The final version of the Office of Management and Budget’s zero trust security directive issued this week drew strong praise from private-sector providers of security technologies to Federal agencies for its hard deadlines and firm direction to agencies on how to begin digging into the task of migrating toward zero trust architectures. […]
The White House announced today it will extend the Industrial Control Systems (ICS) Cybersecurity Initiative to the water sector, as part of a larger effort to set cybersecurity baselines for critical infrastructure and protect it from cyber threats. […]
Data compromises in 2021 hit an all-time high with a total of 1,826 incidents reported, according to a recent report released by Identity Theft Resource Center (ITRC). […]
Ross Nodurft, executive director of the Alliance for Digital Innovation and former chief of the Office of Management and Budget’s (OMB) cybersecurity team, gave positive reviews to the final version of OMB’s zero trust security directive to Federal agencies, but also noted agencies’ ability to find funding to implement the strategy in the near term remains somewhat cloudy. […]
Today, the Office of Management and Budget (OMB) published the final version of its strategy that directs Federal agencies to migrate to zero trust security architectures. […]
The Office of the Federal Chief Information Officer (OFCIO) added two Federal IT veterans to its staff last week, hiring Drew Myklegard as associate Deputy Federal CIO and former Air Force Chief Data Officer (CDO) Eileen Vidrine as a senior strategic advisor for Data to the Federal CIO, the Office of Management and Budget (OMB) confirmed to MeriTalk. […]
The Biden administration’s cybersecurity executive order (EO) issued in May 2021, brought along an ambitious deadline schedule for reporting requirements, which Federal chief information officers (CIOs) advise agencies to meet – even if their answer is that they’re “not ready yet.” […]
Amid the blizzard of mounting security threats posed by sophisticated adversaries and increased attack surfaces spawned by large-scale telework, most Federal agencies are getting the message and moving strongly toward developing zero trust security architectures. […]
Government agencies have had to adapt to the “new normal” brought on by COVID-19 – new ways of working, new consumer behaviors, and new business reorganization. But the key to success is updated modernization, according to several chief information officers (CIO). […]
With tensions rising over a possible further Russian invasion of Ukraine, the Biden Administration is laying out potential sanctions it could impose against Russia, up to and including export controls on American-made technologies including AI-enabling and other software products, according to a senior administration official. […]
Bipartisan leaders of the House Oversight and Reform Committee today introduced their version of legislation that would update the Federal Information Security Modernization Act (FISMA), which sets cybersecurity requirements for Federal civilian agencies. […]
The National Security Agency (NSA) has issued a technical report for systems administrators to prevent cyber actors from using malicious PDFs to target networks in a Windows environment. […]
Over the past several months, the United States has experienced many cyberattacks to large cities and small towns. These attacks, Secretary of the Department of Homeland Security (DHS) Alejandro Mayorkas told mayors across the country indicate that cities across the United States need to identify a cyber leader regardless of the size and sophistication of the infrastructure to remain vigilant about cybersecurity. […]
The latest cyber order released by the Cybersecurity and Infrastructure Security Agency (CISA) gives Federal agencies and industry the resources to stop or limit cybercriminals from infiltrating their systems; Michael Duffy, an associate director at CISA, said. […]
The Cybersecurity and Infrastructure Security Agency (CISA) released the finalized ‘IPv6 Considerations for TIC 3.0’ guidance document today, providing security considerations related to implementing the Trusted Internet Connections (TIC) 3.0 as Federal agencies transition to IPv6. […]
President Biden today signed a National Security Memorandum (NSM) intended to improve the cybersecurity of National Security, Department of Defense (DoD), and Intelligence Community (IC) Systems. […]
The increased velocity of major cyber attacks on U.S. government and private sector targets is giving increased urgency to the adoption of cyber incident reporting rules that will improve the government’s ability to identify and defeat them, said Tonya Ugoretz, Deputy Assistant Director for the Cyber Readiness, Outreach, and Intelligence Branch at the Federal Bureau of Investigation. […]
General Dynamics Information Technology (GDIT) President Amy Gilliland talked about the vital role that system integrators play for Federal agencies, along with growing agency appetite for zero trust security technologies, during an address to the Northern Virginia Technology Council (NVTC) on Jan. 14. […]
Reps. Yvette Clarke, D-N.Y., and Ritchie Torres, D-N.Y., are seeking more information on efforts by the Cybersecurity and Infrastructure Security Agency (CISA) efforts to reduce security risks to Federal networks through the use of multi-factor authentication (MFA). […]
After a surprising failure to get mandatory cyber incident reporting included in the fiscal year (FY) 2022 National Defense Authorization Act (NDAA), Rep. Yvette Clarke, D-N.Y., and John Katko, R-N.Y., called the issue a top cybersecurity legislative priority for 2022. […]
The Senate this week approved bipartisan legislation that would create a cyber training program for Federal employees, aimed to help protect the Federal government against cyberattacks and supply chain security vulnerabilities. […]
The Department of Defense (DoD) has launched the DoD University Consortium for Cybersecurity (UC2) to better facilitate communication between the Secretary of Defense and academia, and fulfilling a requirement from the 2020 National Defense Authorization Act, DoD announced Jan. 10. […]
Kenneth Wainstein, the Biden administration’s nominee to become undersecretary for Intelligence and Analysis (I&A) at the Department of Homeland Security (DHS), fielded questions on several tech-related issues from members of the Senate Intelligence Committee at a Jan. 12 committee hearing to consider his nomination. […]
The Senate this week approved legislation sponsored by Sens. Gary Peters, D-Mich., and Rob Portman, R-Ohio, which would promote stronger cybersecurity coordination between the Department of Homeland Security (DHS) and state and local governments. […]
Improving cybersecurity has become the key to better protecting critical infrastructure and meeting mission needs within the government space, but according to an official from the Government Accountability Office (GAO), Federal agencies still have a long way to go to be cyber-ready. […]
Officials from the Cybersecurity and Infrastructure Security Agency (CISA) and within the cybersecurity industry are warning of the potential for threat actors to have already exploited the Log4j vulnerability, but are waiting to pull the trigger on any planned exploits until focus on the vulnerability abates. […]
U.S. Army Chief Information Officer Raj Iyer confirmed on LinkedIn that the service branch has updated its download policy for Office 365 users to allow for more use of personal devices. […]
While cybersecurity threats continue to grow and evolve, public sector organizations are worrying the most about increasing cybersecurity threats from foreign governments. […]
House Oversight and Reform Committee leadership today unveiled their draft legislation to make major changes to the 2014 Federal Information Security Management Act (FISMA) that sets cybersecurity requirements for Federal civilian agencies. […]
Industry leaders today urged the House Oversight and Reform Committee to strengthen the Federal Information Security Management Act (FISMA) to keep up with evolving cyber threats and place a greater emphasis on cybersecurity outcomes, rather than compliance. […]