Federal agencies are facing a tall order in cleaning up their cybersecurity practices in the wake of some tough love dished out by the Office of Management and Budget (OMB) in a risk assessment and action plan released May 30. Agencies need to streamline processes, better share information, and finds ways of getting a better return on their cyber investments, all of which can be harder than it sounds. […]

Federal agencies and private sector firms are easing into intelligent automation (IA) technologies by first using those technologies to tackle repetitive processes and then moving closer to artificial intelligence (AI) applications, government and private sector officials said last week. […]

DHS Continuous Diagnostics and Mitigation (CDM) is pivotal to improving government cybersecurity. While it’s critical, it has a lot of moving parts–and that can make it difficult to follow. MeriTalk sat down with Kevin Cox to get a handle on the state of CDM, as well as an understanding of where the program goes from here. And, it’s quite a story–so I hope you’re sitting comfortably, feel free to grab a cup of coffee. […]

Witnesses from the Federal government, academia, and the private sector zeroed in on cyber threats facing the U.S. electric grid at a House Energy subcommittee hearing Thursday afternoon. During the hearing–which largely centered around research and innovations in electric grid and energy technology–all of the witnesses stressed the importance of shoring up the U.S. electric […]

House members on Thursday reintroduced a bipartisan bill that would prevent states from requiring technology companies to include encryption “backdoors” in their products that would allow governments to access data stored on those products. […]

Welcome to MeriTalk News Briefs, where we bring you all the day’s action that didn’t quite make the headlines. No need to shout about ‘em, but we do feel that they merit talk. […]

The House Homeland Security Committee today approved H.R. 5733, the DHS [Department of Homeland Security] Industrial Control Systems Capabilities Enhancement Act of 2018, that would amend the Homeland Security Act of 2002 to give DHS’s National Cybersecurity and Communications Integration Center (NCCIC) the responsibility to maintain capabilities to identify threats to industrial control systems (ICS). […]

Tony Scott was the Federal government’s third chief information officer, serving the nation in that role from 2015 through early 2017. During his time at the helm of government-wide IT, Scott led the development of 2016’s State of Federal IT Report, which left a lasting roadmap for modernization progress in the Federal government. […]

The digital transformation in government IT is driving modernization but also expanding the attack surface Federal agencies have to protect. The traditional perimeter no longer exists. Today, there is no “inside” or “outside” the network when it comes to detecting, defending, and deterring cyber attacks. […]

Welcome to MeriTalk News Briefs, where we bring you all the day’s action that didn’t quite make the headlines. No need to shout about ‘em, but we do feel that they merit talk. […]

The Department of Homeland Security’s (DHS) Office of Inspector General (OIG) on Monday released its semiannual report to Congress, and outside of recurring calls for better cyber threat information sharing, improvements to identity access management, and concerns about U.S. Coast Guard (USCG) IT acquisitions, the report appears to be free of major IT red alerts within the agency. The report covers the period from October 2017 to March 2018. […]

The Federal government is making steady progress in adopting a key anti-phishing email security protocol, installing it on systems more quickly than organizations in other sectors, if a little behind a Department of Homeland Security (DHS) deadline. […]

A report issued May 31 by the New America Foundation’s Cybersecurity Initiative recommends that the Federal government consider three “priority efforts” to help state governments advance their own efforts to improve cybersecurity, including “designating specific cybersecurity funding that is linked to national priorities.” […]

Welcome to MeriTalk News Briefs, where we bring you all the day’s action that didn’t quite make the headlines. No need to shout about ‘em, but we do feel that they merit talk. […]

Following the release of a report to President Trump on the increasing threat of botnets, Sen. Mark Warner, D-Va., said Thursday that the government is not doing enough to force the private sector to build better security into Internet of Things (IoT) devices. […]

The State Department on Thursday announced its vision for U.S. cyberspace policy based on articulated deterrents to criminal cyberattacks, protection of an open Internet, and international engagement and collaboration to achieve those goals, according to the summaries of two reports to President Trump authorized by the Cyber Executive Order (EO) of May 2017. […]

It’s probably not a shocking revelation to learn that Federal IT managers are less than happy with their agency’s IT infrastructure. Their biggest gripes, according to a recent MeriTalk survey are that it’s 1) expensive, 2) difficult to manage, and 3) inefficient. Small wonder then that the same survey found that nearly all of those who participated—92 percent of 150 Federal IT managers—were frustrated with the state of their infrastructure.   […]

We are happy to present the inaugural edition of MeriTalk News Briefs, where we bring you all the day’s action that didn’t quite make the headlines. No need to shout about ‘em, but we do feel that they merit talk. […]

The Federal Information Technology Acquisition Reform Act (FITARA), passed by Congress in December 2014, represented the first major legislative overhaul of Federal IT in nearly 20 years. Beginning in November 2015, the Government Accountability Office (GAO) has released two scorecards a year grading agencies’ performance under the law. Suffice to say, agencies haven’t always been making the GAO’s Honor Roll, with plenty of Cs and Ds to go around. However, many agencies have made significant improvements over the last 3 years. […]

The current cybersecurity workforce shortage in the United States is daunting and only due to get worse over the next few years, the Departments of Commerce (DoC) and Homeland Security (DHS) reported to President Trump in a document released Wednesday. […]

Military users will soon see a tenfold boost in the Department of Defense’s telecommunications network, in a move that will support the service’s combatant commands, the Joint Information Environment (JIE), and in the process, DoD’s push toward commercial cloud services. […]

A group of 19 Democratic senators today urged John Bolton, President Trump’s National Security Advisor, to reverse course on his decision earlier this month to eliminate the White House cybersecurity coordinator position. […]

A new White House report says three quarters of Federal agencies are not managing their cybersecurity risk correctly and are consequently at “risk or high risk” of data theft or network intrusion due to poor cybersecurity programs. […]

The House Oversight and Government Reform (OGR) IT subcommittee followed up last week’s release of the sixth FITARA Scorecard (Scorecard 6.0) by releasing a second, more detailed scorecard. It provides insight into each of the categories of FITARA scoring, with methodology, metrics, calculations, and detailed data points on just how well each of the 24 agencies fared.  […]

The Department of Labor’s Office of Inspector General (OIG) said the agency needs to improve in two key legislative areas related to IT management, according to OIG’s semiannual report released Tuesday and covering October 2017 through March 2018. […]

Today the Department of Homeland Security (DHS) and the Federal Bureau of Investigation (FBI) released a joint Technical Alert (TA) identifying two families of malware–dubbed Joanap and Brambul–used by the North Korean government. […]

Members of the Senate Banking, Housing and Urban Affairs Committee voiced support this week for legislation to require greater corporate disclosure of cybersecurity preparedness, and relayed concerns that personally identifiable information (PII) collected by government and private sector entities cannot be adequately safeguarded against theft or loss. […]

The Pentagon wants more hackers to take aim at its systems, launching another program that invites crowdsourced attacks from outside the Department of Defense (DoD) to help it identify and mitigate vulnerabilities in its networks and information systems. […]

The flagship model for organizational cybersecurity policies just got a new coat of paint. The National Institute of Standards and Technology (NIST) on April 16 released version 1.1 of its Framework for Improving Critical Infrastructure Cybersecurity , which updates the agency’s original voluntary cybersecurity framework for critical infrastructure sectors issued in 2014. […]

A new report from the Government Accountability Office (GAO) this week raises concerns that the National Aeronautics and Space Administration (NASA) isn’t properly protecting its IT systems. The agency spends about $1.5 billion annually on IT investments to support its missions. […]