Cloud security provider Zscaler said today that its Zscaler Private Access service – a cloud-delivered, zero trust network access (ZTNA) service that provides secure access to all private applications, without the need for a remote access VPN – has achieved FedRAMP Moderate Authorization from the General Services Administration’s Federal Risk and Authorization Management Program. […]
The Department of Defense (DoD) today released its long-anticipated zero trust strategy and roadmap outlining how the agency plans to fully implement a department-wide zero trust cybersecurity framework by fiscal year (FY) 2027. “What is significant about the strategy is that the strategy makes zero trust tangible and achievable while recognizing a dynamic and frankly, […]
The Technology Modernization Fund (TMF) is looking to invest in Federal agency IT modernization projects that can yield incremental and measurable progress over the shorter term, as well as over the life of the project, a fund official said last week. […]
Federal government and private sector officials said at a Nov. 8 ATARC event that government agencies have made notable progress in implementing the Biden administration’s May 2021 cybersecurity executive order, but that the government has still has a long way to go to reach the order’s full potential. […]
The Biden administration plans to launch a process to review and revise U.S. critical infrastructure protection policy, including providing guidance to agencies on designating certain critical infrastructure (CI) as “systemically important.” […]
Federal cybersecurity experts explained at a Nov. 8 ATARC event that the road to zero trust security is a long and often bumpy journey that their agencies at still learning to navigate, despite some being in the game for several years now. […]
The National Institute of Standards and Technology (NIST) plans to create a cybersecurity practice guide for the water and wastewater utilities sector, according to an announcement published last week. […]
The Defense Information Systems Agency (DISA) is well prepared to meet the Department of Defense’s (DoD) 2027 zero trust architecture goal, officials said on Nov. 7 at a DISA press conference. […]
The Defense Information Systems Agency (DISA) is on track to complete work on its Thunderdome Prototype zero trust security project by January 2023, an agency official confirmed on Nov. 7 at a DISA press conference. […]
Federal agencies can leverage human-centered design principles to solve a variety of IT issues, government chief information officers (CIOs) shared during the GDIT Emerge Health 2022 conference on Nov. 3. […]
Federal agency leaders agree that zero trust security is the “bread and butter” of their agencies’ cybersecurity operations in order to best secure personal health information, where the stakes are high given the special sensitivity of that data. […]
Matt House, who was named program manager of the Cybersecurity and Infrastructure Security Agency’s (CISA) Continuous Diagnostics and Mitigation (CDM) program last week, sketched out some principles in the program’s path forward today at FCW’s CDM summit event. […]
As agencies work to implement the Cybersecurity and Infrastructure Security Agency’s (CISA) Continuous Diagnostics and Mitigation (CDM) program capabilities, agency officials today said that operational technology (OT) has proved to be “one of the biggest challenges” for the program – and represents an unknown territory for both CISA and partner agencies. […]
The Department of Defense (DoD) plans to release in the coming days a detailed strategy for its ambitious department-wide zero trust security strategy, said Randy Resnick, director of Zero Trust Portfolio Management at DoD, during FCW’s CDM Summit event on Nov. 2. […]
Government and private sector experts discussed the extent to which zero trust cybersecurity principles ought to be applied to the larger problem of achieving better supply chain security at an Oct. 26 event organized by the Atlantic Council. […]
The Technology Modernization Fund (TMF) today announced a nearly $2 million investment to modernize the U.S. AbilityOne Commission’s Procurement List Information Management System (PLIMS) software. […]
Brian Conrad, acting director of the General Services Administration’s (GSA) Federal Risk and Authorization Management Program (FedRAMP), pointed to the program’s service re-use progress over the past year at an Oct. 20 ATARC event, including a 60 percent jump in re-use by Federal agencies of approved cloud services over the past year. […]
The Cybersecurity and Infrastructure Security Agency’s (CISA) Continuous Diagnostics and Mitigation (CDM) Program is helping Federal agencies to make progress on mandates in President Biden’s cybersecurity executive order to install endpoint detection and response (EDR) on their networks, a senior CISA official said. […]
The Defense Information Systems Agency (DISA) is moving closer to completing its Thunderdome project – DISA’s zero trust security model – by the target date of January 2023, but the agency still faces the challenge of scaling it across Defense Department (DoD) networks, an agency official said. […]
The Cybersecurity and Infrastructure Security Agency (CISA) is chalking up two significant milestone victories in its ongoing campaign to help Federal agencies put into action recent cybersecurity improvement mandates. […]
The Technology Modernization Fund today announced a round of new funding awards totaling $20.8 million to the Office of Personnel Management (OPM) and the Department of Housing and Urban Development (HUD). […]
Federal agencies are engaged in “a tremendous amount of work” to meet requirements to move to zero trust security architecture as laid out in President Biden’s cybersecurity executive order issued last year, even as some agencies are struggling with initial steps to begin that transition, a top Cybersecurity and Infrastructure Security Agency (CISA) official said Wednesday. […]
The House last week voted to approve an updated version of legislation that would codify into law and update the Federal Risk and Authorization Management Program (FedRAMP). […]
The term zero trust is often used as a buzzword, but Department of Veterans Affairs (VA) Chief Information Officer (CIO) Kurt DelBene said a successful organization will prioritize security above all else, and have zero trust baked into its workforce culture. […]
A new survey of several hundred cybersecurity professionals reveals that nearly two-thirds of their organizations are considering alternatives to virtual private network (VPN) infrastructure for providing remote access because of the technology’s vulnerability to sophisticated cyber attacks. At the same time, the vast majority of those organizations are moving to adopt zero trust security architectures to improve security. […]
There is a consensus among lawmakers that the FITARA Scorecard should evolve to encompass the evolution of agency infrastructure for a more valuable analysis of an agency’s IT management maturity of its unclassified systems environment. […]
Federal Chief Information Officer Clare Martorana told House lawmakers today that she envisions promising payoffs over the next year from Technology Modernization Fund (TMF) investments spurred by Congress’s $1 billion cash infusion into the fund last year. […]
The Department of Defense’s (DoD) new zero trust strategy outlines 90 capabilities that will help the department bring to bear its “targeted” zero trust framework across the entire department, said DoD Chief Information Officer (CIO) John Sherman. […]
The growing threat of cyber threat actors has underscored a need for Federal agencies to verify and authenticate everybody and everything accessing their network. […]
The Department of Defense (DoD) plans to implement a zero trust architecture across the entire department by 2027, and will soon release a detailed strategy on how it will get there, a DoD spokesperson confirmed to MeriTalk. […]