As President Biden’s cybersecurity executive order (EO) reaches its year-and-a-half milestone, Federal officials today agreed that the cyber EO is different from the rest as it “has legs” and will produce long-lasting results for the government. […]

MeriTalk recently sat down with Fortinet’s Jim Richberg, public sector CISO, Peter Newton, senior director, product marketing, and Fortinet Federal’s Felipe Fernandez, senior director, system engineering, to gain their insights into how Federal technology teams can integrate all of the components of a zero trust architecture to achieve holistic cybersecurity in a cloud, hybrid, or closed environment. […]

As both Federal chief information security officer and the deputy National Cyber Director, Chris DeRusha has a lot of visibility into Federal efforts to boost cybersecurity. At the AWS Summit in Washington, D.C., today, DeRusha expressed both pride in the Office of Management and Budget’s (OMB) Zero Trust strategy, while also acknowledging that the policy represents only the beginning of zero trust implementation across Federal civilian agencies. […]

As President Biden’s cybersecurity executive order (EO) stretches past its first year, Federal agencies are at varied points in their progress on the EO’s orders. Federal leaders say it is important for agencies to approach the EO’s zero trust components strategically and understand their networks as they make the move to a zero trust architecture. […]

Several major technology organizations have pledged more than $30 million to bolster the security of open-source software. […]

As President Biden’s landmark cybersecurity executive order (EO) approaches its first anniversary on May 12, new research shows that most Federal cybersecurity decision-makers solidly back the aims of the EO, but also think that its initial timelines to implement zero trust security are unrealistic. […]

Senior Federal and industry cybersecurity leaders agreed that the Office of Management and Budget’s (OMB) August 2021 memorandum M-21-31 to implement new event logging and share threat information has proven to be a significant step in bolstering cybersecurity across Federal civilian agencies. […]

Federal Communications Commission (FCC) Chair Jessica Rosenworcel wants the recently restarted FCC Interagency Cybersecurity Forum to focus on creating harmony between how the private sector and the Federal government implement cybersecurity controls. […]

The Cybersecurity and Infrastructure Security Agency (CISA) has released a draft version of its Applying Zero Trust Principles to Enterprise Mobility for public comment. […]

Security, in the past, was built on fixed physical networks that allowed access to trusted individuals and kept untrusted individuals out. But, as Federal agencies transform their digital environments and increase remote work security measures had to evolve, making zero trust architectures the new norm and identity the new perimeter. […]

While President Biden’s 2021 cybersecurity executive order (EO) doesn’t address all of the Federal government’s cybersecurity needs, a security expert from the Cybersecurity and Infrastructure Security Agency (CISA) said the EO’s goal drives toward prioritization of the government’s most pressing needs – rather than a fix-all approach. […]

The Department of Homeland Security (DHS) has officially formed the Cyber Safety Review Board called for in President Biden’s Cybersecurity Executive Order issued last year, and said the board’s first action will be to examine the log4j software library vulnerability that emerged in December 2021 and to generate lessons learned from that for the cybersecurity community. […]

Improving cybersecurity has become the key to better protecting critical infrastructure and meeting mission needs within the government space, but according to an official from the Government Accountability Office (GAO), Federal agencies still have a long way to go to be cyber-ready. […]

The National Institute of Standards and Technology (NIST) has updated its cybersecurity guidance for system engineers, adding more insight for engineers and programmers on mitigating system vulnerabilities. […]

A month after its first public warnings about the Log4j vulnerability, the Cybersecurity and Infrastructure Security Agency (CISA) is continuing to work with Federal agencies and the public to mitigate potential exposure, and also renewing calls for a software bill of materials (SBOM) to aid in system visibility and inventory management. […]

The Biden administration’s Cybersecurity Cybersecurity Executive Order issued in May 2021 has put a greater emphasis on cybersecurity at the Federal level – which is especially important after numerous high-profile ransomware and software supply chain attacks came to light earlier in the year – but many Federal cyber leaders say the Cyber EO only addresses a fraction of today’s cybersecurity challenges. […]

The Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) released new Cybersecurity Incident and Vulnerability Response Playbooks today, completing a vital assignment from President Biden’s Cybersecurity executive order (EO). […]

The acting manager of the Cybersecurity and Infrastructure Security Agency’s (CISA) Continuous Diagnostics and Mitigation (CDM) program is hailing quick progress that the program and Federal agencies have made in signing new agreements mandated by the Biden administration’s Cybersecurity Executive Order to share object-level network data with the CDM program, rather than the summary-level data that was previously required. […]

As Federal agencies approach the six-month mark since President Biden issued his Cybersecurity Executive Order (EO) in May, Federal officials are pointing to the zero trust, supply chain risk management, and data aspects of the EO as the greatest opportunities to make a difference in shoring up security. […]

Five months after the debut of the Biden administration’s sweeping Cybersecurity Executive Order, Federal agencies are “highly engaged” in grappling with the order’s mandate for migration to zero trust security architectures, both on the planning and funding fronts. […]

Microsoft is warning that it has seen Nobelium – the Russian nation-state threat group responsible for the SolarWinds software supply chain hack – trying to recreate the same approach that allowed it to gain access to Federal government systems, according to an Oct. 24 blog post from the company. […]

The Office of Management and Budget (OMB) is giving Federal agencies a three-month deadline to make initial strides at identifying the current state of endpoint detection and response (EDR) capabilities on their networks and to start undertaking additional work with the Cybersecurity and Infrastructure Security Agency (CISA) to quicken the pace of deploying those capabilities. […]

Proposed funding for a host of new tech-related spending projects are springing forth from new House committee legislative prints contributing to the $3.5 trillion reconciliation bill, and now it’s wait-and-see on which – if any – of them survive what is likely to be a free-wheeling House-Senate negotiation on the giant spending bill. […]

The House Homeland Security Committee will mark up its portion of the legislative language for the $3.5 trillion reconciliation bill tomorrow, but the released text of the chairman’s amendment to the bill shows that Rep. Bennie Thompson, D-Miss., proposes to give the Cybersecurity and Infrastructure Security Agency (CISA) $856 million to fund various programs and operations expenses. […]

A wide-ranging executive order released by the Biden administration on June 9 is seeking to revive an Obama-era push for more public disclosure of broadband service performance and contract terms – an effort that fell by the wayside during the Trump administration. […]

With President Biden’s cyber executive order (EO) guiding Federal agencies towards implementing zero trust architectures, the U.S. Army Corps of Engineers has already created a Zero Trust Playbook to help outline the change and create guidelines, the Corps’ CIO said today. […]

The board of the Technology Modernization Fund (TMF) has been reviewing in recent days proposals from Federal agencies to help fund their efforts to move toward zero trust security architectures, according to Matt Hartman, who is Deputy Executive Assistant Director for Cybersecurity at the Cybersecurity and Infrastructure Security Agency (CISA), and also a member of the TMF board.   […]

Anne Neuberger, the White House deputy national security advisor for cyber and emerging technologies who is a driving force behind the Biden administration’s cybersecurity executive order issued earlier this month, today noted an initial “disappointment” with Federal network hygiene in a follow-up discussion about the broader aims of the order. […]

Tech-sector reaction to the White House’s sweeping cybersecurity executive order issued May 12 came in largely positive today, with security technology makers particularly applauding the urgency of the administration’s plans, the enterprise-wide view that the order takes for improving security, and its actions to hasten the movement of Federal agencies to cloud services. […]