Cybersecurity cyber

A new report on FISMA compliance from the Office of the Inspector General (OIG) for the Board of Governors of the Federal Reserve System and the Bureau of Consumer Financial Protection (CFPB) found that the bureau has consistently implemented its information security programs but also called on CFPB to strengthen its enterprise risk management program, among other recommendations. […]

jeanette manfra dhs nppd oc&c assistant secretary

Jeanette Manfra, assistant secretary for the Office of Cybersecurity and Communications at the Department of Homeland Security, said today that the new update to Federal Information Security Modernization Act (FISMA) guidance will place even more accountability on department leaders and reflects an evolution in discussions between agencies and DHS.






[…]

global international cyber

The Office of Management and Budget (OMB) released its updated fiscal year 2019 guidance and deadlines for the Federal Information Security Modernization Act of 2014 (FISMA), containing similar deadlines and requirements to the prior year but featuring new language on using Continuous Diagnostics and Mitigation (CDM) vehicles for acquisitions of monitoring tools.






[…]

Federal CIO Suzette Kent called today’s first official test of the National Wireless Emergency Alert System a “historic event,” highlighting the test as evidence of the expanding role of mobile technologies and their impact on a broader effort toward digital transformation in the Federal government.






[…]

US Federal CIO Suzette Kent OMB MeriTalk CCXB

Federal CIO Suzette Kent said today that the Office of Management and Budget (OMB) is working with the Department of Homeland Security (DHS) to update metrics for Federal Information Security Modernization Act (FISMA) reporting, and said that agencies are seeing progress in those metrics, which are being tracked in a newly added category in the Federal IT Acquisition Reform Act (FITARA) scorecard.






[…]

Mark Kneidinger DHS Homeland Security NPPD Federal Network Resilience Division Director Office of Cybersecurity & Communications CS&C

The Department of Homeland Security is working with multiple Federal agencies to develop a new “risk radar” that will help agencies’ top executives contextualize cybersecurity risk and clarify where they need to apply focus and resources, according to Mark Kneidinger, director of the Federal Network Resilience division of DHS’ Office of Cybersecurity and Communications (CS&C).






[…]

The National Security Agency’s (NSA) Office of Inspector General (OIG) has for the first time released its semi-annual report to Congress as an unclassified document, and in the process shed light on IT deficiencies at the agency. The report, released Wednesday and covering the period of October 1, 2017 to March 31, 2018, highlights multiple audits that found numerous issues in the governance of NSA’s IT infrastructure and its subsequent ability to mitigate cybersecurity risk.






[…]

During a General Services Administration (GSA) webinar on July 18, officials explained why Federal agencies should use GSA tools to move to the cloud, how agencies can utilize IT Schedule 70 to move to the cloud, and how to meet FedRAMP requirements.






[…]

The Office of the Inspector General (OIG) found that the General Accountability Office (GAO) isn’t fully compliant with the Federal Information Security Modernization Act of 2014 (FISMA), according to a report released yesterday.






[…]

The House Oversight and Government Reform Committee (OGR) on Tuesday approved by voice vote a bill which would allow Federal agency heads to limit access to certain websites or deploy cybersecurity measures if they feel that it is necessary to secure their IT systems, but not before strong vocal dissent about the scope of the legislation.






[…]

Jordan Burris, senior cybersecurity advisor to Federal CIO Suzette Kent at the Office of Management and Budget (OMB), said Friday at an Information Security and Privacy Advisory Board (ISPAB) meeting that Federal agencies are continuing to make progress on curbing their cybersecurity risks, following concerning findings from the White House.






[…]

Survey results discussed during a June 14 Digital Government Institute webinar seem to bode well for end-user reception of deployment of Continuous Diagnostics and Mitigation (CDM) Phase 3 technology by the Department of Homeland Security, which is charged with improving the security of Federal civilian networks.






[…]

The unique role of the Department of Homeland Security (DHS) in leading cybersecurity efforts for the entire civilian Federal enterprise presents a unique challenge and one that requires the government to rethink its understanding of risk, DHS’ Jeanette Manfra said Thursday at MeriTalk’s Akamai Government Forum.






[…]

DHS Continuous Diagnostics and Mitigation (CDM) is pivotal to improving government cybersecurity. While it’s critical, it has a lot of moving parts–and that can make it difficult to follow. MeriTalk sat down with Kevin Cox to get a handle on the state of CDM, as well as an understanding of where the program goes from here. And, it’s quite a story–so I hope you’re sitting comfortably, feel free to grab a cup of coffee.






[…]

The Small Business Administration’s (SBA) Office of Inspector General (OIG) found that the agency needs to improve compliance three key pieces of Federal IT Legislation, according to OIG’s semiannual report, released May 25 and covering October 2017 through March 2018.






[…]

The House Oversight and Government Reform (OGR) IT subcommittee followed up last week’s release of the sixth FITARA Scorecard (Scorecard 6.0) by releasing a second, more detailed scorecard. It provides insight into each of the categories of FITARA scoring, with methodology, metrics, calculations, and detailed data points on just how well each of the 24 agencies fared. 






[…]

The Department of Labor’s Office of Inspector General (OIG) said the agency needs to improve in two key legislative areas related to IT management, according to OIG’s semiannual report released Tuesday and covering October 2017 through March 2018.






[…]

It’s not exactly the heist of the century, but the FDIC has stirred up a bit of controversy. Departing FDIC employees downloaded their family photos, personal emails, and the sensitive data of over 100,000 bank customers–oops. Instead of reporting to Congress, the agency stayed mum for months. This earned the agency a strict chiding from their IG in the form of a special inquiry issued on April 16. Fa   






[…]