According to a new report by NASA’s Office of Inspector General (OIG), NASA is not adequately securing its networks from unauthorized access by IT devices, and has not fully implemented controls to remove or block unauthorized IT devices from accessing the agency’s networks and systems. […]
Software Development Operations, or DevOps, can go by many names. DevSecOps, inserts Security into the equation while DevSecEthOps throws ethics into the mix, but ultimately the goal of the process is to build secure software – fast. […]
While the Cybersecurity and Infrastructure Security Agency’s Trusted Internet Connections (TIC) 3.0 guidance was finalized in late July, Program Manager Sean Connelly reiterated at an August 26 FedInsider webinar that the documents are only the first steps of TIC 3.0 efforts. […]
With artificial intelligence applications still being developed, the chief technology officer of the nation’s primary cyber agency said “a new cadre of data professionals” is needed in order to prepare cyber information for analysis. […]
John Felker, a 30-year Coast Guard veteran and a vital force in building mission capabilities of the Cybersecurity and Infrastructure Security Agency over the past several years, said he plans to retire from government service on Sept. 25. […]
The Cybersecurity and Infrastructure Security Agency (CISA) today released its strategy to “ensure the security and resilience of 5G technology” in the United States. […]
At the Department of Homeland Security (DHS) and Cybersecurity and Infrastructure Security Agency (CISA) offices responsible for managing emergency communications, the coronavirus pandemic has required officials to adapt natural disaster plans to the unique challenges of the public health crisis, government officials said today. […]
The Department of Health and Human Services (HHS) is embracing a new cybersecurity routine after the ongoing public health crisis placed a new target on the agency and malicious actors boosted their efforts to infiltrate the agency and access sensitive data, HHS CISO Janet Vogel said this week. […]
Department of Energy CIO Rocky Campione has named Emery Csulak Principal Deputy CIO, effective August 31, according to an agency email obtained by MeriTalk. […]
The Treasury Inspector General for Tax Administration (TIGTA) told the Internal Revenue Service (IRS) that it needs to do a better job to verify wireless device identity, although it said that based on audit results IRS was employing effective strategies and protocols to authenticate network user identities. […]
A Government Accountability Office (GAO) report found that the Federal Aviation Administration (FAA), Indian Health Service, and Small Business Administration (SBA) are using security tools given to them by the Department of Homeland Security (DHS) as they’re intended: to identify hardware and software on their networks that may have vulnerabilities and insecure configurations. But GAO said the agencies have more to do manage their network in order to optimize the value of the tools. […]
The Navy’s Fleet Cyber Command/TENTH Fleet – a force of 55 commands and 40 Cyber Mission Force units across the globe – has unveiled its long-range strategic goals for the “21st century’s Information Age.” […]
Ellen Lord, the Defense Department’s (DoD) undersecretary of Defense for Acquisition and Sustainment, provided updates on August 13 on pathfinder projects and database construction for DoD’s Cybersecurity Maturity Model Certification (CMMC) program that aims to strengthen cybersecurity throughout the U.S. defense industrial base (DIB). […]
Reflecting on the seventh iteration of the Cybersecurity and Infrastructure Security Agency’s (CISA) National Cyber Storm Exercise that concluded late yesterday, Assistant Director for Infrastructure Security Brian Harrell is warning that many organizations fail to understand the security of third-party services that they rely on. […]
To help universities protect COVID-19 research, Reps. Andy Barr, R-Ky., and Frank Lucas, R-Okla., introduced legislation to give those universities and research institutions tools to protect from cyberattacks from foreign cyber actors. […]
The National Institute of Standards and Technology (NIST) launched the final version of Special Publication (SP) 800-207 Zero Trust Architecture on August 11. […]
The Department of Veterans Affairs (VA) is seeking an in-depth cybersecurity audit of its Financial Services Center to analyze its compliance with Federal statutes, how the agency is adapting processes to support compliance, and cybersecurity sustainment across VA. […]
Officials with several leading Federal IT service providers applauded government agency grades on last week’s FITARA Scorecard, but also suggested a range of grading category adjustments for the scorecard to better track where agency performance should be going in the future. […]
A Department of State program is offering up to $10 million to help identify bad actors, individuals who are working with or for a foreign government with the purpose of interfering with U.S. elections through certain cyber acts. […]
Amb. Robert Strayer, the Department of State’s point person for cyber and international communications policy, is leaving government to join the Information Technology Industry (ITI) Council, a global technology trade association. […]
The Department of State launched the Clean Network program on August 5 to promote the protection of American data and telecommunications infrastructure, specifically targeting China-based companies. […]
As government cybersecurity practices shifted to adjust to the increase in telework during the COVID-19 pandemic, officials from the Department of Homeland Security (DHS) and the Cybersecurity and Infrastructure Security Agency (CISA) previewed cyber tools offered by the agencies, but reminded Feds that knowing the network architecture is an early and necessary step toward selecting the correct protections. […]
The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency released a new online tool designed to help individuals navigate career options in the field of cybersecurity. […]
When it comes to the security of sensitive information in the energy sector, collaboration between the Department of Energy, intelligence community, and private sector are foundational to these efforts, Senior Advisor at the Office of Policy for Cybersecurity, Energy Security, & Emergency Response Alexander Gates said. […]
The national security community of the United States has found itself in a conundrum in the last few years, warning other countries about the risks of the China-based company Huawei, but unable to provide an American alternative for 5G networks. […]
This week the Federal agency primarily responsible for protecting elections held a training event to test its plans in advance of November’s Election Day. The third “Tabletop the Vote” exercise hosted by the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, took place over a three day period from July 28 to 30, featuring 37 states and over 2,000 total participants, the majority of which participated remotely. […]
Department of Agriculture (USDA) CIO Gary Washington is crediting the cloud for keeping agency networks cyber-secure during the coronavirus pandemic, and lauding the technology’s cost-savings and efficiency benefits in a remote environment. […]
Rep. Jim Langevin, D-R.I., chairman of the House Armed Services Committee’s Subcommittee on Intelligence and Emerging Threats and Capabilities, voiced support at a July 30 subcommittee hearing for the European Union’s placement of sanctions on Russian, Chinese, and North Korean entities for their role in high-profile cyber attacks. […]
While telecommunications providers in the United States prepare to rip out and replace gear from China-based Huawei and the United Kingdom has moved to eventually ban the company’s equipment from its 5G networks, the German government has officially stated its neutrality in the matter. […]
The Cybersecurity and Infrastructure Security Agency (CISA) announced July 28 the second annual President’s Cup Cybersecurity Competition. Registration is open to any Federal Executive branch employee, including Department of Defense (DoD) and uniformed service members, with a knack for cybersecurity. Individuals can either register solo or as part of a team. […]