Author Archive

Mariam Baksh

Mariam Baksh
Mariam Baksh reports on the development of federal cybersecurity policy for Nextgov. She started covering technology governance in 2014, during the heat of the Net Neutrality debate, and focused her graduate studies at American University on investigative journalism.
Cybersecurity

Hackers Take Data for Further Reconnaissance in Breach of Federal Agency

Initial access to the agency’s system was possibly due to failure to fix a known VPN vulnerability, a patch for which was released in April 2019.

Cybersecurity

FBI Director: Feeding DOD’s Cyber Offense Operations Is Crucial to New Strategy

Senator says legislation is moving forward to thwart intellectual property theft from China and defend federal networks from cyberattacks.

Cybersecurity

Watchdog Highlights Need for Better Cyber Coordination Across Government

A pair of reports point to confusion about the State Department’s new cyber bureau and the vacuum left behind by the eliminated White House cyber coordinator position.

Cybersecurity

FERC Asks Energy Sector to Report Huawei, ZTE Usage

Amid fears over having to replace equipment, Energy official noted no set timeline for implementing next steps on a related executive order.

Cybersecurity

Government Employees May Need to Update Threat Hunting Perspectives

As Congress considers expanding threat hunting programs into the private sector, a majority of federal workers surveyed last year didn’t seem to have a clue about such efforts within their own agencies.

Cybersecurity

CISA Orders Immediate Action to Fix Vulnerability in Windows Directory

The agency has seen code designed to exploit the vulnerability in a system used to permit access to network resources.

Cybersecurity

CISA Data Shows Federal Civilian Agencies Faster Than Industry at Patching

The nation’s risk adviser continues to expand its role in what it’s dubbed the year of vulnerability management.

Cybersecurity

FBI Fights Intellectual Property Theft from University Offices

Director Christopher Wray noted the importance of attribution in the bureau’s strategy amid growing difficulty investigating cyber crime.

Cybersecurity

CISA, FBI Warn Iran-based Threat Actor May Be Planning Ransomware Attacks 

The attacker is targeting virtual private networks and cloud computing vulnerabilities, and has been present in victim networks for several months.

Cybersecurity

What's Next for the House-Passed IoT Security Bill

Some security professionals point to broad exemptions in the Senate version of the legislation that could undermine the effort to guide federal procurement decisions.

Cybersecurity

Hackers Connected to China Have Compromised U.S. Government Systems, CISA says

Using publicly disclosed code and vulnerabilities, attackers appear to be winning a crucial race against defenders.

Cybersecurity

DOD Cybersecurity Certification Body Moving Forward Despite Uncertain Funding

It’s unclear where money for crucial tools such as continuous monitoring will come from.

Cybersecurity

Cyber Commission Suggests Reforms to Allow Flexible Pay, Hiring to Boost Workforce

Prospective federal employees might be turned off by cybersecurity jobs being classified as IT.

Cybersecurity

COVID Could Spur Reduced Reliance on Classified Sources of Cyber Intelligence

CISA officials highlighted cloud configuration and VPN vulnerabilities in assessing threats associated with the pandemic.

Cybersecurity

FCC Estimates Replacing Chinese Telecom Equipment Will Cost at Least $1.6 Billion

A key lawmaker echoed calls from the agency’s chairman for Congress to appropriate the money.

Cybersecurity

Big Tech Moves Against Certification as a Government Solution for Cybersecurity

The trade association for the industry’s largest companies recommends relying on vendor declarations.

Cybersecurity

OMB Starts Clock on Agencies Implementing Policies to Welcome Public Security Research

CISA also released a binding operational directive and will start scanning government systems for the policies when time is up in six months.

Cybersecurity

CISA, International Counterparts Highlight Mistakes Organizations Make After a Cyber Intrusion

A lot of what’s necessary to appropriately respond to a cyber incident should happen way in advance.

Cybersecurity

OMB Issues Interim Rule for Banning IT Products From Federal Systems

Any individual the Federal Acquisition Security Council deems credible could initiate a removal or exclusion order.