Cybersecurity
DHS supply chain risk assessment set for White House review
The chair of the Supply Chain Task Force told a government advisory panel that a taxonomy of IT and communications sector risks is in the final stages of approval.
Cybersecurity
With defense contractors in the crosshairs, NIST rolls out new cyber guidelines
Foreign countries are targeting and compromising U.S. contractors so frequently that the Department of Defense asked NIST to develop custom security guidance.
Cybersecurity
Federal networks escaped harm in DNS tampering campaign, official says
A DHS official said there are still "a handful" of agencies who have yet to fully comply with a January 2019 emergency directive on DNS tampering and gave insight on a budget request for new tech to detect such threats earlier.
Cybersecurity
NIST pushes new encryption protocols for quantum, connected devices
The National Institute of Standards and Technology is inching closer to developing two new encryption standards to protect the federal government from new and emerging cybersecurity threats.
Digital Government
Senate passes plan to invest $1.2 billion in quantum research
The Senate has cleared the way for the president to approve implementation of a 10-year plan to accelerate quantum computing research and development.
Digital Government
Quantum Consortium aims to keep U.S. research on pace
The new group allows participating companies to communicate with the National Institute of Standards and Technology about research needs without revealing proprietary secrets.
Digital Government
A necessary plan for managing privacy risk
As a well-engineered blueprint, NIST's privacy framework will provide voluntary guidelines for managing privacy risk, furthering protections and delivering practical tools that still allow for continued U.S. innovation.
Cybersecurity
IoT poses special cyber risks
Internet-connected devices pose special risks for federal agencies, and the National Institute of Standards and Technology is developing guidance to meet the need.
Digital Government
Quantum lag: Experts fret that the U.S. risks falling behind in computing power
Quantum computing could upend current cryptography standards, and experts are urging government to take an interest in the technology as it develops.
Cybersecurity
NIST pushes on next version of Risk Management Framework
The National Institute of Standards and Technology looks to release the final version of RMF 2.0 early next year.
Cybersecurity
Regulators grapple with supply chain security
The government wants to crack down on cybersecurity threats and counterfeits in the global tech supply chain without harming U.S. companies.
Acquisition
Senate bill looks to secure the IT supply chain
A new bipartisan bill looks to build capacity inside the federal government to evaluate supply chain risks with an eye to making sure the government buys secure tech.
Cybersecurity
Threat indicator data needs a wide net, experts say
Robust, cross-cutting organizational networks are key to disseminating cybersecurity threat information.
Cybersecurity
NIST seeks 'lightweight' encryption standards
The National Institute of Standards and Technology wants public input on the best way to design evaluation criteria dictating new encryption standards for small computing devices.
Cybersecurity
7 Steps for getting right with NIST 800-171
The pressure for DOD contractors to bring their systems into compliance is especially strong, but these best practices can help any organization working with federal data.
Cybersecurity
Why is no one raising a hand to regulate the internet of things?
The U.S. is developing a pair of reports dealing with cybersecurity standards for internet-of-things devices and combatting botnets, but recommendations will be non-binding and officials said not to expect a significant federal regulatory push.
Cybersecurity
Can federal purchasing power counteract botnets?
New guidance required under the cybersecurity EO suggests that government purchasing power could induce tech manufacturers, especially in the emerging IoT space, to market more secure devices.
Cybersecurity