White House, Feds Spring to Action Following Colonial Pipeline Ransomware Attack
Numerous Federal agencies are springing into action in response to the ransomware attack on Colonial Pipeline Company, a major supplier of fuel to the northeastern U.S. that temporarily shut down pipeline operations after disclosing the attack on May 7.
Recent News
  1. U.S., UK Issue Cyber Advisory on Russia-Based Cyberattacks
    The United States and the United Kingdom have issued a joint cyber advisory on Russian Foreign Intelligence Service (SVR) tactics, techniques, and procedures.
  2. Cyber House Bill Would Allow Governors to Deploy National Guard for Cyber Threats
    Reps. Andy Kim, D-N.J., and Joe Wilson, R-S.C., introduced bipartisan legislation on May 4 that would strengthen states’ cybersecurity readiness and allow governors to deploy their state’s National Guard to respond to cybersecurity threats.
  3. Treasury Seeks Tracing Tool for Crypto Linked to Sanctions List
    The Treasury Department is seeking a tool to help trace cryptocurrency that may be linked to parties placed on the Specially Designated Nationals (SDN) list.
  1. Army DoD military Defense AI DDS Director Goldstein Stepping Down in June, Olson to Become Acting Director
    The United States Defense Digital Service (DDS) will change leadership next month, with Director Brett Goldstein stepping down in June and deputy director Katie Olson stepping in as acting director, DDS confirmed to MeriTalk today.
  2. Cyber workforce people OPM Extends Implementation Deadline for Hiring Process Reforms
    The Office of Personnel Management (OPM) is extending the implementation deadline on an executive order (EO) issued last year by President Trump that would modernize Federal hiring to place less emphasis on collegiate degrees, according to a May 7 memo.
  3. Air Force Air Force Information Warfare Command Calls for CSSP Automation
    The deputy commander of the Air Force’s information warfare command, known as the Sixteenth Air Force or Air Forces Cyber, is calling for the Air Force to automate its Cybersecurity Service Provider (CSSP) in order to remain one step ahead of adversaries.
  4. cybersecurity Zero Trust: The Linchpin of a New Federal Cybersecurity Paradigm
    Having allocated an estimated $18.78 billion for cybersecurity spending in 2021, eliminating breaches and tightening security is a high-investment priority for the government today. Those dollars are going to new places, and agencies must adapt to a new paradigm where perimeter-based security and traditional firewall approaches no longer suffice. But agencies also face a dual challenge: to protect government data amid budget constraints, and to serve their mission with greater velocity.
  1. Study Finds Constituents Worried About Data Security in Federal Interactions
    With the COVID-19 pandemic forcing a record number of citizens to interact with the Federal government, constituents are still worried about their data safety in interactions with the government and believe the government still needs to modernize its systems, according to a Carahsoft study released May 6.
  2. OMB Seeking Methods for Agencies to Deliver Services More Equitably
    The Office of Management and Budget (OMB) is seeking out methods to assess if Federal agency policies and actions equitably serve all eligible individuals – and specifically groups based on race, gender identity, religion, sexual orientation, disabilities, persons living in rural areas, and persons adversely affected by persistent poverty or inequality.
  3. TSA Looking for New Tech, ML to Improve Screening Processes
    The Transportation Security Administration (TSA) is looking to improve its airport screening technology – and its use of machine learning within that technology – in an effort to make the process easier and faster for travelers while enhancing security effectiveness.
  4. Fed CX Experts Say Employee Experience Just as Important to Success
    Ensuring customers are happy is important, but Federal customer experience (CX) experts believe ensuring employees are happy is equally important. Federal experts say the same human-centered design framework can be applied to both CX and employee experience (EX) to give agencies a competitive advantage.
  5. SBA Recovers, Cancels $1.9B of COVID Loans Tainted by ID Theft, False Information
    The Small Business Administration’s (SBA) Office of the Inspector General (OIG) has recovered over $1.1 billion in funds paid through the COVID-19 Economic Injury Disaster Loan Program (EIDL) that were initially granted based on false application information, SBA OIG said in a report released May 6.
  6. 5 Things We’ve Learned About Multi-Cloud Security
    As agencies undertake return-to-the-office planning, most agree work will look different.
  7. House Dems Request OMB Guidance to Implement IDEA Act Provisions
    Senior House Democrats are pressing the Office of Management and Budget (OMB) for action on implementing existing law that requires the Federal government to improve digital experience for citizens including modernizing the government’s public-facing websites.
  8. Federal Cybersecurity on the Ramparts at May 12 CDM Conference
    The line between cybersecurity that keeps the Federal civilian government humming toward pandemic recovery – and the mayhem threatened by mounting waves of nation-state and criminal cyber assaults on government networks – in large measure passes through the Continuous Diagnostics and Mitigation (CDM) program run by the Cybersecurity and Infrastructure Security Agency (CISA).
  9. CISA Closely Tracking DoD’s CMMC Progress for Lessons on Future Efforts
    The Cybersecurity and Infrastructure Security Agency (CISA) is keeping a close eye on the progress of the Defense Department’s (DoD) Cybersecurity Maturity Model Certification (CMMC) program to improve the security of the defense industrial base (DIB) as CISA considers possible moves in the same direction on the civilian side of the Federal government.
  10. Zero Trust Should be the Foundation for All Security Approaches, Experts Say
    Although zero trust has become a bit of a buzzword in the IT world, experts agree that zero trust is “foundational” to all security approaches and that foundation needs to continue to grow in tandem with emerging tech.