Cybersecurity
FDA Tells NIST Securing ‘Critical Software’ Extends Beyond Devices
Two federal agencies were among those who submitted comments to the National Institute of Standards and Technology for shaping deliverables under a recent executive order.
Cybersecurity
Key Senator Wants Biden to Raise SolarWinds in International Negotiations
Senate Intelligence Committee Chairman Mark Warner said espionage campaigns like the SolarWinds hack merit discussion with Russian President Vladimir Putin.
Modernization
FBI Seeks a Vendor to Help with Multiyear IT Modernization Project
The Office of the Chief Information Officer is creating a new contract to help with the IT Modernization Initiative and other major efforts.
Ideas
It's Crunch Time for Homeland Security's Continuous Monitoring Program
To aggressively move forward and to defend critical infrastructure, we must first acknowledge the hurdles that stand before us.
Cybersecurity
White House Official Briefed State AGs on Private-Sector Role Battling Ransomware
The deputy national security advisor for cyber and emerging tech emphasized the responsibility of the private sector at home as President Biden prepares to work the White House strategy abroad.
Cybersecurity
Pentagon Weapons Programs Still Struggle to Use Modern Software Practices, Watchdog Says
The Government Accountability Office found programs face challenges with agile deliveries and cybersecurity testing.
Cybersecurity
Biden Redirects Agencies on Securing Information and Communications Technology
A new executive order revokes bans on WeChat and TikTok but retains and adds to a Trump edict on U.S. tech, especially “connected software applications” tied to foreign adversaries.
Ideas
How the Pandemic Impacted Government’s Cloud Migration Plans: The Good, the Bad, and the Ugly
While federal, state and local agencies remain firm believers in hybrid environments, they face several obstacles.
Ideas
Study Shows AI-generated Fake Reports Fool Experts
Misinformation within communities of expertise has the potential for scary outcomes such as delivering incorrect medical advice to doctors and patients.
Emerging Tech
DISA Details Plans to Improve Network for Shift to Zero Trust
The agency's recent request for information also seeks feedback on its acquisition strategy.
Ideas
Executive Order Hints at FedRAMP Alternatives
The order calls for modernizing the cloud-security program and opens the door for other frameworks to be used for authorization.
Cybersecurity
IG: CISA-Run Monitoring Program Has Not Improved DHS’ Cybersecurity Posture
The department’s inspector general also found vulnerabilities in the department’s technology due to poorly defined patch management roles and configuration settings.
Cybersecurity
Why Government Needs More than Money to Fix Cybersecurity Issues
A bigger budget has its numerous benefits but it doesn’t magically scale teams or thwart threats.
Cybersecurity
NIST Will Build on Existing Software Development Framework to Meet Executive Order
The agency also shared how it’s thinking about defining “critical software,” which is to be prioritized under the order.
Cybersecurity
Justice Took Down Two Domains Used in USAID Hack
The action demonstrates the department’s authorities beyond attributing malicious cyber activity.
Cybersecurity
Russia’s Latest Hack Shows How Useful ‘Criminal Groups’ Are to the Kremlin
Russian coders have little choice but to work with their government, which in turn denies any knowledge of their activities. That’s why hacking activity shows no sign of slowing.
Ideas
Demystifying Access Control and Zero Trust
As agencies rethink making temporary remote arrangements permanent, officials should start with proven ubiquitous encryption technology.
Digital Government
Biden Budget Ups Request for Civilian Agencies’ Cybersecurity
The president’s funding proposal also puts numbers on the National Cyber Director’s Office and other priority cybersecurity areas.
Ideas
Colonial Pipeline Forked Over $4.4M to End Cyberattack – But Is Paying a Ransom Ever the Ethical Thing to Do?
What would happen if companies stopped paying ransoms?
Ideas