Senate FY2019 funding for the Technology Modernization Fund (TMF) remains stuck on zero following the Senate’s approval earlier today on a 92-6 vote of a “minibus” appropriations bill that wraps together four separate spending bills including one to fund financial services and general government (FSGG) budgets.






[…]

2018 Cyber Security Brainstorm

Panelists at MeriTalk’s Cyber Security Brainstorm on Thursday will shed light on a host of vital cybersecurity issues, including threats to control systems, the foundational importance of security to IT modernization efforts, and the keys to success in risk-based security practices, according to a sneak peek into the thinking of just a few of the 25 experts scheduled to speak.






[…]

Security in the cloud is a shared responsibility between cloud service providers (CSPs) and government organizations. CSPs provide agencies with a secure platform to operate on, but it is the responsibility of agency security leaders to ensure the applications that are being hosted have been hardened, according to security experts.






[…]

Booz Allen Hamilton has won a task order worth up to $1.03 billion to provide services under the Continuous Diagnostics and Mitigation (CDM) Program to CDM’s Group D Federal agencies, according to contracting information on the General Services Administration’s (GSA) Federal Procurement Data System.






[…]

At a House Homeland Security Committee hearing on Wednesday, July 25, to examine findings of the Federal Cybersecurity Risk Determination Report and Action Plan released by the Office of Management and Budget (OMB) in May, lawmakers and private sector witnesses hailed new legislation as a necessary – but on its own insufficient – step to bring down the security risks of three-quarters of Federal agencies deemed in cyber danger.






[…]

Rep. Gerry Connolly, D-Va., said today that he introduced legislation – the Federal Risk and Authorization Management Program (FedRAMP) Reform Act – which would codify the FedRAMP program in Federal law and address what the congressman said are shortcomings of the program, including the slow pace of implementing standardized practices and realizing efficiencies in the certification process.






[…]

The House Oversight and Government Reform Committee’s information technology and government operations subcommittees held a joint hearing Wednesday to key in on the most salient, persistent, and omnipresent issue in Federal agency IT: cybersecurity. On hand to testify were Federal CIO Suzette Kent, and Comptroller General Gene Dodaro, seeking to illuminate congressional inquirers on Federal agency progress to mitigate the wide range of cyber risks.






[…]

Federal CIO Suzette Kent, testifying today at a joint subcommittee hearing of the House Oversight and Government Reform Committee, said that the Federal government intends to complete all of the tasks outlined in the Federal IT Modernization Report by the end of the year. She said that the majority of those tasks are already complete, and that many have beaten the timelines the government had set for itself.






[…]

The House Homeland Security Committee today voted to recommend two bills, the Advancing Cybersecurity Diagnostics and Mitigation Act and the Department of Homeland Security Chief Data Officer Authorization Act, aimed at strengthening and solidifying IT operations of the Department of Homeland Security (DHS) and to guard against evolving cybersecurity threats.






[…]

During a General Services Administration (GSA) webinar on July 18, officials explained why Federal agencies should use GSA tools to move to the cloud, how agencies can utilize IT Schedule 70 to move to the cloud, and how to meet FedRAMP requirements.






[…]

Grant Schneider, currently the acting Federal chief information security officer, has been named Federal CISO on a permanent basis, the Office of Management and Budget (OMB) announced on Thursday. As CISO, Schneider is tasked with implementing cybersecurity practices across the executive branch, as well as serving as a policy advisor for the Trump administration.






[…]

Federal agency .gov domains have less than three months left to come into compliance with binding operational directive (BOD) 18-01, issued by the Department of Homeland Security (DHS) last October, which requires the use of Domain-based Message Authentication, Reporting and Conformance (DMARC). A DHS representative on Wednesday said that progress in implementing DMARC has been strong, but that initial implementation is far from the finish line.






[…]

FITARA Awards

Since it became law in 2014, FITARA’s dished out tough love for Federal CIOs–and the 6.0 report card wasn’t one you’d want to take home to your CIO parents. So MeriTalk is working with the FITARA Awards chairman, Congressman Gerry Connolly, D-Va., the author of the FITARA legislation, to recognize the agencies that topped the class on FITARA and provide a venue for discussing the merits and challenges with the grading process.






[…]

The Office of the Inspector General (OIG) found that the General Accountability Office (GAO) isn’t fully compliant with the Federal Information Security Modernization Act of 2014 (FISMA), according to a report released yesterday.






[…]