Modernization
Lawmakers Want IGs to Include Telework Vulnerabilities in Upcoming FISMA Audits
House Oversight Committee leaders want to know what vulnerabilities remote-access software introduced and whether agencies mitigated them.
Ideas
Executive Order Hints at FedRAMP Alternatives
The order calls for modernizing the cloud-security program and opens the door for other frameworks to be used for authorization.
Cybersecurity
IG: CISA-Run Monitoring Program Has Not Improved DHS’ Cybersecurity Posture
The department’s inspector general also found vulnerabilities in the department’s technology due to poorly defined patch management roles and configuration settings.
Cybersecurity
DHS expands collective bargaining for TSA airport screeners
Although the American Federation of Government Employees praised the move, the union says it is still going to press for legislation to move TSA employees into Title 5.
Cybersecurity
Army rolls back short-lived IoT telework policy
The Army is "restaffing" the policy, which would have required teleworkers to turn off or remove smart devices, such as Amazon Echo speakers, from their remote workspaces.
Cybersecurity
Why Government Needs More than Money to Fix Cybersecurity Issues
A bigger budget has its numerous benefits but it doesn’t magically scale teams or thwart threats.
Cybersecurity
Supreme Court narrows scope of hacking law, but questions remain
The Supreme Court's ruling on Thursday decided a police officer did not violate a 1980s anti-hacking law, but the court ultimately left open questions about the Computer Fraud and Abuse Act's applicability for other purposes such as cybersecurity research.
Cybersecurity
NIST Will Build on Existing Software Development Framework to Meet Executive Order
The agency also shared how it’s thinking about defining “critical software,” which is to be prioritized under the order.
Cybersecurity
Lawmakers seek IG probes of telework cybersecurity
A group of House lawmakers are calling on the inspectors general of nine executive departments and the intelligence community to see what cybersecurity vulnerabilities may have arisen due to the mass increase of telework during the coronavirus pandemic.
Cybersecurity
Justice Took Down Two Domains Used in USAID Hack
The action demonstrates the department’s authorities beyond attributing malicious cyber activity.
Cybersecurity
NTIA Wants Feedback on Software Transparency Plan
One high-profile expert raised the ever-looming workforce challenge in suggesting the juice might not yet be worth the squeeze.
Cybersecurity
Russia’s Latest Hack Shows How Useful ‘Criminal Groups’ Are to the Kremlin
Russian coders have little choice but to work with their government, which in turn denies any knowledge of their activities. That’s why hacking activity shows no sign of slowing.
Ideas
Demystifying Access Control and Zero Trust
As agencies rethink making temporary remote arrangements permanent, officials should start with proven ubiquitous encryption technology.
Digital Government
Biden Budget Ups Request for Civilian Agencies’ Cybersecurity
The president’s funding proposal also puts numbers on the National Cyber Director’s Office and other priority cybersecurity areas.
Ideas
Colonial Pipeline Forked Over $4.4M to End Cyberattack – But Is Paying a Ransom Ever the Ethical Thing to Do?
What would happen if companies stopped paying ransoms?
Digital Government
Biden Budget Boosts Federal IT Spending
The request would add another $500 million to the Technology Modernization Fund.
Cybersecurity
The group that hacked SolarWinds is out with a new campaign, Microsoft says
Microsoft said in a blog post the hackers behind SolarWinds are already advancing their tradecraft, and are impersonating a U.S. government agency as part of a global phishing campaign.
Cybersecurity
How the TMF can enable broad improvements across government
Investments in technology that supports multiple agencies would expand the TMF impact considerably.
Cybersecurity
Tech can help, but clearance reciprocity is a policy issue
The backlog of security clearance investigations has continued to drop from a 2018 high of 725,000 to 200,000, but agencies continue to struggle with reciprocity issues.
Cybersecurity