Author Archive

Mariam Baksh

Mariam Baksh
Mariam Baksh reports on the development of federal cybersecurity policy for Nextgov. She started covering technology governance in 2014, during the heat of the Net Neutrality debate, and focused her graduate studies at American University on investigative journalism.
CXO Briefing

Senior GOP Senator Asked Watchdog to Report After ‘Whistleblower’ Action at IRS

The request of the watchdog agency followed the release of confidential information leading to a detailed news report of how the mega rich avoid paying taxes.

Cybersecurity

National Cyber Director's Vision for the Future Flags Overdue National Plan

The office of the national cyber director is tasked by Congress to weigh in on agencies’ cybersecurity budgets.

Cybersecurity

DOJ Issues Guidance for Enforcing Computer Fraud and Abuse Act

Nearly a decade after the death of open-access advocate Aaron Schwartz, his legacy is still playing out in cybersecurity policy.

Cybersecurity

CISA Orders Agencies to Mitigate VMWare Vulnerabilities Under Deadline

Advanced adversaries appear to be exploiting the vulnerabilities to get around multifactor authentication.

Cybersecurity

Key Convener Releases Plan for Securing Open Source Software with White House

A crucial entity within the open source ecosystem is urging prioritization of libraries that support widespread applications like internet routing, among other things.

Cybersecurity

US Signs on to New Electronic Evidence Protocol in International Cybercrime Agreement 

The new protocol is officially being added to the Budapest Convention—an arrangement between 66 member-states—after four years of negotiations.

Cybersecurity

US, Allied Cybersecurity Agencies, Advise Reviewing Contracts with Tech Vendors

A joint advisory from CISA, domestic partners and counterpart agencies in the Five Eyes intelligence alliance warns of a heightened threat to managed service providers and their customers.

Cybersecurity

US and Allies Attribute Attack on U.S. Satellite Provider in Ukraine to Russia

Officials are highlighting significant spillover effects from the attack—including damage to infrastructure supporting wind farms—into Central Europe.

Podcasts

Critical Update: Evolution in the 'Valley of Death'

Nextgov looks at the use of cooperative research and development agreements by some major industry players to highlight how the meaning of the phrase, and implementation of its associated authorities, has shifted over the years.

Cybersecurity

Transportation Proposes Near $1M Fine for Colonial Pipeline One Year After Hack

The firm has 30 days to respond with evidence contesting the agency’s allegation of safety violations.

Cybersecurity

NIST’s Supply-Chain Security Guidance Tells Agencies: Look to FedRAMP First

The agency has spent years revising guidance for organizations to address vulnerabilities presented by vendors of software and other enterprise suppliers.

Cybersecurity

NSA Chief: Cyber Command Did 9 International Missions Last Year

The dual-hatted head of the spy agency and military command has been conducting proactive missions to diffuse cyber threats to U.S. elections and other critical infrastructure and stressed the importance of artificial intelligence to advance those efforts.

Cybersecurity

Microsoft, DoD Partners Celebrate Cooperative Research and Development Agreement

The company may have the chance to negotiate exclusive intellectual property rights—with an exception for the government—to innovations emerging from the collaboration.

Cybersecurity

CISA Points to Water Sector in Seeking $80 Million More for FEMA Grants

CISA and FEMA are currently rolling out the first of $1 billion the Homeland Security agencies got in Rescue Act funding to help state and local entities improve their cybersecurity.

Cybersecurity

NIST Official: Revised Cybersecurity Supply-Chain Guidance Imminent

The software Industry wants agencies to show their ‘use’ of the NIST Cybersecurity Framework, which it says should be mapped to the revised supply chain guidance.

Cybersecurity

Telecom Group Wants NIST to Map Performance Goals to the Cybersecurity Framework

But, in general, the industry wants NIST to avoid making any changes at all to the choose-your-own-adventure document that has guided risk management and U.S. cybersecurity policy for almost a decade.

Cybersecurity

CISA’s Newest Advisor Could Soon Have Agencies Asking: 'Does This Spark Joy?'

Another CISA advisor has referred to Bob Lord as a “digital Marie Kondo,” tidying up the Democratic National Committee by throwing out old software and unused tech.

Cybersecurity

Cybersecurity Pros Signal Regulatory Challenge for Securing Industrial Control Systems

A studious adversary may be hellbent on destruction, and a comprehensive approach is needed to successfully govern the protection of critical infrastructure, specialists say.