Agencies undergoing digital transformation are combining on-premise, hybrid, and multiple cloud solutions into their environments. To that end, agencies need to weave cloud security and protection of on-premise systems into their broader security strategy for a true, defense-in-depth approach. […]

The Report to the President on Federal IT Modernization recommends modernizing the Trusted Internet Connections (TIC) program, which is critical to the Federal government’s broader digital transformation strategy. By the end of this month, the report calls for the Office of Management and Budget (OMB) to conduct data calls to agencies to discuss their cloud migration projects, and identify any delays caused by current TIC policy. And, by March 2, OMB will share a “preliminary update to the TIC policy,” and launch select pilot projects to test the new TIC requirements.






[…]

Email is a core network application for both the private sector the and government, and has become an essential business communication tool. Since email is nearly ubiquitous and often poorly secured, it also has become a vector for fraud and data theft. Phishing emails can compromise not only Federal networks and databases, but also trust in government communications.






[…]

With $5 billion in global revenue, Symantec is the 500 pound yellow gorilla in the cybersecurity business. Some dimensions on the beast: installed at every Federal cabinet-level agency; supports 350,000 customers; tracks 700,000 hackers; and leverages more than nine trillion elements of security data. Now, that’s a big monkey.






[…]

Software patching can never be done quickly enough, but some initiatives are setting Federal agencies on the route to better patching policies, according to security experts. “The river’s gotten wider and deeper, and so as it’s moving more rapidly the problem is that a lot of the organizations haven’t been able to change how they’re structured to go with it,” said John Scott, president of Ion Channel. “Most organizations aren’t equipped to deal with it.”






[…]

President Donald Trump’s executive order on cybersecurity, signed May 11, has received praise from both Congress and industry for continuing the progress of the previous administration and focusing on the issues of workforce development, IT modernization, and implementation of the NIST Cybersecurity Framework.






[…]