The Department of Housing and Urban Development has named David Chow CIO, beginning earlier this week, a HUD official confirmed to MeriTalk. […]

On the heels of Kelly Olson’s promotion to head the General Services Administration’s Technology and Transformation Services (TTS) organization (LINK to yesterday’s story), the agency is setting into motion a series of leadership changes impacting its FedRAMP operation, among others.

La’Naia Jones, Deputy CIO of the Intelligence Community, said today that the commoditization of hacking capabilities, expansion of IT supply chain exploits, and nation-state use of ransomware have come to the attention of the IC as primary areas of interest in the fight for better cybersecurity.

The Department of Homeland Security is working with multiple Federal agencies to develop a new “risk radar” that will help agencies’ top executives contextualize cybersecurity risk and clarify where they need to apply focus and resources, according to Mark Kneidinger, director of the Federal Network Resilience division of DHS’ Office of Cybersecurity and Communications (CS&C).

Thomas Fanning, chief executive officer of Atlanta-based electric utility holding company Southern Co. and a key player in developing private-sector cybersecurity policy, said today at a Senate subcommittee hearing that he has begun to have interactions with senior Federal government military leaders about capabilities to “hack back” at cyber attackers, but emphasized he believes that those types of retaliatory capabilities need to remain in the hands of the military rather than become a corporate function.

Booz Allen Hamilton confirmed today its selection as prime contractor under the Federal government-wide Continuous Diagnostics and Mitigation (CDM) Dynamic and Evolving Federal Enterprise Network Defense (DEFEND) program for Group D Federal agencies.

A new report from The Century Foundation, a progressive think-tank, urges state law enforcement officials to take action on data privacy regulations in the absence of any substantial movement in that direction by the Federal government.

The Reform Government Surveillance (RGS) coalition, whose members include tech-sector bellwethers such as Microsoft, Google, and Facebook, called on the Senate to take prompt action to confirm nominees to the Privacy and Civil Liberties Oversight Board (PCLOB), which has only one member currently.

Zscaler announced today that its Zscaler Private Access-Government (ZPA-Government) application access platform received FedRAMP Moderate certification to sell across government. ZPA-Government, which received authority to operate by the Federal Communications Commission (FCC), is the first FedRAMP-approved zero trust remote access platform.

People power took the stage during a panel on Thursday at FCW’s Cybersecurity Summit as participants emphasized the importance of supporting cybersecurity personnel to ensure quick and effective responses to threats.

During an Aug. 8 webinar on VMware Cloud on AWS hosted by the Digital Government Institute, participants said that VMware and AWS are setting up a dedicated instance of the service called VMware Cloud on AWS GovCloud (US). This instance is intended to meet standards set by FedRAMP, the Defense Information Systems Agency (DISA), and the International Traffic in Arms Regulation (ITAR).

The Small Business Administration’s (SBA) Deputy CIO Guy Cavallo and CTO Sanjay Gupta said today at the FCW Cybersecurity Summit that their agency’s unorthodox approach to the Continuous Diagnostics and Mitigation (CDM) Program is yielding a ton of practical benefits, even though it required a bit of a departure from CDM’s initial guidelines. Now, SBA is providing a new potential model for other agencies – many struggling with the first of CDM’s four phases – to use when considering how to achieve the outcomes the program intends.

Agencies have 68 days remaining to achieve compliance with the Department of Homeland Security’s (DHS) binding operation directive (BOD) 18-01, which requires the active enforcement of the Domain Message Authentication, Reporting, and Conformance (DMARC) protocol.

Federal CIO Suzette Kent said today at the FCW Cybersecurity Summit that continuous dialogue and attention on cybersecurity priorities are working to move the Federal government collectively in the right direction at a time when the need for unified effort is paramount.

Carol Harris, director for information technology acquisition management issues at the Government Accountability Office (GAO), will take over the FITARA-related responsibilities of Dave Powner–GAO’s departing director of IT issues–while Nick Marinos, director of cybersecurity and information management at GAO, will pick up Powner’s responsibilities on Census issues, GAO confirmed to MeriTalk.  

Ninety-seven percent of Federal finance and procurement professionals feel they aren’t fully prepared for the Modernizing Government Technology (MGT) Act and the new creative vehicles it provides agencies to fund IT modernization initiatives, according to a new study.

Federal agencies must build “identity-aware” infrastructures to effectively monitor and manage user access to information and information systems across their enterprise for more secure and efficient operations, according to cybersecurity experts.

Welcome to MeriTalk News Briefs, where we bring you all the day’s action that didn’t quite make the headlines. No need to shout about ‘em, but we do feel that they merit talk.

In a report released Thursday, the Government Accountability Office (GAO) found that no Federal agency has created policies that fully address the CIO’s role within Federal laws and guidelines, due to gaps in guidance, funding and authority.

A report from the Treasury Inspector General for Tax Administration (TIGTA) finds that the IRS failed to follow FITARA guidelines when purchasing new IT equipment and reporting on the FITARA scorecard.