Cybersecurity

DOD Cybersecurity Certification Body Moving Forward Despite Uncertain Funding

It’s unclear where money for crucial tools such as continuous monitoring will come from.

Digital Government

DOD Explains How Contractors Will Get Reimbursed for COVID Expenses—If Congress Cuts a Check

Ellen Lord says the bill would come to $10 billion to $20 billion.

Digital Government

GSA Provides Some Clarity on Section 889 Implementation

The General Services Administration emphasized the importance of outreach but declined to address questions around confusing language in Section 889.

Cybersecurity

Managers Who Stay Connected to Remote Employees Could Reduce Insider Threats, State Official Says

Pandemic-related stress and isolation could push some employees over the edge.

Cybersecurity

Cyber Commission Suggests Reforms to Allow Flexible Pay, Hiring to Boost Workforce

Prospective federal employees might be turned off by cybersecurity jobs being classified as IT.

Digital Government

Help Find the Government’s Boldest Innovators  

Nominations are open for BOLD Gov 2020, a showcase for federal innovation.

Ideas

Diving into Government’s Trusted Internet Connections Standard 3.0 

The policy lays out the framework for security, but allows agencies to fill in the details based on their unique missions.

Emerging Tech

IRS Wants to Be Able to Trace ‘Untraceable’ Digital Currencies

The agency’s criminal investigation group is increasingly encountering anonymous and privacy-focused online payments methods.

Cybersecurity

COVID Could Spur Reduced Reliance on Classified Sources of Cyber Intelligence

CISA officials highlighted cloud configuration and VPN vulnerabilities in assessing threats associated with the pandemic.

Cybersecurity

FCC Estimates Replacing Chinese Telecom Equipment Will Cost at Least $1.6 Billion

A key lawmaker echoed calls from the agency’s chairman for Congress to appropriate the money.

Modernization

Pentagon Awards JEDI Cloud Contract to Microsoft for the Second Time

The decision follows a months-long legal challenge filed by Amazon Web Services.

Ideas

Subj: This Email Could Wreak Havoc on the 2020 Election

Beware of COVID-related phishing threats that target local voting.

Cybersecurity

Big Tech Moves Against Certification as a Government Solution for Cybersecurity

The trade association for the industry’s largest companies recommends relying on vendor declarations.

Cybersecurity

National Guard plans all-virtual cyber exercise

The National Guard is taking its annual Cyber Shield training exercise virtual due to COVID-19 with a spotlight on information operations.

Cybersecurity

CBP isn't alerting air travelers to biometrics collection, watchdog says

Customs and Border Protection's facial recognition program that collects photos of air travelers is hitting its performance targets according to a Government Accountability Office audit, but passengers aren't seeing privacy information and opt-out signage.

Cybersecurity

OMB Starts Clock on Agencies Implementing Policies to Welcome Public Security Research

CISA also released a binding operational directive and will start scanning government systems for the policies when time is up in six months.

Ideas

What Agencies Need to Know About TIC 3.0 and Enabling Technology

The third version of the Trusted Internet Connection policy brings government IT closer to the capabilities available to the private sector. 

Cybersecurity

CISA, White House release vulnerability disclosure policies

The Office of Management and Budget and the Cybersecurity and Infrastructure Security Agency have released a memorandum and Binding Operational Directive guiding federal agencies on how to set up their vulnerability research and disclosure programs.

Policy

Administration’s Decision to Halt Election Security Briefings Worries Many

Director of National Intelligence John Ratcliffe said that in an effort to prevent leaks, the intelligence community will no longer provide in-person briefings to Congress about threats, only written updates.

Cybersecurity

CISA, International Counterparts Highlight Mistakes Organizations Make After a Cyber Intrusion

A lot of what’s necessary to appropriately respond to a cyber incident should happen way in advance.