Cybersecurity
NIST Needs Tech Providers Help Developing Zero-Trust Practice Guide
But the agency is vetting potential participants on a first-come, first-serve basis.
Cybersecurity
Pentagon Still Hammering Out Acquisition Strategies Needed to Enable DevSecOps, Officials Say
The Defense Department needs to educate its workforce on what DevSecOps means for them, the Pentagon’s Katie Arrington said.
Cybersecurity
Iran Using Voter Data to Spoof Floridians, Warn U.S. Intelligence Leaders
Voting systems remain secure but Russia and Iran have obtained voter data, warn DNI Ratcliffe and FBI Director Wray.
Cybersecurity
New Bill Would Codify States’ Ability to Use Federally Funded National Guard for Cybersecurity
National Guard troops currently being activated to monitor cybersecurity in the upcoming elections are paid for by states.
Cybersecurity
Civilian-side CMMC
The General Services Administration will add more supply chain and cybersecurity protection language, including DOD's CMMC requirements for vendors, to its new contracts as risks grow, according to one of the agency's top acquisition managers.
Cybersecurity
NSA Warns China Is Targeting Flaws in U.S. National Security Systems
The agency describes 25 known weaknesses that could be difficult for defenders of national security systems to overcome.
Ideas
ICAM, CDM Put Identity-Based Security Front and Center
Agencies must be able to identify, monitor and manage all people, applications and devices that access government resources.
Modernization
Most Federal Workers Expect to Telework at Least Three Days per Week in the Future, Survey Says
But securing and managing the information technology that enables work from home is a top challenge during the pandemic, respondents indicated.
Cybersecurity
Justice Department Charges Russian Intel Officers with Major Cyberattacks, Including NotPetya
U.S. officials said a new indictment describing a four-year global conspiracy belies the country’s recent offer to reset relations in cyberspace.
Cybersecurity
Solarium Commission looks to boot China from the tech supply chain
The Cyberspace Solarium Commission is looking to shore up security in the information and communications technology (ICT) sector by reducing dependency on suppliers from rival powers, especially China.
Cybersecurity
Group warns of gaps in election infrastructure
The security of voting infrastructure has come a long way since 2016, but it still depends on the state and local governments maintaining it, said a digital rights and election technology expert.
Cybersecurity
NSA Launches Diversity Initiative to Grow Bench of Job-Ready Cybersecurity Talent
Historically Black Colleges and Universities are in the political spotlight as policy makers describe deep benefits to expanding and diversifying the cybersecurity workforce.
Emerging Tech
FCC, USAID Partner to Advance U.S. 5G Security Policy
An agreement between the agencies aims to encourage the use of trusted networks and interoperable infrastructure.
Ideas
In Response to the Lawful Access to Encrypted Data Act
There is a balance that needs to be maintained between national security posture and upholding privacy—a balance that this bill is missing.
Modernization
Court Clarifies Timeline in JEDI Case
Judge Patricia Campbell-Smith issued deadlines through December for the Pentagon’s Joint Enterprise Defense Infrastructure contract.
Cybersecurity
Automated ATOs and cybersecurity
Software to automate the system authorization process at agencies could work along the same lines as tax filing tools, according to one senior IT advisor at HHS.
Cybersecurity
Federal Contractors Argue Cyber Insurance Isn’t a Safe Bet for Better Security
The idea that a vibrant insurance market could be an industry-friendly cybersecurity solution may be based on a flawed assumption.
Cybersecurity
CISA confident on election cybersecurity
The Cybersecurity and Infrastructure Security Agency's efforts to help state and local governments secure their election critical infrastructure are in an intense home stretch for 2020, according to the agency's top risk manager.
Ideas