The Department of Homeland Security is working with multiple Federal agencies to develop a new “risk radar” that will help agencies’ top executives contextualize cybersecurity risk and clarify where they need to apply focus and resources, according to Mark Kneidinger, director of the Federal Network Resilience division of DHS’ Office of Cybersecurity and Communications (CS&C). […]
Thomas Fanning, chief executive officer of Atlanta-based electric utility holding company Southern Co. and a key player in developing private-sector cybersecurity policy, said today at a Senate subcommittee hearing that he has begun to have interactions with senior Federal government military leaders about capabilities to “hack back” at cyber attackers, but emphasized he believes that those types of retaliatory capabilities need to remain in the hands of the military rather than become a corporate function. […]
Booz Allen Hamilton confirmed today its selection as prime contractor under the Federal government-wide Continuous Diagnostics and Mitigation (CDM) Dynamic and Evolving Federal Enterprise Network Defense (DEFEND) program for Group D Federal agencies. […]
A new report from The Century Foundation, a progressive think-tank, urges state law enforcement officials to take action on data privacy regulations in the absence of any substantial movement in that direction by the Federal government. […]
The Reform Government Surveillance (RGS) coalition, whose members include tech-sector bellwethers such as Microsoft, Google, and Facebook, called on the Senate to take prompt action to confirm nominees to the Privacy and Civil Liberties Oversight Board (PCLOB), which has only one member currently. […]
Zscaler announced today that its Zscaler Private Access-Government (ZPA-Government) application access platform received FedRAMP Moderate certification to sell across government. ZPA-Government, which received authority to operate by the Federal Communications Commission (FCC), is the first FedRAMP-approved zero trust remote access platform. […]
People power took the stage during a panel on Thursday at FCW’s Cybersecurity Summit as participants emphasized the importance of supporting cybersecurity personnel to ensure quick and effective responses to threats. […]
During an Aug. 8 webinar on VMware Cloud on AWS hosted by the Digital Government Institute, participants said that VMware and AWS are setting up a dedicated instance of the service called VMware Cloud on AWS GovCloud (US). This instance is intended to meet standards set by FedRAMP, the Defense Information Systems Agency (DISA), and the International Traffic in Arms Regulation (ITAR). […]
The Small Business Administration’s (SBA) Deputy CIO Guy Cavallo and CTO Sanjay Gupta said today at the FCW Cybersecurity Summit that their agency’s unorthodox approach to the Continuous Diagnostics and Mitigation (CDM) Program is yielding a ton of practical benefits, even though it required a bit of a departure from CDM’s initial guidelines. Now, SBA is providing a new potential model for other agencies – many struggling with the first of CDM’s four phases – to use when considering how to achieve the outcomes the program intends. […]
Agencies have 68 days remaining to achieve compliance with the Department of Homeland Security’s (DHS) binding operation directive (BOD) 18-01, which requires the active enforcement of the Domain Message Authentication, Reporting, and Conformance (DMARC) protocol. […]
Federal CIO Suzette Kent said today at the FCW Cybersecurity Summit that continuous dialogue and attention on cybersecurity priorities are working to move the Federal government collectively in the right direction at a time when the need for unified effort is paramount. […]
Carol Harris, director for information technology acquisition management issues at the Government Accountability Office (GAO), will take over the FITARA-related responsibilities of Dave Powner–GAO’s departing director of IT issues–while Nick Marinos, director of cybersecurity and information management at GAO, will pick up Powner’s responsibilities on Census issues, GAO confirmed to MeriTalk. […]
Ninety-seven percent of Federal finance and procurement professionals feel they aren’t fully prepared for the Modernizing Government Technology (MGT) Act and the new creative vehicles it provides agencies to fund IT modernization initiatives, according to a new study. […]
Federal agencies must build “identity-aware” infrastructures to effectively monitor and manage user access to information and information systems across their enterprise for more secure and efficient operations, according to cybersecurity experts. […]
Welcome to MeriTalk News Briefs, where we bring you all the day’s action that didn’t quite make the headlines. No need to shout about ‘em, but we do feel that they merit talk. […]
In a report released Thursday, the Government Accountability Office (GAO) found that no Federal agency has created policies that fully address the CIO’s role within Federal laws and guidelines, due to gaps in guidance, funding and authority. […]
A report from the Treasury Inspector General for Tax Administration (TIGTA) finds that the IRS failed to follow FITARA guidelines when purchasing new IT equipment and reporting on the FITARA scorecard. […]
Federal CIO Suzette Kent, chair of the Technology Modernization Fund (TMF) board, said today she recognizes the imperative to share data with Congress on TMF progress, as the opportunity to secure […]
Federal CIO Suzette Kent said today at MeriTalk’s Cyber Security Brainstorm that the Federal government needs to possess a “never done” mindset when it comes to tackling persistent cyber threats and the related imperative to modernize Federal agency IT environments in order to address the threats. […]
Senate FY2019 funding for the Technology Modernization Fund (TMF) remains stuck on zero following the Senate’s approval earlier today on a 92-6 vote of a “minibus” appropriations bill that wraps together four separate spending bills including one to fund financial services and general government (FSGG) budgets. […]
Panelists at MeriTalk’s Cyber Security Brainstorm on Thursday will shed light on a host of vital cybersecurity issues, including threats to control systems, the foundational importance of security to IT modernization efforts, and the keys to success in risk-based security practices, according to a sneak peek into the thinking of just a few of the 25 experts scheduled to speak. […]
Security in the cloud is a shared responsibility between cloud service providers (CSPs) and government organizations. CSPs provide agencies with a secure platform to operate on, but it is the responsibility of agency security leaders to ensure the applications that are being hosted have been hardened, according to security experts. […]
Booz Allen Hamilton has won a task order worth up to $1.03 billion to provide services under the Continuous Diagnostics and Mitigation (CDM) Program to CDM’s Group D Federal agencies, according to contracting information on the General Services Administration’s (GSA) Federal Procurement Data System. […]
At a House Homeland Security Committee hearing on Wednesday, July 25, to examine findings of the Federal Cybersecurity Risk Determination Report and Action Plan released by the Office of Management and Budget (OMB) in May, lawmakers and private sector witnesses hailed new legislation as a necessary – but on its own insufficient – step to bring down the security risks of three-quarters of Federal agencies deemed in cyber danger. […]
Rep. Gerry Connolly, D-Va., said today that he introduced legislation – the Federal Risk and Authorization Management Program (FedRAMP) Reform Act – which would codify the FedRAMP program in Federal law and address what the congressman said are shortcomings of the program, including the slow pace of implementing standardized practices and realizing efficiencies in the certification process. […]
The House Oversight and Government Reform Committee’s information technology and government operations subcommittees held a joint hearing Wednesday to key in on the most salient, persistent, and omnipresent issue in Federal agency IT: cybersecurity. On hand to testify were Federal CIO Suzette Kent, and Comptroller General Gene Dodaro, seeking to illuminate congressional inquirers on Federal agency progress to mitigate the wide range of cyber risks. […]
Federal CIO Suzette Kent, testifying today at a joint subcommittee hearing of the House Oversight and Government Reform Committee, said that the Federal government intends to complete all of the tasks outlined in the Federal IT Modernization Report by the end of the year. She said that the majority of those tasks are already complete, and that many have beaten the timelines the government had set for itself. […]
Welcome to MeriTalk News Briefs, where we bring you all the day’s action that didn’t quite make the headlines. No need to shout about ‘em, but we do feel that they merit talk. […]
The House Homeland Security Committee today voted to recommend two bills, the Advancing Cybersecurity Diagnostics and Mitigation Act and the Department of Homeland Security Chief Data Officer Authorization Act, aimed at strengthening and solidifying IT operations of the Department of Homeland Security (DHS) and to guard against evolving cybersecurity threats. […]
During a General Services Administration (GSA) webinar on July 18, officials explained why Federal agencies should use GSA tools to move to the cloud, how agencies can utilize IT Schedule 70 to move to the cloud, and how to meet FedRAMP requirements. […]