to provide a stubborn barrier to full-fledged office workplace returns for many Federal agencies, the Commerce Department’s chief information security officer (CISO) spoke on August 17 about paying attention to human-centric aspects of security in the development of next-generation workplaces. […]
Congratulations go out to CIOs and tech staffs from the General Services Administration (GSA) for top score – and to the Department of the Interior (DoI) and the Social Security Administration (SSA) for most improved scores – on the House Oversight and Reform Committee’s FITARA 12.0 Scorecard issued on July 28. […]
As the ink is still drying – or its equivalent for a liquid crystal display screen – on the 12th edition of the House Government Operations Subcommittee’s Federal Information Technology Acquisition Reform Act (FITARA) Scorecard, I pondered the question about whether and how the same measurement could be applied to state-level IT operations and progress. […]
An August 10 memo from Shalanda Young, acting director of the Office of Management and Budget (OMB), is providing instructions to Federal agencies about how to comply with security guidance of “critical software” as directed by President Biden’s executive order (EO) on cybersecurity issued in May. […]
The Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) is still looking for a permanent lead for its Continuous Diagnostics and Mitigation (CDM) program, but Richard Grabowski, the program’s deputy lead, has been elevated to acting program manager in the meantime, CISA told MeriTalk. […]
FedRAMP released its annual survey for FY2021 today. […]
The Government Accountability Office (GAO) published a fresh update on its priority open recommendations for the Department of Defense (DoD), showing that while the Pentagon has been busy trying to satisfy numerous prior recommendations from the watchdog agency, its overall to-do list from GAO is staying about the same because a steady stream of new recommendations are being added. […]
The Cybersecurity and Infrastructure Security Agency (CISA) released a new training guide to help IT professionals advance their careers in the Federal and state, local, tribal, and territorial cybersecurity communities. […]
A new tool from MeriTalk and stackArmor is providing insight into the Federal Risk and Authorization Management Program (FedRAMP), and helping cloud service providers (CSPs) make data-driven decisions while pursuing their authorization journey. […]
The 12th edition of the House Oversight and Reform Committee’s FITARA Scorecard issued on July 28 offered a mildly positive story of progress that the largest Federal government agencies are making against a range of IT-related goals. But that’s not where the real news came from in the committee’s semiannual exercise on keep agencies honest on the tech front. […]
Federal Chief Information Security Officer Chris DeRusha said today that working to update the Federal Information Security Management Act (FISMA) – and generate more useful Federal agency cybersecurity metrics as a result – are among his top priorities currently. […]
On August 2, the Cybersecurity and Infrastructure Security Agency (CISA) announced that it would be extending the Information and Communications Technology (ICT) Supply Chain Risk Management (SCRM) Task Force to July 31, 2023. […]