State-sponsored cyberattacks are the new normal in adversarial international activity, whether on large or small scales. […]

At a House Homeland Security Committee hearing on Wednesday, July 25, to examine findings of the Federal Cybersecurity Risk Determination Report and Action Plan released by the Office of Management and Budget (OMB) in May, lawmakers and private sector witnesses hailed new legislation as a necessary – but on its own insufficient – step to bring down the security risks of three-quarters of Federal agencies deemed in cyber danger. […]

The House Oversight and Government Reform Committee’s information technology and government operations subcommittees held a joint hearing Wednesday to key in on the most salient, persistent, and omnipresent issue in Federal agency IT: cybersecurity. On hand to testify were Federal CIO Suzette Kent, and Comptroller General Gene Dodaro, seeking to illuminate congressional inquirers on Federal agency progress to mitigate the wide range of cyber risks. […]

Welcome to MeriTalk News Briefs, where we bring you all the day’s action that didn’t quite make the headlines. No need to shout about ‘em, but we do feel that they merit talk. […]

The Government Accountability Office (GAO) released an interim report today detailing four major challenges and 10 critical actions that it says must be taken in order to stem the growing tide of cybersecurity threats facing the nation and Federal agencies. […]

Today’s House Committee on Oversight and Government Reform (OGR) covered the waterfront on election cybersecurity issues but came up with little that differed much from many of the other election cybersecurity hearings that have happened on the Hill over the last few months. The greatest hits were once again discussed–concerns over involvement in the 2016 election, threats facing the 2018 midterm elections, and how to respond to Russia cyber aggression towards U.S. election infrastructure and technology. […]

The House Homeland Security Committee today voted to recommend two bills, the Advancing Cybersecurity Diagnostics and Mitigation Act and the Department of Homeland Security Chief Data Officer Authorization Act, aimed at strengthening and solidifying IT operations of the Department of Homeland Security (DHS) and to guard against evolving cybersecurity threats. […]

In the push to keep Federal IT systems secure, cybersecurity teams find themselves overloaded with information and tools and would like to see automation help them turn information into actionable intelligence, IT and industry leaders said during a FedInsider webinar on July 19. […]

The National Defense Authorization Act (NDAA) for FY 2019 took a big step toward passage with the release of the conference report late yesterday that unifies House and Senate NDAA legislation and places in sharp focus concerns about growing cyber and electronic warfare threats and ways that the United States should address them. […]

Welcome to MeriTalk News Briefs, where we bring you all the day’s action that didn’t quite make the headlines. No need to shout about ‘em, but we do feel that they merit talk. […]

In 2016, criminals stole $1.6 billion from the Internal Revenue Service (IRS) by using false identities to claim fraudulent tax refunds, according to IRS estimates. In a report released today, the Government Accountability Office (GAO) zeroes in on IRS’ authentication efforts as a way to reduce fraud and save tax payer dollars, and offers 11 recommendations for IRS consideration. […]

Support for S. 2593, the Secure Elections Act of 2018, is growing in the Senate as four more legislators signed on as cosponsors late last week. […]

The Department of Justice (DoJ) said Thursday it was putting in place a new policy governing disclosure by DoJ and other Federal agencies of “foreign influence operations” being conducted in the United States. The agency said the new policy “provides guideposts for Department action to expose and thereby counter foreign influence threats, consistent with the fundamental principle that the Department always must seek to act in ways that are politically neutral, compliant with the First Amendment and designed to maintain the public trust.” […]

As the National Defense Authorization Act (NDAA) for FY2019 makes its way through the House-Senate conference process, Senate Republicans today agreed to drop their ban on China-based communications equipment maker ZTE in favor of the House’s more lenient version of that measure. […]

Grant Schneider, currently the acting Federal chief information security officer, has been named Federal CISO on a permanent basis, the Office of Management and Budget (OMB) announced on Thursday. As CISO, Schneider is tasked with implementing cybersecurity practices across the executive branch, as well as serving as a policy advisor for the Trump administration. […]

Welcome to MeriTalk News Briefs, where we bring you all the day’s action that didn’t quite make the headlines. No need to shout about ‘em, but we do feel that they merit talk. […]

The House Intelligence Committee today heard testimony from several witnesses who warned that China is actively working to infringe upon the intellectual property rights of U.S. entities, engages in cyberespionage against the United States, and poses a growing cyberthreat to the country. […]

Margaret Weichert, deputy director for management at the Office of Management and Budget (OMB) and one of the Trump administration’s most visible point persons promoting its plan to reorganize numerous aspects of Federal civilian agencies, said on Wednesday that the first fruits of that plan may be efforts to standardize aspects of the Federal cybersecurity workforce, ease the backlog of Federal background checks, and make improvements in the provision of government digital services generally. […]

Welcome to MeriTalk News Briefs, where we bring you all the day’s action that didn’t quite make the headlines. No need to shout about ‘em, but we do feel that they merit talk. […]

Following a July 16 letter by former government officials requesting disclosure of 2020 Census cybersecurity policies, the U.S. Census Bureau issued a statement today affirming its “robust cybersecurity program” and ensuring interested parties that cybersecurity remains paramount at the bureau. However, it said it was declining to reveal all of its encryption policies “as a matter of data security.” […]

The Office of the Inspector General (OIG) found that the General Accountability Office (GAO) isn’t fully compliant with the Federal Information Security Modernization Act of 2014 (FISMA), according to a report released yesterday. […]

Matt Goodrich, FedRAMP director, and Ashley Mahan, FedRAMP evangelist, addressed industry feedback to FedRAMP’s recently released authorization boundary guidance during a webinar today. […]

A large group of former Federal government officials–including national security and other experts from the Departments of State, Homeland Security, and Justice–urged Secretary of Commerce Wilbur Ross in a letter released yesterday to disclose the 2020 Census’ data protection and cybersecurity policies. […]

The Hide ‘N Seek (HNS) Internet of Things (IoT) botnet, which initially targeted home routers, IP cameras, and video recorders, has been expanded by cybercriminals to target two NoSQL database servers, making it a cross-platform botnet. […]

Welcome to MeriTalk News Briefs, where we bring you all the day’s action that didn’t quite make the headlines. No need to shout about ‘em, but we do feel that they merit talk. […]

Lawmakers last Wednesday decried a surreptitious industry effort to correct longstanding hardware vulnerabilities affecting nearly all modern computer processors. The reason? The Federal government didn’t get the memo. […]

Welcome to MeriTalk News Briefs, where we bring you all the day’s action that didn’t quite make the headlines. No need to shout about ‘em, but we do feel that they merit talk. […]

Welcome to MeriTalk News Briefs, where we bring you all the day’s action that didn’t quite make the headlines. No need to shout about ‘em, but we do feel that they merit talk. […]

Amid mounting concern about attacks by foreign adversaries on the Department of Homeland Security’s supply chain, two House subcommittees met today to discuss that threat and legislation proposed by the White House–the Federal Information Technology Supply Chain Risk Management Improvement Act–that would respond to the problem. […]

Department of Defense (DoD) Chief Information Officer Dana Deasy said today at the Defense Systems Summit that he has identified four “key strategic areas” that will work to support the National Defense Strategy (NDS). Those four areas – cloud, artificial intelligence, C3 (command, control, and communications), and cybersecurity – are organized not in order of importance, but rather “order of integration,” Deasy said, with each of the priorities flowing from the prior one. […]