Author Archive

Mariam Baksh

Mariam Baksh
Mariam Baksh reports on the development of federal cybersecurity policy for Nextgov. She started covering technology governance in 2014, during the heat of the Net Neutrality debate, and focused her graduate studies at American University on investigative journalism.
Cybersecurity

Big Tech Anxious About Commerce Plan to Secure Supply Chains from Foreign Influence

Comments an association of industry giants made on a notice of proposed rulemaking from the Commerce Department come amid multiple government efforts to reduce cybersecurity risks in globally produced information and communications technology.

Cybersecurity

Biden Official Credits Diplomacy With Russia for Arrest of Colonial Pipeline Hacker

A senior administration official disassociated the move from tensions between the U.S. and Russia amid a build-up of Russian troops near Ukraine and an unattributed cyberattack on the country’s government websites.

Cybersecurity

FBI Officials Clarify What the Bureau Wants in Cyber Incident Reporting Bill

However the legislation is eventually passed, CISA plans to share reports with the FBI and other agencies, a Homeland Security official said.

Cybersecurity

FCC Chair Proposes Updating Data Breach Reporting Requirements

The Commission is still waiting for an empty chair to be filled as observers call for a vote on Biden nominee Gigi Sohn.

Cybersecurity

House FISMA Reform Would Empower Federal CISO With Budgeting Authority

Corresponding Senate legislation doesn’t mention the federal chief information security officer but shares other key elements—including a shorter incident reporting window—with a discussion draft issued by the House Oversight and Reform Committee.

Cybersecurity

How the Log4j Vulnerability is Forcing Change in Federal Cybersecurity Policy

Officials say agencies have demonstrated more dedication than ever in addressing a bug with astronomical reach, but organizations are at the mercy of product vendors to issue the patches they need to implement.

Cybersecurity

GSA Seeks Comments on Transfer of .Gov Domain to Cybersecurity Agency

The government’s site for managing government websites—dotgov.gov— may temporarily go down for maintenance as officials make the switch.

Emerging Tech

Privacy Advocates Connect Capitol Attack to Need for Data Protection Legislation

Sen. Ron Wyden joined citizen groups calling for limits on data collection as a way around an impasse over regulating free speech. 

Emerging Tech

Defense Official: Talent Tops Tools for Executing Data Strategy

The DOD’s chief data officer emphasized the importance of personnel over equipment for how the military is trying to obtain a data advantage over adversaries like China.

Cybersecurity

Corrected: FedRAMP Bill Includes Transparency Provisions for New Advisory Council

The legislation would create a public-private advisory council that would be subject to most of the provisions of the Federal Advisory Committee Act.

Cybersecurity

Watchdog Security Reviews Not Guaranteed in FedRAMP Revamp

Legislation recently clearing a key Senate committee stops short of requiring the Government Accountability Office to review vendors’ encryption practices and supply chains.

Cybersecurity

US Still Lacks Federal Cyber Strategy After Decades of Attempts

The United Kingdom, meanwhile, recently updated its approach, crediting strong regulatory measures with significant cyber-risk reduction over recent years.

Policy

Women Report from the Frontlines of Federal Cryptocurrency Governance

Over the course of 2021, Congress and the administration have recognized significant benefits from diving into the technology, a trend that looks poised to continue.

Cybersecurity

Report: Legacy Equipment Puts Telehealth Consumers’ Data At Risk

Telehealth services have expanded exponentially over the course of the pandemic due in part to the Trump administration’s decision to relax enforcement of the industry’s privacy regulations.

Cybersecurity

Biden Signs NDAA Relying on Voluntary Private-Sector Cybersecurity Collaboration

Major breaches over the past year were a double-edged sword in efforts to pass a crucial mandatory reporting measure that didn’t make it into the ‘must-pass’ legislation despite bipartisan support, according to key lawmakers.

Cybersecurity

Federal CISO Clarifies Support for a Standard that Could Make Passwords History

The cryptographic protocol is at the heart of a ‘zero trust’ proposal pioneered by Google that has a fan base within the federal government.

Cybersecurity

Agencies Under New Deadlines to Address ‘log4j’ Flaws with Emergency Directive

The Cybersecurity and Infrastructure Security Agency order comes as a prominent firm says nation states are exploiting the vulnerabilities.

Cybersecurity

NSA, CISA, Add Original Equipment Manufacturers to Audience for 5G Security Guidance

The agencies got specific about who is responsible for what in a four-part series on securing the inherently cloud-based environments.

Cybersecurity

Senators Ready to Write Clarifying Legislation to Maintain U.S. Leadership in Crypto

Stakeholders fear an overly broad application of the tax provisions beyond virtual currency exchanges.

Cybersecurity

Federal Cybersecurity Advisor Floats Executive Order on Cloud Service Providers

The idea sprung from a sense of moral outrage Cybersecurity and Infrastructure Security Agency Director Jen Easterly identified with.