Author Archive

Mariam Baksh

Mariam Baksh
Mariam Baksh reports on the development of federal cybersecurity policy for Nextgov. She started covering technology governance in 2014, during the heat of the Net Neutrality debate, and focused her graduate studies at American University on investigative journalism.
IT Modernization

New FITARA Grades Show Agencies Failing to Transition Off Legacy Networking Services 

But agencies got all As on data center optimization, suggesting it may be time to retire or update that metric.


Biden Official Endorses Effort to Move Pipeline Cybersecurity Regulation to DOE

An emergency directive from the Transportation Security Administration following the Colonial Pipeline attack faced opposition from Senate Republicans after the industry complained they weren’t sufficiently consulted beforehand.

CIO Briefing

Congress Losing a Heavy Hitter on Cybersecurity

Rep. Jim Langevin, co-chair and founder of the House Cybersecurity Caucus, will not seek re-election.


Big Tech Anxious About Commerce Plan to Secure Supply Chains from Foreign Influence

Comments an association of industry giants made on a notice of proposed rulemaking from the Commerce Department come amid multiple government efforts to reduce cybersecurity risks in globally produced information and communications technology.


Biden Official Credits Diplomacy With Russia for Arrest of Colonial Pipeline Hacker

A senior administration official disassociated the move from tensions between the U.S. and Russia amid a build-up of Russian troops near Ukraine and an unattributed cyberattack on the country’s government websites.


FBI Officials Clarify What the Bureau Wants in Cyber Incident Reporting Bill

However the legislation is eventually passed, CISA plans to share reports with the FBI and other agencies, a Homeland Security official said.


FCC Chair Proposes Updating Data Breach Reporting Requirements

The Commission is still waiting for an empty chair to be filled as observers call for a vote on Biden nominee Gigi Sohn.


House FISMA Reform Would Empower Federal CISO With Budgeting Authority

Corresponding Senate legislation doesn’t mention the federal chief information security officer but shares other key elements—including a shorter incident reporting window—with a discussion draft issued by the House Oversight and Reform Committee.


How the Log4j Vulnerability is Forcing Change in Federal Cybersecurity Policy

Officials say agencies have demonstrated more dedication than ever in addressing a bug with astronomical reach, but organizations are at the mercy of product vendors to issue the patches they need to implement.


GSA Seeks Comments on Transfer of .Gov Domain to Cybersecurity Agency

The government’s site for managing government websites—— may temporarily go down for maintenance as officials make the switch.

Emerging Tech

Privacy Advocates Connect Capitol Attack to Need for Data Protection Legislation

Sen. Ron Wyden joined citizen groups calling for limits on data collection as a way around an impasse over regulating free speech. 

Emerging Tech

Defense Official: Talent Tops Tools for Executing Data Strategy

The DOD’s chief data officer emphasized the importance of personnel over equipment for how the military is trying to obtain a data advantage over adversaries like China.


Corrected: FedRAMP Bill Includes Transparency Provisions for New Advisory Council

The legislation would create a public-private advisory council that would be subject to most of the provisions of the Federal Advisory Committee Act.


Watchdog Security Reviews Not Guaranteed in FedRAMP Revamp

Legislation recently clearing a key Senate committee stops short of requiring the Government Accountability Office to review vendors’ encryption practices and supply chains.


US Still Lacks Federal Cyber Strategy After Decades of Attempts

The United Kingdom, meanwhile, recently updated its approach, crediting strong regulatory measures with significant cyber-risk reduction over recent years.


Women Report from the Frontlines of Federal Cryptocurrency Governance

Over the course of 2021, Congress and the administration have recognized significant benefits from diving into the technology, a trend that looks poised to continue.


Report: Legacy Equipment Puts Telehealth Consumers’ Data At Risk

Telehealth services have expanded exponentially over the course of the pandemic due in part to the Trump administration’s decision to relax enforcement of the industry’s privacy regulations.


Biden Signs NDAA Relying on Voluntary Private-Sector Cybersecurity Collaboration

Major breaches over the past year were a double-edged sword in efforts to pass a crucial mandatory reporting measure that didn’t make it into the ‘must-pass’ legislation despite bipartisan support, according to key lawmakers.


Federal CISO Clarifies Support for a Standard that Could Make Passwords History

The cryptographic protocol is at the heart of a ‘zero trust’ proposal pioneered by Google that has a fan base within the federal government.


Agencies Under New Deadlines to Address ‘log4j’ Flaws with Emergency Directive

The Cybersecurity and Infrastructure Security Agency order comes as a prominent firm says nation states are exploiting the vulnerabilities.