The Department of Transportation (DoT) has received its first-ever Technology Modernization Fund (TMF) award worth $6.43 million to use in helping to upgrade tech at the agency’s Federal Aviation Administration (FAA) component, according to DoT Chief Information Officer (CIO) Cordell Schachter. […]

The Cybersecurity and Infrastructure Security Agency (CISA) is considering turning its current Trusted Internet Connections (TIC) program office into an office that supports Federal agencies as they pursue requirements from CISA and the Office of Management and Budget (OMB) to migrate to zero trust security architectures. […]

The Biden administration’s fiscal year (FY) 2024 budget request issued today by the White House features a proposed $200 million addition to the Technology Modernization Fund (TMF), and a 4.9 percent annual budget increase for the Cybersecurity and Infrastructure Security Agency (CISA). […]

The General Services Administration (GSA) was an early adopter of zero trust security architecture, and Chief Information Officer (CIO) David Shive said this week that the next step for the agency is to focus on application-level security. […]

The challenge of implementing zero trust is explaining the benefits to the end users, Federal and industry cybersecurity experts said today at the Zscaler Public Sector Summit in Washington, D.C.  […]

If you’ve been wondering how much the Federal government is investing in its sweeping effort to migrate to zero trust security architectures, the answer to that question may be coming this week. […]

The Department of Justice (DoJ) chief information officer (CIO) said today that the agency’s component offices have provided “overwhelming” feedback to ZScaler’s zero trust network access (ZTNA).  […]

After 15 FITARA hearings over the last seven years, Rep. Gerry Connolly, D-Va., confirmed that FITARA oversight hearings will continue under the leadership of Rep. Nancy Mace, R-S.C. – the new chair of the House Oversight and Accountability Committee’s Subcommittee on Cybersecurity, Information Technology, and Government Innovation. […]

The U.S. Agency for International Development (USAID) took home the top honor at Wednesday night’s FITARA Awards and FedRAMP Celebration – the awards ceremony hosted by MeriTalk to recognize Federal agencies that are notching superior progress on the FITARA Scorecard issued by the House Oversight and Accountability Committee to grade agencies on a host of IT-related measures.  […]

Thomas Santucci, director of the Data Center & Cloud Optimization Initiative program management office at the General Services Administration (GSA), is pointing Federal agencies to sources of expertise including CIO Council guidance and FedRAMP (Federal Risk and Authorization Management Program) as they navigate through requirements for the migration to zero trust security architectures. […]

The Department of Defense (DoD) released an updated version of its Cybersecurity Reference Architecture (CSRA) – the fifth iteration of this document – laying out new objectives closely aligned to the broader DoD zero trust strategy. […]

The Technology Modernization Fund (TMF) said today it approved $40.6 million of new funding to three Federal agencies for projects that will improve cybersecurity, and also help boost citizen service. […]

The Defense Information Systems Agency (DISA) has officially completed work to prototype its Thunderdome zero trust security project, and has rolled out the system to about 1,600 users so far, with more on the way, a senior DISA official said today. […]

A new report released by the Government Accountability Office (GAO) on Feb. 2 showcases how many government agencies are making coordinated efforts to expand supply chain resilience with foreign partners. […]

Good things can come both to those who wait – and never stop trying – in Washington. That’s one of the top-line takeaways after talking with Stephen Kovac, Chief Compliance Officer at cloud security provider Zscaler, following the successful conclusion late last month of a multi-year campaign to codify into law the Federal Risk and Authorization Management Program (FedRAMP). […]

Tech-sector trade group Alliance for Digital Innovation (ADI) is calling on Federal technology leaders to boost funding for the Federal Risk and Authorization Management Program (FedRAMP) through allocations from Federal Citizen Services Fund (FCSF) that is maintained by the General Services Administration (GSA), which also oversees FedRAMP. […]

Successfully implementing a zero trust architecture can oftentimes be a challenge for organizations, especially when there is a lack of buy-in at the executive level. To help clear that kind of hurdle, Federal officials say the secret sauce is developing a zero trust business case. […]

Federal government officials suggested this week that quick action, plus a lot of collaboration, can help agencies boost their supply chain risk management (SCRM) efforts. […]

As the Federal government continues to execute on fundamental shifts in network security strategies like the move to zero trust architectures, agency tech leaders are emphasizing the need to push back against the status quo of established technology thinking. […]

Federal agency officials said that having the rights tool, and a workforce culture tuned into security, are key elements in making gains on cybersecurity-supply chain risk management (C-SCRM). […]

After gunfire damaged two electrical substations in Moore County, N.C., leaving 45,000 people without power in early December, a team of Federal energy sector regulators has taken action to conduct a review of electric grid security protocols. […]

Illumio, a provider of zero trust segmentation (ZTS) technologies, said today that its Illumio Government Cloud offering has received FedRAMP (Federal Risk and Authorization Management Program) In Process designation at a Moderate Impact Level, under the sponsorship of the Department of Health and Human Services (HHS) Office of Inspector General. […]

The Technology Modernization Fund (TMF) said today it will make $14.6 million of new funding awards to build and improve digital services at the U.S. Agency for International Development (USAID) and the U.S. Railroad Retirement Board (RRB). […]

Private sector tech firms that help the Federal government improve tech and security capabilities are viewing last week’s FITARA Scorecard as a further call to action on the cybersecurity and IT modernization fronts. […]

Cybersecurity experts at the U.S. Government Accountability Office (GAO) today praised Federal agencies for their progress and cost savings as reflected in the latest FITARA Scorecard issued by the House Oversight and Reform Committee today, but said agencies need to do better in speeding their transition to Enterprise Infrastructure Solutions (EIS) communications contracts, and do more to empower their chief information officers (CIOs). […]

The Office of Management and Budget (OMB) has released a new “progress report” on the state of cybersecurity across Federal agencies, just in time for the 15th edition of the FITARA Scorecard issued today by the House Oversight and Reform Committee. […]

Both the chairman and the ranking member of the House Government Operations Subcommittee complained today – to varying degrees – about a lack of new and detailed information on Federal agency cybersecurity performance data to inform the 15th version of the biannual FITARA Scorecard released today by the House Oversight and Reform Committee. […]

IT-related gradings for the largest Federal government agencies moved moderately higher on the 15th edition of the FITARA Scorecard issued today by the House Oversight and Reform Committee. […]

Cybersecurity issues are likely to be front and center at the House Government Operations Subcommittee’s Dec. 15 hearing at which the panel will unveil the 15th edition of the House Oversight and Reform Committee’s FITARA (Federal Information Technology Acquisition Reform Act) Scorecard. […]

Google released a new research report on Dec. 8 outlining how organizations can better defend themselves against cyberattacks that target their software supply chains. The report follows up on supply chain security concerns brought to light by exploits such as the SolarWinds software supply chain attack, and efforts to guard against Log4j vulnerabilities. “We believe […]