Improving cybersecurity has become the key to better protecting critical infrastructure and meeting mission needs within the government space, but according to an official from the Government Accountability Office (GAO), Federal agencies still have a long way to go to be cyber-ready. […]
Officials from the Cybersecurity and Infrastructure Security Agency (CISA) and within the cybersecurity industry are warning of the potential for threat actors to have already exploited the Log4j vulnerability, but are waiting to pull the trigger on any planned exploits until focus on the vulnerability abates. […]
U.S. Army Chief Information Officer Raj Iyer confirmed on LinkedIn that the service branch has updated its download policy for Office 365 users to allow for more use of personal devices. […]
While cybersecurity threats continue to grow and evolve, public sector organizations are worrying the most about increasing cybersecurity threats from foreign governments. […]
House Oversight and Reform Committee leadership today unveiled their draft legislation to make major changes to the 2014 Federal Information Security Management Act (FISMA) that sets cybersecurity requirements for Federal civilian agencies. […]
Industry leaders today urged the House Oversight and Reform Committee to strengthen the Federal Information Security Management Act (FISMA) to keep up with evolving cyber threats and place a greater emphasis on cybersecurity outcomes, rather than compliance. […]
The Cybersecurity Infrastructure Security Agency (CISA), National Security Agency (NSA), and FBI are warning critical infrastructure owners and operators of Russian threats to domestic critical infrastructure. […]
The Cybersecurity and Infrastructure Security Agency (CISA) added 15 new vulnerabilities to its Known Exploited Vulnerabilities Catalog on Jan. 10. […]
As agencies accelerate efforts to move to secure cloud services and zero trust architecture in line with the requirements of the Biden administration’s executive order on cybersecurity (EO), many are challenged to close visibility gaps and blind spots in their technology environments. In a MeriTV interview, Sean Connelly, program manager for Trusted Internet Connections at the Cybersecurity and Infrastructure Security Agency (CISA), and Michael Dickman, chief product officer at cloud visibility and analytics firm Gigamon, assessed those visibility gaps and what it will take to close them – ensuring that data is secure across physical, virtual, and cloud networks. […]
The Defense Counterintelligence and Security Agency (DCSA) announced that effective January 18, retired Marine Maj. Gen. Daniel Lecce will take over as the agency’s deputy director. […]
The Cybersecurity and Infrastructure Security Agency (CISA) released its Public Safety Communications Security white paper today in an effort to explain the importance of Communications Security (COMSEC), basic elements of a COMSEC program, and how to develop an encryption strategy to prevent and mitigate unauthorized access to information. […]
A month after its first public warnings about the Log4j vulnerability, the Cybersecurity and Infrastructure Security Agency (CISA) is continuing to work with Federal agencies and the public to mitigate potential exposure, and also renewing calls for a software bill of materials (SBOM) to aid in system visibility and inventory management. […]
Cyberattacks are ever-increasing and lawmakers today called for increased cyber collaboration and a stronger cyber workforce in order to stop the next cyberattack from happening, as well as to bolster the nation’s cyber posture and global leadership. […]
The House Oversight and Reform Committee will debut draft legislation next week to adopt major reforms to the 2014 Federal Information Security Management Act (FISMA) that sets cybersecurity requirements for Federal civilian agencies. […]
The Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) said today that it is continuing to help Federal agencies remediate the Log4j vulnerability that CISA first warned about in December. […]
Sen. Gary Peters, D-Mich., is renewing calls for mandatory incident reporting legislation, after meeting virtually with Biden administration cybersecurity leaders on Jan. 5 for a briefing about the Log4j critical vulnerability. […]
The Office of the National Cyber Director (ONCD) has appointed Nick Leiserson – who spent the previous decade working his way up to be Rep. Jim Langevin’s, D-R.I., Chief of Staff – deputy chief of staff for National Cyber Director Chris Inglis’ office. […]
The Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) said today that all large Federal agencies have successfully mitigated the Log4j critical vulnerability that the agency discovered in early December 2021. […]
The Cybersecurity and Infrastructure Security Agency (CISA) has hired Daniel Bardenstein as its new tech and cyber strategy lead. […]
The Cyberspace Solarium Commission, which has served as an influential incubation chamber for a big chunk of cybersecurity policies that have become Federal law and policy over the past two years, underwent a status change over the holidays. The commission, which was born as a Federally commissioned group, transitioned to a 501(c)3 non-profit over the new year. […]
The Cybersecurity and Infrastructure Security Agency’s (CISA) National Risk Management Center (NRMC) is cataloguing significant progress it has made in developing its “National Critical Functions” (NCF) framework, and pointing to next steps in the effort. […]
As a very busy 2021 comes to a close, it’s time to reflect on the past year and look forward with optimism to the possibilities of the new one that’s about to begin. Rounding the corner to 2022, MeriTalk asked several experts on the industry side of Federal IT for their predictions of what the next year will bring. […]
Cybersecurity took a front seat for the Federal government in 2021, with numerous cyberattacks on government and industry helping to spark a sweeping cybersecurity executive order and a host of new efforts to improve the nation’s security posture. As the year comes to an end, MeriTalk is rounding up our top cyber moments of 2021: […]
With the Dec. 24 deadline approaching for Federal agencies to remediate the Log4j vulnerability, the Cybersecurity and Infrastructure Security Agency (CISA) confirmed to MeriTalk that there have still been no compromises of Federal agencies via the Apache Log4J vulnerability. […]
Federal IT teams are scrambling to patch the Log4j and Log4Shell vulnerabilities before they cause major damage – and meet newly updated CISA guidance for Federal civilian agencies requiring immediate mitigation. […]
The year 2021 has played out as a non-stop whirlwind of activity for the Federal IT community – one unprecedented in recent memory for new policy direction, funding pushes, and urgency to improve network security. […]
The Department of Navy has appointed retired Lt. Cmdr. Josh Reiter as the service branch’s Deputy Principal Cyber Advisor. Reiter, a veteran of both the Navy and Naval Cyber communities, has served in the post since September, according to his LinkedIn. […]
The Accreditation Board (CMMC-AB) for the Department of Defense’s (DoD) Cybersecurity Maturity Model Certification (CMMC) program has elected Vice Chair Jeff Dalton to be its next CMMC-AB Chair, the board announced Dec. 20. […]
This year further brought IT to the forefront of many organizations’ strategies in 2021, but as Federal chief information officers (CIOs) look to 2022, strengthening their agency’s workforce and cybersecurity posture are their big priorities for the year ahead. […]
The holidays are typically a time to relax and spend time with loved ones, but the White House reminded corporate executives and business leaders that malicious cyber actors don’t take the holidays off in new guidance issued on Dec. 16. […]