Author Archive

Mariam Baksh

Mariam Baksh
Mariam Baksh reports on the development of federal cybersecurity policy for Nextgov. She started covering technology governance in 2014, during the heat of the Net Neutrality debate, and focused her graduate studies at American University on investigative journalism.
Cybersecurity

Biden Administration Likely Retaining Trump Doctrine on Cybersecurity in Space

Vice President Kamala Harris is prioritizing cybersecurity as chair of the National Space Council, an official said.

Cybersecurity

Cyberspace Solarium Commissioners Concerned Over Security of Nation’s Water Supply

Having succeeded in passing a number of their recommendations through the last National Defense Authorization Act, the commissioners plan to embrace an oversight role as they push for more new laws.

Cybersecurity

FedRAMP Board Extends Deadline For Cloud Providers to Pitch Line-Jumping Business Cases

Cloud service providers hoping to secure authorizations to operate at multiple agencies simultaneously got some more time to make a business case for their prioritization by the board.

Cybersecurity

NSA to Defense Sector: Think Twice Before Connecting Operational Technology to the Internet

The agency recognized benefits such as enabling remote work but notes the inherent risks and costs of putting industrial control system components online.

Cybersecurity

Homeland Security Secretary Backs Call for Mandatory Disclosure of Ransomware Payments

DHS Secretary Alejandro Mayorkas said the department will work with a task force developed by the private sector on ways to tamp down the increase in ransomware attacks. 

Cybersecurity

White House Endorses Inclusion of Cybersecurity in Water Infrastructure Bill 

A recent attempt by hackers to poison the water supply in a Florida town prompted calls for more resources.

Cybersecurity

How the Federal CISO Views Zero Trust

Federal Chief Information Security Officer Chris DeRusha and other federal officials also advocated moving away from siloed cybersecurity budgeting for agencies.

Cybersecurity

Existing Agency Threat Hunters Welcome CISA’s New Authorities 

For the Department of Education, proactive threat hunting means not just taking down questionable URLs but buying them up.

Cybersecurity

CISA Issues Deadline for Federal Agencies to Address Pulse Secure Vulnerabilities

The vulnerabilities led to the compromise of government agencies early last summer and, together with a newly disclosed flaw, continue to be exploited.

Cybersecurity

DOD’s Cybersecurity Accreditation Partner Working to Address Conflict of Interest Issues

Multiple members of the Accreditation Body’s board of directors also serve as consultants in the cybersecurity space, which critics say gives them an unfair advantage to cash in on the program.

Cybersecurity

White House Stands Down Coordination Effort on SolarWinds, Microsoft Exchange Hacks

The leading cybersecurity official on the National Security Council shared lessons learned as agencies reach patching goals.

Cybersecurity

Survey: Large Contractors More Concerned Than Small Contractors About DOD’s Cybersecurity Certification Program

A new survey puts numbers on conflicting narratives about the small businesses perspective and issues of competition in the new Cybersecurity Maturity Model Certification regime.

Cybersecurity

The Hack Roundup: White House Sanctions Russia over SolarWinds

Agencies involved in response also issued advisories on the hackers' tactics while Microsoft offered federal customers free trials of an auditing tool.

Cybersecurity

Agencies Have Till Midnight April 15 to Apply New Microsoft Exchange Patches

Four of the 95 vulnerabilities Microsoft released as part of its monthly “patch Tuesday” were identified by the National Security Agency.

Cybersecurity

Former DHS Secretary Details SolarWinds Hackers’ Access to His Email

Chad Wolf said the information was all unclassified but the compromise was still disturbing.

Cybersecurity

White House Names National Cyber Director, CISA Chief

The administration also announced nominees for other Homeland Security Department leaders. 

Cybersecurity

Survey Suggests Public Sector Slightly Better than Industry at Prioritizing Mobile Security    

A majority of respondents said they sacrificed security of IoT devices to respond to COVID-19 policies and for expedience generally.

Cybersecurity

White House to Seek Industry Input on New Software Security Rules, NSC Official Says

The administration wants to make sure the private sector has the ability to weigh in on procurement standards in an impending executive order.

Cybersecurity

Experts Torn on Role of National Cyber Director

Former officials agree someone needs to coordinate the work of various government entities but weighed pros and cons to the position being located within the National Security Council.