The Cybersecurity and Infrastructure Security Agency (CISA), along with Federal and international partners, released a list of frequently exploited common vulnerabilities and exposures (CVEs), including the top 15 most exploited CVEs of 2021. […]
The Defense Information Systems Agency’s (DISA) Thunderdome zero trust project, along with associated identity, credential, and access management (ICAM) efforts, is currently in the process of standing up capabilities in a lab setting before testing it in fielded networks and eventually doing an operational assessment this fall. […]
The Department of Health and Human Services (HHS) announced it launched a new $90 million initiative to improve data collection for health centers to reduce health disparities. The initiative will utilize the remaining American Rescue Plan Act (ARPA) funds. […]
The General Services Administration (GSA) has launched a new Federal acquisition tool, Buy.GSA.gov, to work to centralize the Federal acquisition experience, GSA announced on April 26. GSA said the tool’s key features include the ability to simplify market research, searchable templates and sample documents, and an interactive acquisition package checklist. “This buyer experience tool was built […]
The Department of Homeland Security’s (DHS) “Hack DHS” program has successfully completed its first bug bounty program and identified 122 vulnerabilities at the agency. […]
After a lengthy internal review process, the Department of Defense (DoD) released its Cybersecurity Maturity Model Certification (CMMC) 2.0 requirements in November and is now in the early stages of a rulemaking process to implement the revised program. […]
The National Geospatial-Intelligence Agency (NGA) is in the process of taking over operational control of the Defense’s Department’s (DoD) Project Maven, which the Pentagon formed in 2017 to speed integration of big data and machine learning (ML) technologies, NGA Director Vice Adm. Robert Sharp explained on April 26 at the GEOINT 2022 Symposium. […]
The Labor Department is launching a new program to better understand and fix gaps in unemployment insurance (UI) system access by tapping into state data to get better insights into UI system service problems. […]
House and Senate negotiators are slated to begin their formal conferencing process this week to hammer out a final version of legislation that would deliver billions of Federal funding to innovation-directed programs and jump-start United States semiconductor production, Senate Majority Leader Chuck Schumer, D-N.Y., said April 25. […]
The Department of Defense (DoD) has named Dr. Craig Martell Chief Digital and AI Officer (CDAO), where he will operate as DoD’s senior official responsible for accelerating data adoption, analytics, digital solutions, and AI functions to generate decision advantage. […]
As the one-year anniversary of the Biden administration’s cybersecurity executive order (EO) nears, join Federal government and industry experts on May 19 for MeriTalk’s in-person Cyber Central conference to explore how agencies are building a more resilient government cybersecurity posture. […]
The Cybersecurity and Infrastructure Security Agency (CISA) is bringing on Bob Lord – who has served as the first chief security officer for the Democratic National Committee since 2018 – as a senior technical advisor to the agency, CISA announced April 25. […]
State and local governments (SLGs) have primarily utilized funds made available by the American Rescue Plan Act (ARPA) and the Infrastructure Investment and Jobs Act to develop broadband infrastructure, but another significant broadband infrastructure funding opportunity available to SLGs seems to have been overshadowed. […]
The Department of State is looking to hire up to about 50 data scientists to work in different agency offices and portfolios, as well as support data-driven diplomacy. […]
The United States Cyber Command’s (CYBERCOM) Cyber Procurement Office awarded a nearly $60 million contract to Sealing Technologies for the company to continue to produce a successful prototype of a hunt-forward solution for CYBERCOM’s hunt-forward operations, the company announced April 21. […]
New legislation filed by Rep. Ted Lieu, D-Calif., on April 20 would create additional legal protections for metadata generated by customers of online service providers and stored in cloud-based systems, in addition to the content of the electronic communications that they generate. […]
New legislation introduced in the House on April 21 aims to increase U.S. expertise in energy infrastructure cybersecurity by authorizing Department of Energy (DoE) grants to expand education and training opportunities that are “the convergence of cybersecurity and energy infrastructure.” […]
National Cyber Director Chris Inglis warned that the U.S. and its allies have to stay on high alert for possible Russian cyberattacks, although no major attacks appear to have been launched thus far since Russia invaded Ukraine in late February. […]
The Defense Department’s (DoD) research and engineering arm wants to up the ante on microelectronics, 5G telecommunications technology, and hypersonics in Fiscal Year 2023, Under Secretary of Defense for Research and Engineering Heidi Shyu said April 20. […]
The General Services Administration (GSA) has launched a new acquisition advisory committee for addressing the climate crisis and increasing sustainability across the Federal government. […]
The Government Accountability Office (GAO) is flagging the Department of Education to address data-driven issues the agency has tracking student loan borrowers’ payments and to do more to ensure all eligible borrowers receive loan forgiveness when they are entitled to it. […]
States can officially start submitting funding requests for their broadband expansion needs starting May 16 when the National Telecommunications and Information Administration (NTIA) plans to release a funding opportunity, said NTIA Administrator Alan Davidson. […]
Wider use of software bills of materials (SBOM) requirements represents a key building block in software security and software supply chain risk management that Federal agencies need to increasingly rely on going forward, an official from the Cybersecurity and Infrastructure Security Agency (CISA) said today. […]
The U.S. Customs and Border Patrol (CBP) organization has not collected or recorded complete data for its Missing Migrant Program, and lacks a plan to evaluate the program’s ongoing development, according to a recent report from the Government Accountability Office (GAO). CBP is a component agency of the Department of Homeland Security (DHS). […]
The Cybersecurity and Infrastructure Security Agency (CISA) issued a joint cybersecurity advisory April 20, along with Federal law enforcement partners and international allies, that the agency says lays out the “most comprehensive view” of the cyber threat Russia poses to critical infrastructure owners since Russia invaded Ukraine in February. […]
The volume of phishing-based cyberattacks rose by 29 percent in 2021 over prior-year levels and was driven in part by an increase in phishing-as-a-service schemes, according to new research from cloud security services provider Zscaler and its ThreatLabz research operation. […]
The General Services Administration (GSA) is working on a series of playbooks for Federal agencies to use as they proceed with implementing plans to migrate toward zero trust security architectures, and expects to begin releasing those within a couple of months, a senior GSA technology official said today. […]
The Office of Management and Budget (OMB) is forging ahead with executing President Biden’s Federal customer experience improvement executive order issued last December by framing the planned service improvements around five distinct major life events where citizens may rely more heavily on the government for help. […]
The Cybersecurity and Infrastructure Security Agency (CISA) is seeking industry feedback on two reference documents, one for Secure Cloud Business Applications (SCuBA) and a framework for organization visibility data, according to an April 19 CISA blog post. […]
The Cybersecurity and Infrastructure Security Agency (CISA), Federal Bureau of Investigation (FBI), and the U.S. Treasury Department issued a joint cybersecurity advisory (CSA) on April 18 warning of North Korean state-sponsored actors targeting attacks on crypto and blockchain technology providers. […]