Cometh another Congressional hearing on the Department of Homeland Security–DHS–and its ability to lock down the entire nation’s cyber infrastructure. Cometh more finger pointing. The Government Accountability Office–GAO–released a report on DHS’ uphill battle for cybersecurity. With no ostensible end to this job, it’s easy to tell Sisyphus to push harder. […]
Machine learning innovation is kicking into high gear. Investment in this field and data science increased 9.3 percent in 2016 to $2.4 billion, according to Gartner. On top of that, the Federal government is increasing its focus on machine learning, with the MGT Act, Technology Modernization Fund, and the President’s Management Agenda all supporting transformation efforts. […]
Conventional wisdom is that it takes a fairly long time to detect a cybersecurity breach. Typically, most research suggests, it takes two to three months, possibly longer. That may not be the case anymore, though, according to a recent report. […]
The Government Accountability Office–GAO–released a report exploring how Medicare beneficiary data are being shared with external organizations. When caring for patient record data, it seems government needs a better bedside manner and more. […]
Government employees are playing Russian roulette every time they open their inbox. […]
As government cyber warriors recover from their red-eye journey back from the RSA conference, there’s news on the leadership progression at the top cyber operational position in government. The Department of Homeland Security (DHS) named Paul Beckman as the DHS HQ CISO. Formerly deputy CISO for DHS HQ, Beckman replaces, who recently retired from government service. […]
The internet has never been an especially safe place, but at least one small corner of it–email–was less perilous for most users in 2017. […]
In another example of how far the cyber domain is pervading every aspect of warfare, military units are beginning to add cyber protection testing to vehicles before they hit the road. […]
Bot-driven cyberattacks and other fast-spreading malware have been making some pretty big waves of late. The Mirai botnet, for example, launched several record-setting Distributed Denial-of-Service–DDoS–attacks starting in September 2016. […]
At the RSA Cybersecurity Conference in San Francisco, Department of Homeland Security (DHS) Secretary Kirstjen Nielsen made it clear that the United States has “a full spectrum of response options” to defend against cyber attacks and hacks. […]
Uncle Sam’s Russopobia got a shot in the arm from a recent Department of Interior (DOI) Inspector General report. […]
Last month, the Department of Homeland Security issued a rare public alert about a large-scale Russian cyber campaign targeting U.S. infrastructure. The news raised serious concerns about vulnerabilities in the nation’s power grid and other critical infrastructure assets. […]
As every serious runner knows, preparing for a big race can be a daunting task; it takes time, patience, and determination to succeed. Once the training schedule begins, the runner must be diligent with sticking to the task. By neglecting even one workout, the runner can risk losing progress, and not finish the race. […]
Yogi Berra told us it’s like déjà vu all over again–and cyber stalkers let out a huge yawn at yesterday’s House Armed Services Committee hearing on cyber operations. This torturous exercise in reviewing technology security and public safety challenges associated with critical infrastructure was studded with the clichés and platitudes that set our nation up for a massive kinetic cyber attack. […]
Security is the great white whale of Federal IT–even as we make progress, it is just out of reach. Late last month, Zscaler announced it had prioritized rigorous security standards by achieving the Service Organization Control (SOC) 2, Type II Certification. […]
Cybersecurity is at the heart of IT modernization. While modern technologies provide agility and convenience, a core requirement of new solutions is the ability to respond to new threats. […]
Last week, the National Institute of Standards and Technology (NIST) revealed the initial public draft of its Special Publication 800-160 Volume 2, Systems Security Engineering: Cyber Resiliency Considerations for the Engineering of Trustworthy Secure Systems. […]
The U.S. military has long laid claim to having the best-equipped, best-trained fighting force in the world, and to spending more on defense than the next eight top-spending nations combined. But when the battleground is cyberspace, does that claim hold up? […]
It is imperative for Federal agencies to effectively utilize threat intelligence combined with the power and agility of the cloud to better defend their networks. But, today, agencies are lacking adequate situational awareness to give their IT and security teams more clarity about what is going on in their networked environments. So, what’s holding them back? […]
The Department of Homeland Security’s (DHS) rare public alert last week about a large-scale Russian cyber campaign targeting U.S. infrastructure raised a piercing alarm about vulnerabilities in the nation’s power grid, and underscored what officials have meant when talking about the need for a whole-of-government and whole-of-nation approach to cyber defense. Protecting against a major attack, managing the damage once one hits, and responding to an attack are beyond the reach of any one agency or sector, they argue; the job requires concerted efforts from the public and private sectors. […]
While Federal agencies race to migrate to the cloud, security concerns seem to multiply by the hour. This month alone, Russian hackers penetrated the U.S. power grid; cyber attackers got into the network of a petrochemical company in Saudi Arabia in hopes of triggering an explosion; and North Korean hackers apparently “blitzed” Turkish banks and government organizations to gather intel for a future heist. […]
Opening day for the Nationals might be a week away, but four Beltway insiders have already knocked one out of the park. The latest omnibus spending bill, which passed through the Senate early Friday morning, includes $100 million for the MGT Act’s centralized revolving capital fund. President Trump signed the MGT Act into law late last year as an amendment to the National Defense Authorization Act. […]
The tactics of warfare aren’t what they used to be. In addition to asymmetric battlefield tactics that differ from conventional battles, they also can include cyber, social, economic, and psychological strategies that don’t necessarily involve physical combat or destruction–or even direct human involvement–and can’t be divined by tracking troop movements or fleet deployments. As a result, the signs of impending war aren’t what they used to be either. […]
Agencies are rolling out aspects of the Continuous Diagnostics and Mitigation (CDM) Program with varying degrees of speed and success, but the inherent benefits of the program are not being questioned. […]
On Tuesday, President Trump released his management agenda, which focused heavily on his IT modernization goals. Top of mind for the administration? Improving the customer experience, helping agencies better deliver on their missions, and reducing costs to the taxpayer. […]
Federal IT comes with some baggage–much of its data is trapped in legacy technologies. Agencies can’t realistically pick everything up and move to more modern infrastructure. So how do they bridge the gap? MeriTalk’s latest report found that improving data sharing between new and legacy systems is the number one solution to accelerating Federal IT modernization. The “Modernizing the Monolith” study explores why legacy systems are so persistent and outlines a path to modernizing with them, instead of in spite of them. […]
A recent study showing just how easy it is to hack into Internet of Things (IoT) devices–and to use that access to gain entrance to a larger network–focused on commercial products used in the home. However, it could serve as yet another wake-up call for the Department of Defense and other government agencies that are increasingly relying on IoT. […]
The Department of Homeland Security (DHS) has been working in unison with the Office of Management and Budget to assess the risk management posture of the Federal government. They’ve been using a combination of agency self-reporting and independent verification to evaluate each agency’s mitigation techniques as well as the nation’s overall security standing. DHS’ latest […]
Government IT leaders may feel a little punch drunk lately. Between new mandates, an understaffed workforce, and aging systems–they are getting hit from all angles. Indeed, Chad Sheridan, CIO for USDA’s Risk Management Agency kicked off his keynote at last Thursday’s Veritas Public Sector Vision Day in Washington, D.C. by quoting Mike Tyson: “Everybody has a plan until they get punched in the mouth.” […]
Do agencies have enough time to make a smooth transition to the new Enterprise Infrastructure Solutions (EIS) contract by spring of 2020 when the older telecom contract vehicles expire? […]