Attacks by nation-state actors and exploits targeting supply chains are among top cybersecurity concerns of IT officials, a report by CrowdStrike released on Nov. 19 reported. […]
A U.S. Veterans Affairs (VA) Office of Inspector General (OIG) review found unrelated third-party names and social security numbers in a random sampling of Privacy Act responses completed by Records Management Center (RMC) staff. […]
Kevin Cox, program manager for the Department of Homeland Security’s (DHS) Continuous Diagnostics and Mitigation (CDM) program, today discussed the program’s progress in generating AWARE (Agency-Wide Adaptive Risk Enumeration) algorithm scores for Federal agencies to track relative security status, and about how the program plans to refine the scoring process in the future. […]
The Federal government’s new approach to shared services, outlined in the Sharing Quality Services cross-agency priority (CAP) goal, is moving from planning stages to implementation, while emphasizing customer focus and placing an emphasis on a marketplace model, said Federal CIO Suzette Kent. […]
Microsoft said on Nov. 11 that it will “honor” throughout its U.S. operations the “core protections” contained in the California Consumer Privacy Act that is set to take effect in January 2020. […]
Rep. Gerry Connolly, D-Va., chairman of the House Government Operations Subcommittee, said today he would consider adding compliance with the 21st Century Integrated Digital Experience Act’s (IDEA) website modernization standards to the Federal Information Technology Acquisition Reform Act scorecard produced twice a year by the House Oversight and Reform Committee. […]
The Government Accountability Office recommended in a recent report that the Defense Department (DoD) take steps to ensure that the U.S. Air Force develops a “comprehensive acquisition strategy” for its Space Command and Control (C2) program that aims to deliver better capability to protect U.S. space assets from attacks and collisions with space debris. […]
The General Services Administration (GSA) today announced the award of its Second Generation Information Technology (2GIT) Blanket Purchase Agreements (BPAs) that have an estimated value of $5.5 billion over five years. […]
The Consumer Financial Protection Bureau (CFPB) performed well on its fiscal year 2019 FISMA audit, reaching a Level 4 and meeting the threshold for effectiveness, according to a report released October 31 by CFPB’s inspector general. […]
The Cybersecurity and Infrastructure Security Agency (CISA) announced the kick-off of its annual Infrastructure and Security and Resilience Month running through the end of November. […]
The Treasury Department received mixed results on its fiscal year 2019 FISMA audit, with few weak spots identified but still falling below the level of effective, according to the audit released October 25 by the department’s inspector general. […]
The Federal Maritime Commission (FMC), the agency regulating U.S. international ocean transportation, is not responding to cybersecurity vulnerabilities in a timely manner, according to a FISMA audit from its Office of the Inspector General (OIG). […]
The Federal Labor Relations Authority (FLRA) continues to meet Federal Information Security Modernization Act (FISMA) requirements with few areas of concern, according to a report by the FLRA Office of the Inspector General (OIG) released on Oct. 30. […]
A report by the U.S. Consumer Product Safety Commission’s (CPSC) Office of Inspector General (OIG) found that CPSC is making progress in implementing Federal Information Security Modernization Act (FISMA) requirements, but still have more work to do in that area. […]
The Continuous Diagnostics and Mitigation (CDM) program has an important role to play in protecting Federal systems, but the adoption process can be downright scary for some agencies. On Halloween, MeriTalk will host a webinar to dig through the skeletons and challenges in CDM’s closet, shine a flashlight on the success stories of the program, and ultimately help demystify the CDM program for vendors and agencies alike. […]
A spotty risk management strategy, along with poor security control assessment procedures, are undermining the Federal Deposit Insurance Corporation (FDIC)’s ability to identify and detect network security threats, according to an FDIC Office of the Inspector General (OIG) report released on Oct. 23. […]
The Federal Trade Commission (FTC) offered its comments on the draft version of the National Institute of Standards and Technology’s (NIST’s) Privacy Framework, including praise and suggestions for several additions to the policy. […]
The Advancing Cybersecurity Diagnostics and Mitigation Act, H.R. 4237, was unanimously approved by the House Homeland Security Committee on Oct. 23. […]
The FITARA (Federal Information Technology Acquisition Reform Act) Scorecard issued every six months by the House Oversight and Reform Committee could benefit from updates to some of its Federal agency IT scoring categories, several panelists said Oct. 22 at the ACT-IAC Imagine Nation 2019 conference. […]
The Office of Management and Budget (OMB) announced the award of $12 million total from the Technology Modernization Fund (TMF) for two new projects at the Department of Agriculture (USDA) and the Equal Employment Opportunity Commission (EEOC). […]
Federal CIO Suzette Kent said today at ACT-IAC’s Imagine Nation ELC 2019 event that her office’s major goals for Fiscal Year 2020 center on improving service to citizens through a variety of means, and “unleashing” the power of data across the U.S. economy. […]
FBI CIO Gordon Bitko announced on LinkedIn that Oct. 11 was his last day with the agency and will be joining the Information Technology Industry (ITI) Council as senior vice president of policy. […]
The Small Business Administration’s (SBA) Office of the CIO (OCIO) has made improvements in its IT controls deployment, according to a recent Office of the Inspector General (OIG) report. […]
Efforts to advance mobile and cloud services discovery on Federal networks are among the top priorities of the Continuous Diagnostics and Mitigation (CDM) program in FY2020, said CDM Program Manager Kevin Cox this week. […]
Federal CISO Grant Schneider said today that the Trump administration is busy developing implementation plans for various aspects of the National Cyber Strategy that the White House released in September 2018, and that the Continuous Diagnostics and Mitigation (CDM) program is included in that effort. […]
Using cloud-based tools has helped the Small Business Administration (SBA) meet the intent of the Continuous Diagnostics and Mitigation (CDM) program as budget constraints have caused SBA to be more creative with its resources, the agency’s CIO said today. […]
The Securities and Exchange Commission (SEC) Office of Inspector General (OIG) has identified several management and performance challenges at the agency in a report dated Oct. 7. […]
When cybersecurity works at its best, you barely know anything about it. Because highly secure and efficient networks rarely create their own reasons to make the news. […]
Perhaps the most ambitious and transformational information security project ever attempted by the Federal government – the Continuous Diagnostics and Mitigation (CDM) program – is set to go under the microscope on October 10 at MeriTalk’s CDM Central conference dedicated to navigating the Federal cybersecurity roadmap. […]
Tenable’s Federal Business Development Manager Chris Jensen Shares his Thoughts on CDM Progress, Priorities, and Challenges […]