A report issued May 31 by the New America Foundation’s Cybersecurity Initiative recommends that the Federal government consider three “priority efforts” to help state governments advance their own efforts to improve cybersecurity, including “designating specific cybersecurity funding that is linked to national priorities.” […]

With the Department of Veterans Affairs (VA) formally signing on last month to adopt the same electronic health records system as the Department of Defense (DoD), the two agencies are putting a lot of chips on a solution to a problem that history suggests is pretty risky. […]

Welcome to MeriTalk News Briefs, where we bring you all the day’s action that didn’t quite make the headlines. No need to shout about ‘em, but we do feel that they merit talk. […]

Following the release of a report to President Trump on the increasing threat of botnets, Sen. Mark Warner, D-Va., said Thursday that the government is not doing enough to force the private sector to build better security into Internet of Things (IoT) devices. […]

The State Department on Thursday announced its vision for U.S. cyberspace policy based on articulated deterrents to criminal cyberattacks, protection of an open Internet, and international engagement and collaboration to achieve those goals, according to the summaries of two reports to President Trump authorized by the Cyber Executive Order (EO) of May 2017. […]

It’s probably not a shocking revelation to learn that Federal IT managers are less than happy with their agency’s IT infrastructure. Their biggest gripes, according to a recent MeriTalk survey are that it’s 1) expensive, 2) difficult to manage, and 3) inefficient. Small wonder then that the same survey found that nearly all of those who participated—92 percent of 150 Federal IT managers—were frustrated with the state of their infrastructure.   […]

We are happy to present the inaugural edition of MeriTalk News Briefs, where we bring you all the day’s action that didn’t quite make the headlines. No need to shout about ‘em, but we do feel that they merit talk. […]

The Federal Information Technology Acquisition Reform Act (FITARA), passed by Congress in December 2014, represented the first major legislative overhaul of Federal IT in nearly 20 years. Beginning in November 2015, the Government Accountability Office (GAO) has released two scorecards a year grading agencies’ performance under the law. Suffice to say, agencies haven’t always been making the GAO’s Honor Roll, with plenty of Cs and Ds to go around. However, many agencies have made significant improvements over the last 3 years. […]

The current cybersecurity workforce shortage in the United States is daunting and only due to get worse over the next few years, the Departments of Commerce (DoC) and Homeland Security (DHS) reported to President Trump in a document released Wednesday. […]

Military users will soon see a tenfold boost in the Department of Defense’s telecommunications network, in a move that will support the service’s combatant commands, the Joint Information Environment (JIE), and in the process, DoD’s push toward commercial cloud services. […]

A new report from the Departments of Commerce (DoC) and Homeland Security (DHS) suggests that the proliferation of botnets and the automated, distributed cyber attacks they generate will cause greater problems for Federal agencies absent a robust government response to the problem that includes a proper mix of funding, policies, and public-private collaboration. […]

A group of 19 Democratic senators today urged John Bolton, President Trump’s National Security Advisor, to reverse course on his decision earlier this month to eliminate the White House cybersecurity coordinator position. […]

A new White House report says three quarters of Federal agencies are not managing their cybersecurity risk correctly and are consequently at “risk or high risk” of data theft or network intrusion due to poor cybersecurity programs. […]

The U.S. Cyber Command is ready for its close-up. The command announced May 17 that all 133 of its Cyber Mission Teams are fully operational, capping a roughly one-month stretch that saw the arrival of a new commander, the opening of a new operations center, and the official designation of Cybercom as a full unified combatant command. […]

The House Oversight and Government Reform (OGR) IT subcommittee followed up last week’s release of the sixth FITARA Scorecard (Scorecard 6.0) by releasing a second, more detailed scorecard. It provides insight into each of the categories of FITARA scoring, with methodology, metrics, calculations, and detailed data points on just how well each of the 24 agencies fared.  […]

The Department of Labor’s Office of Inspector General (OIG) said the agency needs to improve in two key legislative areas related to IT management, according to OIG’s semiannual report released Tuesday and covering October 2017 through March 2018. […]

Today the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) released a joint Technical Alert (TA) identifying two families of malware–dubbed Joanap and Brambul–used by the North Korean government. […]

Members of the Senate Banking, Housing and Urban Affairs Committee voiced support this week for legislation to require greater corporate disclosure of cybersecurity preparedness, and relayed concerns that personally identifiable information (PII) collected by government and private sector entities cannot be adequately safeguarded against theft or loss. […]

The Pentagon wants more hackers to take aim at its systems, launching another program that invites crowdsourced attacks from outside the Department of Defense (DoD) to help it identify and mitigate vulnerabilities in its networks and information systems. […]

Federal government agencies must work on improving mobile device security, as people are increasingly attached to their devices and attackers can wield a variety of new threats that can expose agencies’ passwords, personal information and networks, industry officials said this week.   […]

The flagship model for organizational cybersecurity policies just got a new coat of paint. The National Institute of Standards and Technology (NIST) on April 16 released version 1.1 of its Framework for Improving Critical Infrastructure Cybersecurity , which updates the agency’s original voluntary cybersecurity framework for critical infrastructure sectors issued in 2014. […]

Because spending plans make for informative policy documents, an April markup of the 2019 National Defense Authorization Act (NDAA) offers an outline of the Department of Defense’s plans for its cyber operations and the development of new technologies. […]

A new report from the Government Accountability Office (GAO) this week raises concerns that the National Aeronautics and Space Administration (NASA) isn’t properly protecting its IT systems. The agency spends about $1.5 billion annually on IT investments to support its missions. […]

The Department of Justice (DoJ) announced today that a Federal jury convicted Ruslans Bondars, a resident of Latvia, on three counts related to his operation of “Scan4you,” an online counter-antivirus service. […]

Immediately following National Security Advisor John Bolton’s decision to eliminate the post of one of the President’s top cybersecurity advisors, lawmakers pushed back with legislation aimed at reinstating the position and requiring Senate confirmation for it under a newly established National Office for Cyberspace. […]

Department of Homeland Security (DHS) Secretary Kirstjen Nielsen emphasized at a Senate Homeland Security and Governmental Affairs Committee hearing this week the importance of shoring up United States cyber defenses, and said that effort would be helped by adequate funding and reorganization of a key DHS department. […]

This month marks the first anniversary of President Trump signing his cyber executive order (EO), formally titled the Presidential Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure. […]

The Department of Homeland Security (DHS) today unveiled a new five-pronged strategy aimed at managing “national cyber risk,” and in particular, U.S. “cyber and critical infrastructure security.” […]

John Bolton, President Trump’s national security adviser, has eliminated the White House cybersecurity coordinator position. […]

In a previously announced move, the Pentagon elevated the U.S. Cyber Command to a full unified command. This reflects the universal role cyber operations–and potential cyber threats–have come to play across the range of military activities, and how relatively quickly virtual technologies have changed the game. […]