Prompted by the White House executive order on cybersecurity, Federal agencies are accelerating their adoption of zero trust architectures. And according to Gerald Caron, chief information officer (CIO) and assistant inspector general (IG) for information technology at the Department of Health and Human Services (HHS), these models must include automation. […]
Puesh Kumar, director of the Energy Department’s Office of Cybersecurity Energy Security and Emergency Response (CESER), detailed several steps that the agency is taking to implement executive branch and DoE supply chain security policies during a virtual event hosted by FCW on March 16. […]
The FBI announced the launch of its Virtual Assets Unit (VAU), a new unit designed to be able to go after criminals looking to use cryptocurrency to aid in their crimes, the FBI announced March 15. […]
Federal chief information security officers (CISOs) today recommended that as Federal agencies implement zero trust security architectures they also put in place continuous training programs for their workforce to keep employees up to date on the technology and best practices. […]
The Government Accountability Office (GAO) said its strategic plan for 2022-2027 features significant emphasis on cybersecurity issues including the government’s capabilities to boost cyber defenses against foreign government influence campaigns, and the Defense Department’s ability to meet cyber threats across multiple domains. […]
The Government Accountability Office (GAO) has released its latest multi-year strategic plan, with an emphasis on cybersecurity and how technology figures in to broad goals for the United States. […]
President Biden signed the fiscal year (FY) 2022 omnibus appropriations bill today that will keep the Federal government funded through Sept. 30. […]
A bipartisan group of 22 senators is asking the Department of Homeland Security (DHS), the Cybersecurity and Infrastructure Security Agency (CISA) and other Federal cybersecurity agencies for an update on what steps the government is taking to safeguard the United States and its critical infrastructure sectors against Russia-backed cyber and disinformation threats. […]
While Russia’s war in Ukraine continues, the cyberattacks coming from the invading country have, surprisingly, been rather mild and contained, Senator Mark Warner, D-Va., said today. […]
President Biden was poised late Friday to sign a full-year appropriations bill for fiscal year (FY) 2022 ending Sept. 30, after the Senate passed the spending bill late March 10. […]
After a few failed attempts, cyber incident reporting legislation made it over the finish line as part of the fiscal year (FY) 2022 appropriations bill – a victory hailed by Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly and lawmakers as a necessary step for more visibility to protect critical infrastructure. […]
The House of Representatives late on March 9 passed the long-awaited full-year appropriations bill for fiscal year (FY) 2022 ending Sept. 30, along with a four-day continuing resolution (CR) to give the Senate a few more days to shepherd the full-year omnibus spending bill to passage. […]
The Cybersecurity and Infrastructure Security Agency’s (CISA) National Risk Management Center (NRMC) is preparing for a change in leadership, as founding member Bob Kolasky prepares to leave CISA for the private sector. […]
House and Senate Appropriations Committees today unveiled a full-year omnibus spending bill covering Federal government operations for the rest of fiscal year (FY) 2022 that ends on Sept. 30. […]
The White House’s Office of Management and Budget (OMB) is urging agencies to “immediately” implement the National Institute of Standards and Technology (NIST) guidance on software supply chain security. […]
A bill to authorize the Department of Homeland Security (DHS) to provide cybersecurity training help at the national, state and local levels was approved by the House on March 7. The Senate has approved similar – but not identical – legislation, so the House version will still need further Senate action before it can be submitted to President Biden for his signature. […]
MeriTalk recently sat down with Jim Matney, Vice President and General Manager of the DISA and Enterprise Services Sector for GDIT’s Defense Division, to discuss how the ICAM solution will serve as a critical pillar to establishing zero trust within the Federal defense enterprise. […]
Google said today it agreed to buy cybersecurity defense and response services provider Mandiant for $5.4 billion in cash. After the acquisition closes, Google will wrap Mandiant into its Google Cloud business. […]
The Cybersecurity and Infrastructure Security Agency (CISA) has released a draft version of its Applying Zero Trust Principles to Enterprise Mobility for public comment. […]
A recent request by the White House for $32.5 billion in emergency funding to counter COVID-19 and support Ukraine in its war against Russia also would allocate hundreds of millions of dollars to a host of separate cybersecurity efforts throughout the government. […]
Security, in the past, was built on fixed physical networks that allowed access to trusted individuals and kept untrusted individuals out. But, as Federal agencies transform their digital environments and increase remote work security measures had to evolve, making zero trust architectures the new norm and identity the new perimeter. […]
In a review of Federal agencies work on cybersecurity, the Government Accountability Office (GAO) internet architecture is generally considered resilient, but there are still risks involved that Federal agencies are addressing. […]
New legislation introduced in the House this week to Congress would allocate Federal granting funding to schools to promote cybersecurity education programs. […]
While President Biden’s 2021 cybersecurity executive order (EO) doesn’t address all of the Federal government’s cybersecurity needs, a security expert from the Cybersecurity and Infrastructure Security Agency (CISA) said the EO’s goal drives toward prioritization of the government’s most pressing needs – rather than a fix-all approach. […]
The National Security Agency (NSA) has released a cybersecurity technical report for its Network Infrastructure Security Guidance that features network infrastructure best practices, according to a March 1 release from the agency. […]
The National Institute of Standards and Technology (NIST) is developing a Cybersecurity Practice Guide through its National Cybersecurity Center of Excellence (NCCoE) and Communications Technology Laboratory (CTL) and are requesting comment to refine the project’s scope. […]
The Senate on March 1 approved by unanimous consent the Strengthening American Cybersecurity Act of 2022. The bill is a sweeping legislative package introduced last month that aims to update the Federal Information Security Management Act (FISMA), codify the General Services Administration’s Federal Risk and Authorization Management Program (FedRAMP), and require timely cyber incident reporting by critical infrastructure providers. […]
As the Cybersecurity and Infrastructure Security Agency (CISA) is shifting its focus from protecting sets of critical assets to improving the resilience of critical functions, the Government Accountability Office (GAO) said the agency should improve its priority setting, stakeholder involvement, and threat information sharing in connection with that effort. […]
The United States and its allies in the North Atlantic Treaty Organization (NATO) need to be prepared to face a high-level cyber assault from the Russian government, warned Sen. Mark Warner, D-Va., on Feb. 28 during a Washington Post virtual event. […]
The Federal Communications Commission (FCC) has launched a Notice of Inquiry (NOI) to seek comments on cyber risks to the Border Gateway Protocol (BGP) – the routing protocol for the Internet – in response to increasing cyber threats following Russia’s invasion of Ukraine. […]