Author Archive

Mariam Baksh

Mariam Baksh
Mariam Baksh reports on the development of federal cybersecurity policy for Nextgov. She started covering technology governance in 2014, during the heat of the Net Neutrality debate, and focused her graduate studies at American University on investigative journalism.
Cybersecurity

Survey: Large Contractors More Concerned Than Small Contractors About DOD’s Cybersecurity Certification Program

A new survey puts numbers on conflicting narratives about the small businesses perspective and issues of competition in the new Cybersecurity Maturity Model Certification regime.

Cybersecurity

The Hack Roundup: White House Sanctions Russia over SolarWinds

Agencies involved in response also issued advisories on the hackers' tactics while Microsoft offered federal customers free trials of an auditing tool.

Cybersecurity

Agencies Have Till Midnight April 15 to Apply New Microsoft Exchange Patches

Four of the 95 vulnerabilities Microsoft released as part of its monthly “patch Tuesday” were identified by the National Security Agency.

Cybersecurity

Former DHS Secretary Details SolarWinds Hackers’ Access to His Email

Chad Wolf said the information was all unclassified but the compromise was still disturbing.

Cybersecurity

White House Names National Cyber Director, CISA Chief

The administration also announced nominees for other Homeland Security Department leaders. 

Cybersecurity

Survey Suggests Public Sector Slightly Better than Industry at Prioritizing Mobile Security    

A majority of respondents said they sacrificed security of IoT devices to respond to COVID-19 policies and for expedience generally.

Cybersecurity

White House to Seek Industry Input on New Software Security Rules, NSC Official Says

The administration wants to make sure the private sector has the ability to weigh in on procurement standards in an impending executive order.

Cybersecurity

Experts Torn on Role of National Cyber Director

Former officials agree someone needs to coordinate the work of various government entities but weighed pros and cons to the position being located within the National Security Council.

Cybersecurity

DOD’s Cybersecurity Accreditation Body Open to Pursuing Grants as a Nonprofit 

Once the organization gains non-profit status from the IRS, the board’s chairman sees new funding opportunities opening up that he says could benefit industry.

Cybersecurity

DOD’s Vulnerability Disclosure Program for Contractors Is in Demand

The Defense Cyber Crime Center launched a pilot with “a few dozen” companies participating.

Cybersecurity

DOE Watchdog Detailed Its Cybersecurity State Amid SolarWinds Hack

The department continues to struggle with many of the issues the Cybersecurity and Infrastructure Security Agency identified after widespread intrusions into the public and private sector. 

Cybersecurity

DOD Concludes Review of First CMMC Certification Organization

The Accreditation Body in charge of the department’s developing certification program also has a notable new leader as others take their leave.

Cybersecurity

CISA Orders Agencies to Conduct Fresh Scans of Microsoft Exchange Servers

The agency issued supplemental guidance requiring new tests with Microsoft-provided tools and measures to harden the attractive target.

Cybersecurity

FedRAMP Outlines Requirements for Using Containers

Container technology allows operability across operating systems and faster development but is a primary security concern for implementers. 

Cybersecurity

Director Says NSA’s Domestic Surveillance Authority ‘Rightly’ Limited

Gen. Paul Nakasone, who oversees both the intelligence agency and U.S. Cyber Command, stressed the need for greater visibility through private-sector information streams.

Cybersecurity

Energy Launches Supply Chain Program As Watchdog Called for More Action 

The Energy Department has been focused on securing the generation and transmission of power, but distribution processes are also increasingly vulnerable.

Cybersecurity

New Software Vendor Standards Coming Within Weeks, CISA Head Says 

The White House is leading an interagency effort focused on software development that will determine federal procurement of information technology.

Podcasts

Critical Update: Disrupting Gene Editing

The CRISPR Cas 9 tool shook up the gene-editing space, leading to new possibilities, risks and questions about who and how the technology should be used.