The vice chair of the board of directors of the CMMC-AB said that 25 assessors have been provisionally trained, and estimated that certified assessors for the open market will be released in the first quarter of calendar year 2021. […]
The Department of Homeland Security’s (DHS) effort to consolidate its network and security operations centers into a Network Operations Security Center (NOSC) model will improve the agency’s continuity of operations efforts, CIO Karen Evans said today. […]
The new cybersecurity standard for contractors in the Department of Defense’s (DoD) supply chain ecosystem is soon to have regulatory backing, according to Katie Arrington, CISO for Acquisition and Sustainment at the DoD. […]
Assessing the current threat landscape six months into the COVID-19 pandemic, Director of the Cybersecurity and Infrastructure Security Agency Christopher Krebs listed nation-state spies, cybercriminals committing fraud, and the spread of disinformation as top cyberattack vectors. […]
Deputy Federal CIO Maria Roat asserted at the Billington Cybersecurity Summit that the Federal government is using a DevSecOps approach to integrate security into every aspect of modernization, but she insisted that the workforce must be cyber ready to be entirely secure. […]
The Federal Communications Commission said on Sept. 4 that the total cost of removing and replacing telecommunications equipment made by China-based Huawei and ZTE from the networks of smaller U.S. carriers could be more than $1.6 billion. […]
With no U.S.-based companies dominating the worldwide market for network equipment that underlies 5G wireless services, and with the U.S. in the midst of a years-long campaign to ban Chinese network equipment makers from U.S. and allies’ markets, perhaps the most important battle for the longer-term future of 5G network infrastructure is gearing up now in and near the halls of power in Washington, D.C. […]
The Information Technology Industry Council this week released its guide for cybersecurity certification, which includes a warning against a “one-size-fits-all solution” in certification. […]
The Cybersecurity Maturity Model Certification Accreditation Body announced the addition of two new members to its Board of Directors on Sept. 2, a move which comes just months after the board’s establishment in January. Sheryl Hanchar and Charlie Williams, Jr. were added to the board to serve terms beginning immediately, a CMMC-AB news release said. […]
While Congress has been slow to act on privacy issues, the National Institute of Standards and Technology (NIST) is getting out ahead of any Federal legislation when it comes to addressing the matter. […]
The Office of Management and Budget (OMB) has finalized vulnerability disclosure policies (VDPs) for the Federal government and issued a memorandum to agencies today establishing the processes for identification, management, and remediation of security vulnerabilities. […]
CenturyLink said on Sept. 1 that the company has attained FISMA (Federal Information Security Management Act) High certification for its federal network operations centers and security operations centers. […]
Shane Barney, Chief Information Security Officer (CISO) at the Department of Homeland Security’s U.S. Citizenship and Immigration Services (USCIS) component, on Sept. 1 credited increased use of data automation for improving security operation center (SOC) operations at the agency. […]
Cybersecurity agencies of the nations in the “Five Eyes” intelligence alliance released a joint cybersecurity advisory to serve as a “playbook” for investigating incidents and highlight technical approaches to uncovering malicious activity. […]
The Department of Health and Human Services has appointed Perryn Ashmore acting CIO, following the departure of former CIO Jose Arrieta on August 28. […]
The first group of assessors for the Department of Defense’s new cybersecurity standard will begin training today, according to a press release from the Cybersecurity Maturity Model Certification Accreditation Body. […]
In the 20th century, literacy in reading, writing, and mathematics might have been the requisites to inform participation in democratic and economic systems, but over the past half century, a new form of necessary literacy has been emerging – cyber literacy. […]
As large scale telework continues across the Federal government, the Cybersecurity and Infrastructure Security (CISA) released a remote vulnerability and patch management guide yesterday to supplement the Trusted Internet Connection (TIC) 3.0 Interim Telework Guidance released in April. […]
For agencies looking to implement cybersecurity solutions, Terry Kalka, Chief of Mission Support at the Department of Defense Cyber Crime Center, emphasized that basic cyber hygiene practices will block a majority of cyberattacks unless those attacks stem from a particularly advanced threat actor. […]
According to a new report by NASA’s Office of Inspector General (OIG), NASA is not adequately securing its networks from unauthorized access by IT devices, and has not fully implemented controls to remove or block unauthorized IT devices from accessing the agency’s networks and systems. […]
Software Development Operations, or DevOps, can go by many names. DevSecOps, inserts Security into the equation while DevSecEthOps throws ethics into the mix, but ultimately the goal of the process is to build secure software – fast. […]
While the Cybersecurity and Infrastructure Security Agency’s Trusted Internet Connections (TIC) 3.0 guidance was finalized in late July, Program Manager Sean Connelly reiterated at an August 26 FedInsider webinar that the documents are only the first steps of TIC 3.0 efforts. […]
With artificial intelligence applications still being developed, the chief technology officer of the nation’s primary cyber agency said “a new cadre of data professionals” is needed in order to prepare cyber information for analysis. […]
John Felker, a 30-year Coast Guard veteran and a vital force in building mission capabilities of the Cybersecurity and Infrastructure Security Agency over the past several years, said he plans to retire from government service on Sept. 25. […]
The Cybersecurity and Infrastructure Security Agency (CISA) today released its strategy to “ensure the security and resilience of 5G technology” in the United States. […]
At the Department of Homeland Security (DHS) and Cybersecurity and Infrastructure Security Agency (CISA) offices responsible for managing emergency communications, the coronavirus pandemic has required officials to adapt natural disaster plans to the unique challenges of the public health crisis, government officials said today. […]
The Department of Health and Human Services (HHS) is embracing a new cybersecurity routine after the ongoing public health crisis placed a new target on the agency and malicious actors boosted their efforts to infiltrate the agency and access sensitive data, HHS CISO Janet Vogel said this week. […]
Department of Energy CIO Rocky Campione has named Emery Csulak Principal Deputy CIO, effective August 31, according to an agency email obtained by MeriTalk. […]
The Treasury Inspector General for Tax Administration (TIGTA) told the Internal Revenue Service (IRS) that it needs to do a better job to verify wireless device identity, although it said that based on audit results IRS was employing effective strategies and protocols to authenticate network user identities. […]
A Government Accountability Office (GAO) report found that the Federal Aviation Administration (FAA), Indian Health Service, and Small Business Administration (SBA) are using security tools given to them by the Department of Homeland Security (DHS) as they’re intended: to identify hardware and software on their networks that may have vulnerabilities and insecure configurations. But GAO said the agencies have more to do manage their network in order to optimize the value of the tools. […]