Cybersecurity

CISA’s Coming Supply Chain Guidance to Align with Pentagon’s Vendor Certification Program 

Accreditation officials also pledged to address how the Cybersecurity Maturity Model Certification program will treat FedRAMP and other certifications.

Cybersecurity

Solarium co-chair pushes defense bill as vehicle for implementation

Even with the coronavirus outbreak dominating policymakers' attention, Rep. Mike Gallagher (R-Wis.) said he was "pretty optimistic" that as much as 30% of the recommendations can be included in the upcoming defense authorization bill.

Cybersecurity

The Pentagon’s Cybersecurity Certification Plan Includes Continuously Monitoring Contractors  

A request for proposals outlines a portal where auditors would get automatic notifications if a company’s security score dips below a specified threshold.

Cybersecurity

Why PPE acquisition looks so shady

Furtive exchanges, police interdiction, international charter flights: our acquisition reporter takes a look at why the market for personal protective equipment looks so wild.

Cybersecurity

Feds disrupt hundreds of COVID-19 scammer domains

The Department of Justice said some of the domains represented themselves as U.S. government agencies or public health organizations.

Modernization

Survey: Most Federal Officials Expect Cloud Service Providers to Secure Their Data

Report validates federal officials’ concerns about inaccurate assumptions in the new environment of “shared responsibility.”

Cybersecurity

Agencies That Bought Cloud Services in Response to COVID-19 Need to Review Security Duties, Officials Say

Officials should ensure the security roles of the agency and vendor are clearly spelled out. 

Digital Government

Deputy Defense CIO to Retire; Intelligence Community CIO to Step In

Essye Miller, who served temporarily as acting Defense CIO, plans to retire after 35 years supporting military technology.

Cybersecurity

The federal government's identity crisis

For decades, PIV and CAC cards have been the primary tools for agencies and contractors to verify the identity of employees and contractors. The COVID-19 outbreak could change that.

Cybersecurity

Essye Miller to retire as DOD principal deputy CIO

The intelligence community’s CIO, John Sherman, will step in to the post of Defense Department’s principal deputy CIO in June.

Ideas

We Need Mission-focused Risk Management Programs to Adapt to Changing Circumstances

In the midst of a global pandemic, it is more important than ever to know which systems are critical to our operations.   

Ideas

Hackers Can Access Your Mobile and Laptop Cameras and Record You—Cover Them Up Now

A little black tape can do in a pinch.

Cybersecurity

Treasury Secretary Says Electronic Stimulus Payments ‘More Secure,' But Are They?

Verifying the identity of people submitting personal information to IRS portals could be a challenge for the agency.

Cybersecurity

COVID-19 outbreak may delay audits for DOD's cyber certification

The first audits for the Defense Department's unified cybersecurity standard for vendors may be delayed up to a month.

Modernization

Groups Urge Congress to Fund Federal Tech Upgrades in Next COVID Stimulus Bill

Six federal technology advocacy groups offered four principles for legislators to consider.

Cybersecurity

DARPA Project Producing Tool to Help Anticipate Military and Industrial Systems’ Cyber Threats 

The VERDICT tool aims to allow systems engineers to assess cybersecurity even without deep expertise. 

Cybersecurity

North Korea Has Hackers for Hire, Agencies Warn

State, Treasury, FBI join CISA in an alert noting the unexpected way the nation-state is using its cyber talent.

Cybersecurity

House Dems seek $400 million to help states deal with cyber threats during COVID-19

The request for new funding comes as state and local governments face an spike in ransomware attacks.

Cybersecurity

Federal vacancies hamper government response to COVID-19, groups allege

Government oversight experts and advocacy groups say Senate leaders should withhold cooperation until vacancies are filled.

Cybersecurity

GAO to Pentagon: Practice the Cyber Policies You Preach

The Defense Department has yet to fully implement multiple initiatives to improve basic cyber hygiene.