The Department of Homeland Security (DHS) is looking use self-assessments to evaluate the cybersecurity posture of agency contractors, rather than conduct third-party assessments like the Department of Defense (DoD) is doing with its Cybersecurity Maturity Model Certification (CMMC) program. […]
The National Security Telecommunications Advisory Committee (NSTAC) voted on August 23 to approve a report recommending that the Cybersecurity and Infrastructure Security Agency (CISA) issue an order requiring all Federal civilian agencies to catalog all of their operational technology (OT) devices and systems as one of many steps to improve OT cybersecurity in government and the private sector. […]
Because adversaries like China and Russia increasingly have their hands in the information communication technology arena – whether directly or through subsidiaries – one of the keys to improving cybersecurity in an expanding threat landscape involves strong risk management, in addition to prevention, Federal experts said this week. […]
Kurt DelBene, chief information officer (CIO) at the Department of Veterans Affairs (VA), said today that his agency is not spending enough on cybersecurity, and would benefit from being able to pay higher salaries in order to recruit and retain cyber experts. […]
The Defense Information Systems Agency (DISA) recently launched a technology incubator – dubbed DISAWERX – to enable the rapid experimentation of new ideas and technologies for novel and innovative solutions to DISA’s most pressing technical challenges. […]
The National Telecommunications and Information Administration (NTIA) said on August 17 that all 50 states, along with the District of Columbia and all U.S. territories, have filed applications for initial planning funds under the government’s Broadband Equity, Access, and Deployment (BEAD) Program that aims to distribute $42.4 billion of broadband-related grants to underserved or unserved communities. […]
The Government Accountability Office (GAO) said in new report issued today that it has delivered another 18 recommendations to the Defense Department (DoD) to improve operations across a range of agency functions, and also provided an update showing some DoD progress on outstanding cybersecurity-related recommendations. […]
The Cybersecurity and Infrastructure Security Agency (CISA), along with the U.S. Election Assistance Commission, National Association of Secretaries of State (NASS), and the National Association of State Election Directors (NASED), held an annual election security exercise last week to test Election Day plans. […]
The National Institute of Standards and Technology (NIST) released a second draft of its Artificial Intelligence (AI) Risk Management Framework (RMF) on Aug. 18, including further guidance on developing trustworthy and responsible AI systems. […]
Nancy Rainosek, chief information security officer for the state of Texas, explained how her office has been providing secure technical infrastructure to employees executing their duties in a hybrid work environment, during an August 17 event entitled Stuck in Neutral: How to Jumpstart Change in Government, hosted by GovLoop. […]
The U.S. Marine Corps (USMC) has awarded Sealing Technologies a $168.5 million task order to help the agency implement a suite of tools designed for executing defensive cyber operations (DCO). […]
The Cybersecurity and Infrastructure Security Agency (CISA) has made only limited progress in improving the overall quality of cyber threat data information it shares with third parties, and needs to do more to provide context for that shared information, the Department of Homeland Security (DHS) Office of Inspector General (IG) said in an oversight report. […]
The Department of Energy (DoE) announced $45 million of investments that aim to create, accelerate, and test next-generation technology to protect the electric grid from cyberattacks and ensure the seamless offering of clean and cheap energy to Americans. […]
The need to move away from the use of passwords as a primary mode of authentication and security remains one of the most important steps that government and private sector organizations can take to improve security and move toward zero trust security, according to Kenny Harrison, Division Chief of the Telecommunications Office at the U.S. Census Bureau. […]
Office of Personnel Management (OPM) Chief Information Officer Guy Cavallo said today that his agency’s work with the General Services Administration’s (GSA) login.gov technology for authentication and identity proofing is paying off in OPM’s continuing efforts to make enterprise-wide technology improvements. […]
The Commerce Department’s International Trade Administration (ITA) component has launched a fresh effort to gather insights into the current global artificial intelligence (AI) market, along with concerns about international AI policies, regulations, and other measures which may impact U.S. exports of AI technologies. […]
Microsoft has disrupted a Russian cybercriminal group named SEABORGIUM from conducting further cyberattacks that have heavily aligned with Russian state interest. […]
The U.S. Central Command (USCENTCOM) is opening up a contest to highlight servicemember and civilian ideas, inventions, and processes aimed at finding new solutions to military problems. The contest, called Innovation Oasis, is a “Shark Tank”-like innovation competition where USCENTCOM will select on October 12 the five best ideas with the greatest potential to improve operations, policy, or the lives of troops. […]
Implementation of Site Reliability Engineering (SRE) practices – which involve applying software engineering to DevOps and operations problems – is working through a number of hurdles including training issues, government and private sector experts explained at an August 11 event organized by ATARC. […]
Sen. Angus King, I-Maine; and Rep. Mike Gallagher, R-Wis., are asking Health and Human Services Secretary Xavier Becerra for a briefing on what HHS is doing to help share cyber threat data with members of the healthcare and public health (HPH) sector – particularly in light of ramped-up ransomware attacks against the sector in recent years. […]
Federal agencies need to adjust their cyber threat scanning protocols to ensure they are getting a full-scope analysis of possible risk factors within their networks, and are not just scratching the surface on risks, officials from the State Department said on August 11 at an event organized by Federal News Network. […]
President Biden is vowing to sign the Inflation Reduction Act this week after a divided House of Representatives on Friday approved the legislation that backers hope will help the Internal Revenue Service (IRS) rebuild its antiquated technology systems. […]
A new report from the House Oversight and Reform Committee calls for a whole-of-government plan to support state and local election officials amid an increase in election misinformation and disinformation. […]
Leading technology and security companies are banding together to share tools and products to better guard against cyberattacks, saying their security teams are spending more time correlating a blitz of unintegrated data than detecting and responding to threats. […]
Legislation recently introduced in the Senate aims to create a Federal grant system to help fund the construction of new broadband networks in parts of the country that either don’t have much broadband service currently available or that have service speeds of less than 100 megabits per second (Mbps) upload and 20 Mbps download. […]
The Cybersecurity and Infrastructure Security Agency (CISA) on Aug. 10 released a new cyber toolkit to help state and local election officials improve the cybersecurity and resilience of their infrastructure ahead of the midterm elections in November. […]
House Energy and Commerce Committee Chairman Frank Pallone, D-N.J., Ranking Member Cathy McMorris Rodgers, R-Wash., and subcommittee leaders sent letters on August 10 to five agencies inquiring about their progress in addressing the Apache Log4j vulnerability. […]
A new report from BlackBerry and Corvus Insurance finds that many businesses will struggle to bear the financial costs of ransomware attacks that are not already covered by their insurance companies, and that most of the businesses surveyed believe government should help victims recover from attacks that are linked to nation-states. […]
Chris Krebs, who led the Cybersecurity and Information Security Agency (CISA) from 2018 to 2020, said today that his vision for the Federal government’s next leap forward on the technology front involves creating a new “U.S. Digital Agency” that would combine elements of CISA and several other existing agencies to create an organization “focused on empowering better digital risk management services.” […]
A new report from the Department of Veterans Affairs (VA) Office of Inspector General (OIG) found that the agency is not effectively managing or coordinating its identity, credential, and access management (ICAM) program, and because of that is leaving information vulnerable to cyber intrusions. […]