Ideas
3 Essential Steps in Implementing a Comprehensive User Monitoring Program
Agencies must implement a comprehensive user monitoring program that effectively combines the human intelligence and artificial intelligence.
Cybersecurity
National Cyber Director Outlines Staffing Framework for 75-Person Office
Chris Inglis is still trying to distinguish his role and responsibilities from other leading cyber officials.
Modernization
The State of the Federal Cloud
In this ebook, Nextgov looks at major cloud computing efforts across the civilian and defense space.
Digital Government
Education Department Updates Rules and Criminal Penalties for Accessing Agency Data
A new filing updates the department’s policies on who can access IT systems and data, as well as the fines and prison terms for unauthorized access or failing to secure data.
Cybersecurity
Report: Hackers Shift from Malware to Credential Hijacking
Cybersecurity firm CrowdStrike tracked record levels of cyber intrusion activity over the past year.
Cybersecurity
Biden Administration Releases Draft Zero-Trust Guidance
The documents form a roadmap for agencies to deploy the cybersecurity architectures by the end of fiscal 2024.
Ideas
Combatting Defense Supply Chain and Critical Infrastructure Vulnerability with AI
Effectively mapping supply chains is a critical national security priority.
Cybersecurity
The Government's Software Transparency Journey Moves from Plan to Practice
Allan Friedman, the leader of a transparency initiative at the Commerce Department, is now at the Cybersecurity and Infrastructure Security Agency to realize the ultimate vision for a software bill of materials.
Cybersecurity
CISA Urges Patching Atlassian Software Before Holiday Weekend
A vulnerability in collaboration software is undergoing “mass exploitation,” according to U.S. Cyber Command.
Ideas
The Federal Government is Using 20th-Century Responses to a 21st-Century Problem
Policymakers have been working on implementing continuous monitoring of its human assets with access to top secret information for several years, and the government should do the same for its digital assets.
Ideas
5 Steps to Protecting Federal Data Repositories in the Cloud
From ransomware to exfiltration, cybersecurity attacks are targeting sensitive government data. Here’s a reliable approach to protecting mission-critical information.
Cybersecurity
Lawmaker to Propose Bill to Incentivize Industry Cybersecurity Cooperation Within Days
During congressional testimony, cybersecurity firm FireEye pushed for greater liability protections to be included in a draft cyber incident reporting bill.
Cybersecurity
OMB Provides Tiered Instructions on Logging Requirements in Executive Order
A memo for agencies assigns criticality levels to monitoring activities along various categories and sets deadlines for compliance.
Cybersecurity
Expired Driver’s Licenses Open Lane for Cybercriminals
Fraudsters send out texts or emails falsely warning that the target’s license needs to be updated, is missing information or is expiring.
Cybersecurity
Lawmakers Call for Check on Software Acquisition Requirements in Defense Bill
Language from the House Armed Services’ cybersecurity subcommittee also proposes testing for non-kinetic attacks, and the creation of an inventory toward ending the use of legacy systems.
Cybersecurity
CISA Encourages Mitigations in Face of OnePercent Group
The Cybersecurity and Infrastructure Security Agency shared an FBI flash report on the group which provides insight into the extent of the ransomware business ecosystem.
Ideas
5 Items to Monitor to Detect DDoS Attacks
Government organizations have been a steady target of distributed denial-of-service attacks.
Cybersecurity
Facing Foreign Election Foes, States Hire ‘Cyber Navigators’
Local election officials are on the front lines of election defense, but they often are underfunded or lack the technical knowhow to protect systems from cyber threats.
Cybersecurity
White House Tasks NIST with Producing Another Cybersecurity Framework
The administration touted private-sector commitments to improve cybersecurity through training and design.
Cybersecurity