Cybersecurity
Industry Groups Spar Over NDAA Provisions on Sourcing of Electronics from China
Dueling letters to lawmakers support and oppose language requiring the department to phase out the procurement of some basic technology from adversarial nations.
Ideas
It’s Time for Government Agencies to Secure Their Multicloud Environments
Multicloud environments can be extremely challenging to organize, manage and secure.
Cybersecurity
Post-election shutdown risk looms
Five weeks separate the November elections and the expiration date on the current stopgap funding measure keeping the federal government operational – and a path to avoiding a shutdown is not entirely clear.
Artificial Intelligence
House Passes Bills to Boost Emerging Tech and Shore Up Cybersecurity of Electric Sector
Lawmakers are calling for significant research and development efforts.
Cybersecurity
FCC Advances Order on Interagency Security Reviews of Foreign Applications
The effort tries to strike a balance between the desire to capitalize on foreign investments and managing threats from adversaries like China.
Digital Government
Federal Government to Conclude Fiscal 2020 With Record Spending
Even without data from the month of September, the Treasury Department reports total federal spending exceeded $6 trillion for the first time.
Cybersecurity
Foreign Hackers Cripple Texas County’s Email System, Raising Election Security Concerns
The malware attack, which sent fake email replies to voters and businesses, spotlights an overlooked vulnerability in counties that don’t follow best practices for computer security.
Cybersecurity
Industry Groups Ask Lawmakers to Remove Core Cybersecurity Provisions from NDAA
The trade associations for various government contractors are also opposing a range of oversight proposals in the annual defense bill, including ones aimed at enhancing procurement value and reducing unfair labor practices.
Cybersecurity
DOD releases interim cybersecurity rule
The rule is designed to ensure DOD contractors are adhering to a uniform standard for protecting controlled unclassified information is protected. But while trade groups representing government and defense contractors have lauded the framework but criticized the implementation and rulemaking process.
Ideas
Women Equal Men in Computing Skill, but Are Less Confident
Women in STEM careers remains around 24% even though women make up almost 50% of the overall workforce.
Cybersecurity
Defense Department Certification Body Could Itself Conduct Audits Under Interim Rule
One lawyer notes continued confusion surrounding legal liability in the case of disputed assessments.
Digital Government
Lawmakers: Did DHS Surveil Portland Protesters’ Phones?
Lawmakers want to know if federal agencies intercepted messages or collected cellphone data—including through commercial sources—during Portland protests.
Cybersecurity
Foreign Hacker Sentenced in $1M Scam Targeting Federal Employees and Contractors
The criminal ring used phishing emails and fake websites to get almost $1 million worth of printer toner to sell on black markets.
Cybersecurity
How to shift CMMC for the future
While the goal of Cybersecurity Maturity Model Certification is to establish a unified standard for cybersecurity practices across the DOD, it does not directly address specific control expectations or risks associated with organization-specific threat actors.
Cybersecurity
CMMC clears key regulatory hurdle
The White House approved an interim rule to mandate defense contractors prove they adhere to existing cybersecurity standards from the National Institute of Standards and Technology.
Cybersecurity
Hackers Take Data for Further Reconnaissance in Breach of Federal Agency
Initial access to the agency’s system was possibly due to failure to fix a known VPN vulnerability, a patch for which was released in April 2019.
Emerging Tech
Oak Ridge Considers Supplementing In-House Cybersecurity Operations, CISO Says
Oak Ridge National Lab's top information security official told Nextgov he’s looking at moving to managed threat detection and response services.
Cybersecurity
DHS watchdog weighs in on 2019 biometrics leak
Customs and Border Protection didn't adequately safeguard data that eventually leaked by subcontractor, a recent Inspector General report states.
Ideas
Addressing Insider Threats with Event Triggers
An insider threat program that incorporates financial triggers can help identify at-risk individuals.
Cybersecurity