Cybersecurity
Under new law, NIST looks to map out vulnerability disclosure policies for government
Lawmakers in December tasked NIST with to developing processes that would ensure software vulnerability reports flow to the appropriate government offices and the issues are promptly fixed.
Cybersecurity
NIST Planning Workshop to Comply with Law on Federal IoT Procurement
Comments on draft documents required under the IoT Cybersecurity Improvement Act raise concerns of both fragmentation and a lack of flexibility.
Cybersecurity
Biden’s Pick For Defense Policy Chief Outlines Cyber Deterrence Position
In a contentious nomination hearing, Colin Kahl called for a whole-of-government approach to technology.
Cybersecurity
CISA Orders Immediate Action on Vulnerabilities in Microsoft Exchange Servers
All agencies must report their status to CISA by noon on March 5.
Cybersecurity
CISA Official Calls for Update of Identity Management Guidance in Wake of SolarWinds Compromise
"Identity is everything now," a technical strategist told NIST advisers in a briefing on the hacking campaign.
Modernization
CIOs’ Wishlist for New Congress and Administration IT Leadership
Three department IT leaders share their top asks from the new Congress and yet-to-be-appointed federal CIO.
Cybersecurity
Lawmaker SolarWinds Concerns Spill Over in Week of Defense Hearings
In multiple hearings, lawmakers sought solutions to pressing technology-based security issues.
Cybersecurity
CISA orders agencies to disconnect Microsoft Exchange on-prem servers
The government's leading cybersecurity agency is ordering all federal civilian agencies to provide a status report on its usage of Microsoft Exchange products by noon on Friday.
Ideas
Agencies Must Change to Support In-House Tech Talent They Need
Technologists look for environments that value them, give them challenging opportunities, help them grow their skills, and provide a path to advance their careers.
Cybersecurity
Scammers Posing as Border Patrol Agents Are Attempting to Swindle Banking Info
The Homeland Security Department warns it never solicits money over the phone.
Modernization
Remote Work and Hack Mitigation Show Need for IT Modernization Funding, Lawmaker Says
Rep. Ro Khanna detailed efforts to ensure agencies have resources for legally mandated updates.
Cybersecurity
FBI Director Says Extremists Flocking to Encrypted Apps Poses New Challenges
Christopher Wray told lawmakers tech companies are the ones making policies about encryption.
Digital Government
Cybersecurity and IT Remain Top Concerns on GAO’s High-Risk List
Agencies showed some slight progress on IT issues, though cybersecurity took a step backward in the latest report.
Emerging Tech
Defense Innovation Unit Initiated 35% More Projects in 2020
The group initiated 23 new projects and transitioned 11 capabilities to Defense Department partners last year, according to its annual report.
Cybersecurity
NSA Pushes Zero Trust Principles to Help Prevent Sophisticated Hacks
Operating under the default position that an organization has been compromised is a pain that’s worth it, the agency said.
Modernization
CBP Attempts to Mitigate Privacy Risks Created by New Customs App
CBP One will become the primary public-facing portal for a number of customs programs and services. But any new data collection effort brings privacy risks.
Digital Government
Cloud Security
Federal agencies are rethinking how they secure information as they move more mission-critical operations to the cloud.
Ideas
Securing Space: The Next Frontier of Credential-Based Attacks
Like many other sectors, the space industry needs to secure its supply chain from start to finish.
Cybersecurity
When water utilities get hacked, who should they call?
In the wake of a cybersecurity breach at a public water system, lawmakers have begun questioning what rules are in place to govern those facilities' cybersecurity and what changes may be necessary.
Cybersecurity