The General Accountability Office said in a report issued today that the Internal Revenue Service made some progress during FY 2017 in addressing information security control issues previously flagged by GAO, but it also said a more recent audit by the watchdog agency covering FY 2017 turned up newly identified control deficiencies – leaving IRS with a total of 154 improvement recommendations at the end FY 2017. […]

Speaking at the Department of Homeland Security’s (DHS) inaugural National Cybersecurity Summit, Christopher Krebs, under secretary for DHS’ National Protection and Programs Directorate, announced formation of the Information Communications Technology Supply Chain Task Force. […]

Following the Department of Homeland Security’s announcement of a new National Risk Management Center, critical infrastructure executives along with Federal agency leaders hailed the new coordinating wing of DHS as a way to harness the collective strengths of both government and industry to address cyber concerns that have the potential to hobble the nation’s critical functions. […]

The Department of Homeland Security (DHS) will launch a National Risk Management Center this week to provide a first response outlet for private sector critical infrastructure companies that are targeted by cyberattacks, DHS Secretary Kirstjen Nielsen announced today. […]

Security in the cloud is a shared responsibility between cloud service providers (CSPs) and government organizations. CSPs provide agencies with a secure platform to operate on, but it is the responsibility of agency security leaders to ensure the applications that are being hosted have been hardened, according to security experts. […]

Welcome to MeriTalk News Briefs, where we bring you all the day’s action that didn’t quite make the headlines. No need to shout about ‘em, but we do feel that they merit talk. […]

Booz Allen Hamilton has won a task order worth up to $1.03 billion to provide services under the Continuous Diagnostics and Mitigation (CDM) Program to CDM’s Group D Federal agencies, according to contracting information on the General Services Administration’s (GSA) Federal Procurement Data System. […]

President Trump on Friday nominated James Gfrerer to head IT for the Department of Veterans Affairs. Pending Senate confirmation, Gfrerer will be the VA’s CIO and assistant secretary for information and technology. […]

State-sponsored cyberattacks are the new normal in adversarial international activity, whether on large or small scales. […]

At a House Homeland Security Committee hearing on Wednesday, July 25, to examine findings of the Federal Cybersecurity Risk Determination Report and Action Plan released by the Office of Management and Budget (OMB) in May, lawmakers and private sector witnesses hailed new legislation as a necessary – but on its own insufficient – step to bring down the security risks of three-quarters of Federal agencies deemed in cyber danger. […]

The House Oversight and Government Reform Committee’s information technology and government operations subcommittees held a joint hearing Wednesday to key in on the most salient, persistent, and omnipresent issue in Federal agency IT: cybersecurity. On hand to testify were Federal CIO Suzette Kent, and Comptroller General Gene Dodaro, seeking to illuminate congressional inquirers on Federal agency progress to mitigate the wide range of cyber risks. […]

Welcome to MeriTalk News Briefs, where we bring you all the day’s action that didn’t quite make the headlines. No need to shout about ‘em, but we do feel that they merit talk. […]

The Government Accountability Office (GAO) released an interim report today detailing four major challenges and 10 critical actions that it says must be taken in order to stem the growing tide of cybersecurity threats facing the nation and Federal agencies. […]

Today’s House Committee on Oversight and Government Reform (OGR) covered the waterfront on election cybersecurity issues but came up with little that differed much from many of the other election cybersecurity hearings that have happened on the Hill over the last few months. The greatest hits were once again discussed–concerns over involvement in the 2016 election, threats facing the 2018 midterm elections, and how to respond to Russia cyber aggression towards U.S. election infrastructure and technology. […]

The House Homeland Security Committee today voted to recommend two bills, the Advancing Cybersecurity Diagnostics and Mitigation Act and the Department of Homeland Security Chief Data Officer Authorization Act, aimed at strengthening and solidifying IT operations of the Department of Homeland Security (DHS) and to guard against evolving cybersecurity threats. […]

In the push to keep Federal IT systems secure, cybersecurity teams find themselves overloaded with information and tools and would like to see automation help them turn information into actionable intelligence, IT and industry leaders said during a FedInsider webinar on July 19. […]

The National Defense Authorization Act (NDAA) for FY 2019 took a big step toward passage with the release of the conference report late yesterday that unifies House and Senate NDAA legislation and places in sharp focus concerns about growing cyber and electronic warfare threats and ways that the United States should address them. […]

Welcome to MeriTalk News Briefs, where we bring you all the day’s action that didn’t quite make the headlines. No need to shout about ‘em, but we do feel that they merit talk. […]

In 2016, criminals stole $1.6 billion from the Internal Revenue Service (IRS) by using false identities to claim fraudulent tax refunds, according to IRS estimates. In a report released today, the Government Accountability Office (GAO) zeroes in on IRS’ authentication efforts as a way to reduce fraud and save tax payer dollars, and offers 11 recommendations for IRS consideration. […]

Support for S. 2593, the Secure Elections Act of 2018, is growing in the Senate as four more legislators signed on as cosponsors late last week. […]

The Department of Justice (DoJ) said Thursday it was putting in place a new policy governing disclosure by DoJ and other Federal agencies of “foreign influence operations” being conducted in the United States. The agency said the new policy “provides guideposts for Department action to expose and thereby counter foreign influence threats, consistent with the fundamental principle that the Department always must seek to act in ways that are politically neutral, compliant with the First Amendment and designed to maintain the public trust.” […]

As the National Defense Authorization Act (NDAA) for FY2019 makes its way through the House-Senate conference process, Senate Republicans today agreed to drop their ban on China-based communications equipment maker ZTE in favor of the House’s more lenient version of that measure. […]

Grant Schneider, currently the acting Federal chief information security officer, has been named Federal CISO on a permanent basis, the Office of Management and Budget (OMB) announced on Thursday. As CISO, Schneider is tasked with implementing cybersecurity practices across the executive branch, as well as serving as a policy advisor for the Trump administration. […]

Welcome to MeriTalk News Briefs, where we bring you all the day’s action that didn’t quite make the headlines. No need to shout about ‘em, but we do feel that they merit talk. […]

The House Intelligence Committee today heard testimony from several witnesses who warned that China is actively working to infringe upon the intellectual property rights of U.S. entities, engages in cyberespionage against the United States, and poses a growing cyberthreat to the country. […]

Margaret Weichert, deputy director for management at the Office of Management and Budget (OMB) and one of the Trump administration’s most visible point persons promoting its plan to reorganize numerous aspects of Federal civilian agencies, said on Wednesday that the first fruits of that plan may be efforts to standardize aspects of the Federal cybersecurity workforce, ease the backlog of Federal background checks, and make improvements in the provision of government digital services generally. […]

Welcome to MeriTalk News Briefs, where we bring you all the day’s action that didn’t quite make the headlines. No need to shout about ‘em, but we do feel that they merit talk. […]

Following a July 16 letter by former government officials requesting disclosure of 2020 Census cybersecurity policies, the U.S. Census Bureau issued a statement today affirming its “robust cybersecurity program” and ensuring interested parties that cybersecurity remains paramount at the bureau. However, it said it was declining to reveal all of its encryption policies “as a matter of data security.” […]

The Office of the Inspector General (OIG) found that the General Accountability Office (GAO) isn’t fully compliant with the Federal Information Security Modernization Act of 2014 (FISMA), according to a report released yesterday. […]

Matt Goodrich, FedRAMP director, and Ashley Mahan, FedRAMP evangelist, addressed industry feedback to FedRAMP’s recently released authorization boundary guidance during a webinar today. […]