A report with information from all of the agencies’ risk management reports will be sent to President Donald Trump to review by Oct. 8, even though the government still lacks a Federal CIO. Barry West, senior adviser and senior accountable official for risk management at the Department of Homeland Security, said that the goals of the Cyber Executive Order in May could still be met without a Federal CIO.
Though officials working on the Continuous Diagnostics and Mitigation program have been aware of the importance of cloud from the beginning, Phase 3 of the program will shift to include cloud concerns, according to Kevin Cox, CDM program manager at the Department of Homeland Security.
The conversations during the planning part of the acquisition process are the most important to the success of the contract vehicle, according to agency procurement officials. “What I think is most important is how we come together to meet the business solutions to enable our mission,” said Soraya Correa, chief procurement officer at the Department of Homeland Security, at AFCEA’s Homeland Security Conference on Sept. 13.
The Treasury Department announced sanctions against 11 entities and individuals involved in cyberattacks by Iranian actors. The sanctions include two Iran-based networks that are responsible for cyberattacks against U.S. financial systems.
The problem with IT modernization is often a people problem. “There’s a cultural challenge within the IT community,” said Department of Homeland Security Acting CIO Stephen Rice, at the AFCEA Homeland Security Conference on Sept. 13. “Changes aren’t just within the technology but also within the culture of those managing the technology.”
Acting Secretary of Homeland Security Elaine Duke released a binding operational directive on Sept. 13 requiring agencies to identify and plan to remove all Kaspersky Lab products within the next 90 days. “The Department is concerned about the ties between certain Kaspersky officials and Russian intelligence and other government agencies, and requirements under Russian law that allow Russian intelligence agencies to request or compel assistance from Kaspersky and to intercept communications transiting Russian networks,” DHS noted.
The Department of Homeland Security’s (DHS) Continuous Diagnostics and Mitigation (CDM) program is entering its fourth year and introducing a third phase. Now, the Trump administration’s increasing focus on cybersecurity adds growing pressure to the program and its scope.
U.S. Customs and Border Protection is evaluating the various technologies it can use to secure the southern border and vet incoming travelers. “As you may have heard, CBP is involved in building a wall on the southwest border,” said U.S. Border Control Chief Ronald Vitiello.
When starting an IT modernization project, agencies should ask what their end goal is before trying to figure out what their current state of affairs is, according to National Technical Information Service director Avi Bender.
The entire Federal government is feeling the pains of cyber workforce shortages. But the Department of Homeland Security, which is tasked with protecting national security without the cool factor of the FBI and National Security Agency, hurts more than most, according to testimony at a House Homeland Security Committee hearing on Sept. 7.
The Government Accountability Office found that the Federal Aviation Administration’s NextGen program was successful in enhancing surface traffic operations at 39 of the 40 busiest airports in the United States.
The State Department led a STEAM camp in Malawi in August to enhance high school girls’ skills in science, technology, engineering, art, and mathematics. The State Department began the WiSci or Women in Science STEAM Camp in Rwanda in 2015 following the U.S.-Africa Leaders Summit. This year’s program was the third iteration of the WiSci camps.
The General Services Administration (GSA) is experimenting with applying blockchain technology to its Schedule 70 Acquisitions, a move that keeps the agency on the cutting edge of technological advances that will ultimately best serve government agencies, according to Jose Arrieta, director of IT 70 Schedule Operations within GSA’s Federal Acquisition Service.
TechNet, a network of innovation economy CEOs, recently sent a letter to the Federal Communications Commission advocating for increased investment in broadband connectivity. The letter emphasizes the importance of broadband for the success of commercial industries such as businesses, hospitals, libraries, and educational institutions.
Acting Office of Personnel Management Director Kathy McGettigan announced that Rob Leahy will serve as OPM’s acting CIO. OPM CIO David DeVries departs Sept. 2 for a new role.
The National Institute of Standards and Technology and the Department of Homeland Security announced the next phase of the “Smart and Secure Cities and Communities Challenge,” a partnership to bring together Smart City initiatives and DHS’s security expertise and resources, at the Global City Teams Challenge Expo.
The Government Accountability Office found that the National Highway and Traffic Safety Administration needs to clarify its policies for ensuring the privacy of drivers of connected vehicles. Thirteen of the 16 selected automakers in GAO’s study sell connected vehicles, and those 13 reported collecting, using, and sharing data on the cars’ locations and operations.
Successful smart city initiatives rely on cities collaborating with each other, the Federal government, the private sector, and citizens, according to city mayors and Federal experts who spoke at the Global City Teams Challenge Expo on Aug. 28.
Justice officials arrested Yu Pingan of Shanghai on Monday for supplying malware that has been connected to the 2015 Office of Personnel Management (OPM) breach in 2015.
The Federal Transit Administration’s Mobility on Demand Sandbox program will fund 11 projects that allow transit providers to try Internet of Things (IoT) enabled services.
A draft of the National Infrastructure Advisory Council (NIAC) Cyber Working Group report on securing the nation’s critical infrastructure has found that while the U.S. has the capabilities to defend against cyber attacks, it lacks the coordination to do so effectively.
Federal Communications Commission CIO David Bray will not be taking up the role of National Geospatial-Intelligence Agency chief ventures officer, as reported June 5, and will instead be moving to the private sector as senior fellow and executive-in-residence at People-Centered Internet, Bray confirmed to MeriTalk.
The United States needs to invest more resources in the security of election systems, Cook County (Ill.) Director of Elections Noah Praetz told the Election Assistance Commission.
The United States Patent and Trademark Office and the National Inventors Hall of Fame held a STEM camp this month to teach children to develop questions, collect data, draw conclusions, and apply new knowledge while tackling hands-on challenges.
DHS S&T announced Aug. 14 that it was awarding Metronome Software nearly $750,000 to strengthen the security of first responder sensor systems. Metronome Software, a software research and development company focused on working for the U.S. government, is developing a technology to improve the security of first responders’ mobile device-based sensor systems.
The Federal Communications Commission announced that it will begin an auction in 2018 that will provide nearly $2 billion over 10 years to expand high-speed Internet access in rural areas that are currently underserved by fixed broadband.
The National Institute of Standards and Technology’s National Initiative for Cybersecurity Education recently released a Cybersecurity Workforce Framework that establishes a consistent vocabulary for recruiting and hiring cybersecurity talent.
Office of Personnel Management CIO Dave Devries will be leaving his position effective Sept. 2 due to family considerations, an OPM spokesperson confirmed to MeriTalk. DeVries joined OPM in August 2016.
Following the Cybersecurity Executive Order, security professionals are focusing on risk management frameworks, and some agencies are turning to the Continuous Diagnostics and Mitigation Program. “Security is not something that you buy, it’s something that you do,” said Matt Conner of the National Geospatial-Intelligence Agency.
The Government Accountability Office found that the Office of Personnel Management’s cybersecurity posture is still lacking after the major hack of the agency in 2015.