Author Archive

Mariam Baksh

Mariam Baksh
Mariam Baksh reports on the development of federal cybersecurity policy for Nextgov. She started covering technology governance in 2014, during the heat of the Net Neutrality debate, and focused her graduate studies at American University on investigative journalism.
Cybersecurity

Allied Cybersecurity Agencies Advise Against Disabling Popular Tool for Cyberattackers

The Microsoft program—PowerShell—has granted malicious actors in major hacks remote command and control ability over victims, but, by the same token, it can improve cybersecurity management across an enterprise.

Cybersecurity

House Panel Passes RANSOMWARE Act to Get FTC Reports on Cross-Border Work

The Energy and Commerce subcommittee also forwarded a bipartisan privacy and data security bill to the full committee but—lacking support from Senate leadership—that legislation appears dead in the water.

Cybersecurity

Big Tech Pushes for Harmonized Global Policy Amid Emerging Regulations from Allies

The Information Technology Industry Council is maintaining its call for a voluntary approach as Canada, the United Kingdom and Europe all signal strict new cybersecurity requirements.

Cybersecurity

GAO: Potential Federal Cyber Insurance Program Should Avoid Moral Hazard

The government watchdog highlighted the need for specific security requirements in recommending other relevant agencies explore the possibility of providing federal assistance to private sector entities following a catastrophic event.

Cybersecurity

CISA Plans to Hire Chief People Officer to Boost Cyber Workforce

Agency advisors are set to vote on a host of draft recommendations which include reviewing the security clearance process for inefficiency.

Cybersecurity

Credit Rating Agency: New EU Laws Will Improve Firms’ Cyber Resilience Globally 

The Digital Operational Resilience Act would force non-EU companies with a significant presence in member states to create subsidiaries that can be regulated under their jurisdiction. 

Cybersecurity

Justice Pursues Collaboration to Fight Cyber Crime with EU Member States

Under an executive order on the responsible development of digital assets, the department recently recommended the U.S. deepen its investment in international organizations to counter ransomware and other illicit activity.

Cybersecurity

White House Official: Administration Urgently Researching Central Bank Digital Currency

As due dates near for agency deliverables under an executive order, the Atlantic Council has produced a report that could help officials inform the president of implications for cybersecurity.

Data

Big Tech Clashes with Brick and Mortar Group over Liability in Privacy Hearing

A similar dynamic is playing out in cybersecurity policy as the government drafts new contract language for cloud service providers.

Cybersecurity

National Cyber Director: Mandates Coming to Secure Commercial Information Technology

An event hosted by the leading trade association for major tech vendors highlighted what has so far been an impasse between government and industry on cybersecurity policy.

IT Modernization

Senators Call on Biden to Prioritize Procuring Tech, Staff for Large Scale Declassification

Officials at the National Archives say agencies could be using artificial intelligence to more efficiently process a tremendous backlog of appeals.

Cybersecurity

China Compromised Telecom Firms Using Known Vulnerabilities, Federal Agencies Warn

The alert comes as the U.S. continues negotiations with countries like Russia and China on what constitutes “cybercrime” at the United Nations.

Cybersecurity

Trackers Say Sanctions Against Crypto Exchanges Are Working in Ransomware Fight

One witness testifying before the Senate Homeland Security and Governmental Affairs Committee called for greater international enforcement against money laundering.

Cybersecurity

DOD Recommends NIST Align Frameworks for Cybersecurity Risk Management

An effort to update the framework for securing critical infrastructure from cyberattack is coming face to face with issues that have plagued the Commerce agency from the beginning.

Cybersecurity

CISA Solicits Feedback on Finer Points of Coming Software Transparency Requirement

The agency has identified four topics—including considerations for cloud and online applications—it wants to hear more about from stakeholders. 

Cybersecurity

Why Commerce Went Against Microsoft on Rule to Control Cyber Exploits

The rule aims to prevent certain countries—most notably China—from receiving U.S. exports that could advance their intrusion and surveillance technology.

Cybersecurity

CISA, DOD Report Gaps for Agencies Assessing 5G Security Risks

Agency officials identified a lack of guiding standards for determining and mitigating risk from certain implementations of the technology and advised agencies to proceed with caution, employing penetration tests accordingly.

Cybersecurity

Secretary of State Makes Case for Tech-Centered Strategy to Counter China

The secretary delivered a speech outlining the administration’s policy toward Beijing as Congress tries to reconcile legislation that would provide at least $50 billion to increase domestic production of semiconductors.

Cybersecurity

Senate Homeland Clears Bill to Avoid Conflicts of Interest in Federal Contracting

A hearing the committee held leading up to the bill’s markup focused on a shortage of procurement officials in the federal workforce, which an industry witness said could be addressed if it weren’t for inflexible ethics rules.

Cybersecurity

Federal CISO: Recommendations In to Acquisition Council for Software Procurement

Federal CISO Chris DeRusha says he doesn’t want to tie agencies’ hands regarding self attestation versus third-party verification of vendor practices.