Cybersecurity
DOD revamps controversial CMMC program
After a nine-month review, the Defense Department is replacing its original cyber compliance program for the industrial base with CMMC 2.0, putting more emphasis on self-assessment.
Digital Government
Republican Senators Question the Security of Collecting Health Information from Airline Passengers
A group of Republican senators raised concerns over the CDC’s new order requesting select data from airline passengers to track the spread of COVID-19.
Cybersecurity
U.S. Blacklists NSO Group and 3 Others for Selling Spyware, Hacking Tools
The Commerce Department says the companies—three from allied nations—acted against U.S. national security interests.
Modernization
What Google’s New Cloud Security Authorizations Mean for Its Government Customers
Company officials called the updates the result of a significant engineering effort.
Cybersecurity
Former Microsoft exec DelBene tapped for top tech job at VA
Kurt DelBene, a former senior executive at Microsoft and husband of a Democratic congresswoman, is being tapped by the Biden administration to serve as CIO of the Department of Veterans Affairs.
Cybersecurity
CISA orders civilian agencies to fix known flaws in six months
The binding operational directive issued Nov. 3 requires federal agencies to remediate known exploited vulnerabilities on their networks under specific timeframes is also intended to serve as guidance for the private sector and state and local governments.
Cybersecurity
CISA Orders Agencies to Patch Hundreds of Vulnerabilities Under Attack
Remediation of more than a third of the bugs the agency identified is due within two weeks.
Modernization
Building a Cloud-Savvy Workforce May Mean Rethinking Degree Requirements
Government and industry officials question how they can keep cloud positions filled when they require various degrees and certifications.
Ideas
You Know How to Identify Phishing Emails
A cybersecurity researcher explains how to trust your instincts to foil the attacks.
Cybersecurity
TSA Considers Rulemaking Process for Cybersecurity in Transportation Sector
The announcement from a White House official follows pressure from industry and GOP lawmakers questioning the administration’s use of security directives to improve the sector’s cybersecurity.
Cybersecurity
Bill to Codify FedRAMP Set for Vote in Senate Committee
If passed, agencies would have to explain their reasons for rejecting previously authorized cloud products or services.
Cybersecurity
Zero-trust has a branding problem
A zero-trust approach to cybersecurity is intended to increase vigilance and minimize risk, but without the necessary context, the concept could raise discomfort or even hostility among federal workers.
Cybersecurity
Senate Republicans seek IG probe of TSA pipeline directives
Republican leaders on the Senate Homeland Security and Governmental Affairs Committee are calling for an inspector general probe into how the Transportation Security Administration developed its first ever pipeline-specific security directives.
Cybersecurity
Researchers Push FITARA-Like Scorecard for Cybersecurity
A recent MITRE report lays out eight ways the federal government can improve cybersecurity habits across all agencies, hinging on enhanced Congressional funding and oversight.
Digital Government
Elections Officials Are Still Receiving Death Threats and Harassment About the 2020 Election. They’re Asking Congress For Help.
Three state and local election officials testified before a Senate committee about their terrifying experiences since last year’s election in support of proposed voting reform legislation.
Cybersecurity
NSA, CISA Weigh in on Shared Responsibility for Cloud Security in the 5G Era
Fifth-generation networking is expected to multiply opportunities for hackers using tactics already observed in attacks like the one against IT management firm SolarWinds.
Modernization
DISA Makes Headway in DEOS Cloud Migration
More than 100,000 users and counting are accessing new cloud-based capabilities.
Cybersecurity
FDIC to Strengthen IT Security Following IG Audit
An audit found notable weaknesses within the FDIC’s information security processes.
Emerging Tech
Senate Unanimously Passes Secure Equipment Act
The legislation aims to protects telecom networks from foreign threats.
Cybersecurity