Government employees are playing Russian roulette every time they open their inbox. […]

As government cyber warriors recover from their red-eye journey back from the RSA conference, there’s news on the leadership progression at the top cyber operational position in government. The Department of Homeland Security (DHS) named Paul Beckman as the DHS HQ CISO. Formerly deputy CISO for DHS HQ, Beckman replaces, who recently retired from government service.  […]

The internet has never been an especially safe place, but at least one small corner of it–email–was less perilous for most users in 2017. […]

In another example of how far the cyber domain is pervading every aspect of warfare, military units are beginning to add cyber protection testing to vehicles before they hit the road. […]

Bot-driven cyberattacks and other fast-spreading malware have been making some pretty big waves of late. The Mirai botnet, for example, launched several record-setting Distributed Denial-of-Service–DDoS–attacks starting in September 2016. […]

At the RSA Cybersecurity Conference in San Francisco, Department of Homeland Security (DHS) Secretary Kirstjen Nielsen made it clear that the United States has “a full spectrum of response options” to defend against cyber attacks and hacks. […]

Uncle Sam’s Russopobia got a shot in the arm from a recent Department of Interior (DOI) Inspector General report. […]

Last month, the Department of Homeland Security issued a rare public alert about a large-scale Russian cyber campaign targeting U.S. infrastructure. The news raised serious concerns about vulnerabilities in the nation’s power grid and other critical infrastructure assets.   […]

As every serious runner knows, preparing for a big race can be a daunting task; it takes time, patience, and determination to succeed.  Once the training schedule begins, the runner must be diligent with sticking to the task.  By neglecting even one workout, the runner can risk losing progress, and not finish the race. […]

Yogi Berra told us it’s like déjà vu all over again–and cyber stalkers let out a huge yawn at yesterday’s House Armed Services Committee hearing on cyber operations. This torturous exercise in reviewing technology security and public safety challenges associated with critical infrastructure was studded with the clichés and platitudes that set our nation up for a massive kinetic cyber attack. […]

Security is the great white whale of Federal IT–even as we make progress, it is just out of reach. Late last month, Zscaler announced it had prioritized rigorous security standards by achieving the Service Organization Control (SOC) 2, Type II Certification. […]

Cybersecurity is at the heart of IT modernization. While modern technologies provide agility and convenience, a core requirement of new solutions is the ability to respond to new threats. […]

Last week, the National Institute of Standards and Technology (NIST) revealed the initial public draft of its Special Publication 800-160 Volume 2, Systems Security Engineering: Cyber Resiliency Considerations for the Engineering of Trustworthy Secure Systems. […]

The U.S. military has long laid claim to having the best-equipped, best-trained fighting force in the world, and to spending more on defense than the next eight top-spending nations combined. But when the battleground is cyberspace, does that claim hold up? […]

It is imperative for Federal agencies to effectively utilize threat intelligence combined with the power and agility of the cloud to better defend their networks. But, today, agencies are lacking adequate situational awareness to give their IT and security teams more clarity about what is going on in their networked environments. So, what’s holding them back? […]

The Department of Homeland Security’s (DHS) rare public alert last week about a large-scale Russian cyber campaign targeting U.S. infrastructure raised a piercing alarm about vulnerabilities in the nation’s power grid, and underscored what officials have meant when talking about the need for a whole-of-government and whole-of-nation approach to cyber defense. Protecting against a major attack, managing the damage once one hits, and responding to an attack are beyond the reach of any one agency or sector, they argue; the job requires concerted efforts from the public and private sectors. […]

While Federal agencies race to migrate to the cloud, security concerns seem to multiply by the hour. This month alone, Russian hackers penetrated the U.S. power grid; cyber attackers got into the network of a petrochemical company in Saudi Arabia in hopes of triggering an explosion; and North Korean hackers apparently “blitzed” Turkish banks and government organizations to gather intel for a future heist. […]

Opening day for the Nationals might be a week away, but four Beltway insiders have already knocked one out of the park. The latest omnibus spending bill, which passed through the Senate early Friday morning, includes $100 million for the MGT Act’s centralized revolving capital fund. President Trump signed the MGT Act into law late last year as an amendment to the National Defense Authorization Act. […]

The tactics of warfare aren’t what they used to be. In addition to asymmetric battlefield tactics that differ from conventional battles, they also can include cyber, social, economic, and psychological strategies that don’t necessarily involve physical combat or destruction–or even direct human involvement–and can’t be divined by tracking troop movements or fleet deployments. As a result, the signs of impending war aren’t what they used to be either. […]

Agencies are rolling out aspects of the Continuous Diagnostics and Mitigation (CDM) Program with varying degrees of speed and success, but the inherent benefits of the program are not being questioned. […]

On Tuesday, President Trump released his management agenda, which focused heavily on his IT modernization goals. Top of mind for the administration? Improving the customer experience, helping agencies better deliver on their missions, and reducing costs to the taxpayer. […]

Federal IT comes with some baggage–much of its data is trapped in legacy technologies.  Agencies can’t realistically pick everything up and move to more modern infrastructure.  So how do they bridge the gap?  MeriTalk’s latest report found that improving data sharing between new and legacy systems is the number one solution to accelerating Federal IT modernization.  The “Modernizing the Monolith” study explores why legacy systems are so persistent and outlines a path to modernizing with them, instead of in spite of them. […]

A recent study showing just how easy it is to hack into Internet of Things (IoT) devices–and to use that access to gain entrance to a larger network–focused on commercial products used in the home. However, it could serve as yet another wake-up call for the Department of Defense and other government agencies that are increasingly relying on IoT. […]

The Department of Homeland Security (DHS) has been working in unison with the Office of Management and Budget to assess the risk management posture of the Federal government. They’ve been using a combination of agency self-reporting and independent verification to evaluate each agency’s mitigation techniques as well as the nation’s overall security standing. DHS’ latest […]

Government IT leaders may feel a little punch drunk lately. Between new mandates, an understaffed workforce, and aging systems–they are getting hit from all angles. Indeed, Chad Sheridan, CIO for USDA’s Risk Management Agency kicked off his keynote at last Thursday’s Veritas Public Sector Vision Day in Washington, D.C. by quoting Mike Tyson: “Everybody has a plan until they get punched in the mouth.” […]

Do agencies have enough time to make a smooth transition to the new Enterprise Infrastructure Solutions (EIS) contract by spring of 2020 when the older telecom contract vehicles expire? […]

Artificial intelligence (AI) deployments in the Federal government are already making government smarter, based on examples shared during the second of a three-part series on AI launched last month by the House Subcommittee on Information Technology. Federal agency leaders from the Defense Advanced Research Projects Agency (DARPA), the General Services Administration (GSA), National Science Foundation (NSF), and Department of Homeland Security (DHS) discussed how AI is being implemented to improve the mission of their agencies and what is required to ensure the technology continues to be viewed as a problem solver. […]

The Department of Defense (DoD) and contractor Cerner are coming off an eight week break in the initial deployment of what’s planned to be a worldwide health care records system. The team stopped work to address glitches in system performance and contend with negative user feedback. But officials in charge of the deployment of the MHS Genesis system said the pause was planned as part of the rollout, initial complaints were expected, and DoD still expects to complete the $4.3 billion system by 2022. […]

Not all bots are bad. But in the wrong hands, botnets can be commanded to do some very nefarious things, like Distributed Denial of Service–DDoS–attacks to disrupt and bring down websites. There are also malware-based bots that are increasingly being used to steal data and personal information. […]

Last month the Congressional Subcommittee on Information Technology began a three-part series of hearings to break through the myths and the hype to gain a real understanding of Artificial Intelligence (AI) and the role it can play in the Federal government. […]