Because adversaries like China and Russia increasingly have their hands in the information communication technology arena – whether directly or through subsidiaries – one of the keys to improving cybersecurity in an expanding threat landscape involves strong risk management, in addition to prevention, Federal experts said this week. […]

Coast Guard

While many cybersecurity officials strive to achieve “no risk” when it comes to cyber risk management, officials from NASA this week explained that’s just not possible and suggested that agencies instead focus on managing risks that are important to the mission. […]

Army
FEMA

In the new era of cyber defense, Ted Okada, chief technology officer (CTO) at the Federal Emergency Management Agency (FEMA), stressed that IT leaders must take the right risks to lead their teams in risk management efforts. […]

Cybersecurity cyber

Most government agencies have met Federal mandates to establish cyber risk executives and establish policies to make risk-based decisions on cybersecurity, but many agencies still need to establish cyber risk strategies, conduct risk assessments, and address gaps in existing risk management policies, according to a Government Accountability Office (GAO) report released July 26. […]

supply chain risk management process automation
General Services Administration GSA

The General Services Administration (GSA) rescheduled its planned outreach to industry in looking for an automated solution that can help agencies conduct audits of Federal grant recipients. The new date for the virtual pre-demonstration conference is March 4, and industry demonstration days will be held on April 3 and April 5. […]

Former CFO at the Department of Education, Doug Webster, was on a segment of Government Matters this week to discuss the best practices for enterprise risk management (ERM) as government agencies deal with the risks of the partial government shutdown. […]

NIST

The National Institute of Standards and Technology (NIST) released the final version of its new risk management framework (RMF)–NIST SP 800-37 Revision 2–addressing both security and privacy concerns in IT risk management. […]

Census 2020

The Census Bureau found nearly 3,100 security weaknesses after testing 33 of its 44 systems, leaving a large amount of work to be done before the 2020 Census, according to a Government Accountability Office (GAO) report on the agency’s IT systems. […]

With an increasing attack surface resulting in millions of new threats every year, partially updating C&A documents every six months, re-mediating a few Plan of Action and Milestones, and updating all docs every three years, won’t, and doesn’t, keep the bad guys out of Federal networks. […]

The U.S. General Services Administration and the Partnership for Public Service recently launched the Playbook: Enterprise Risk Management for the U.S. Federal Government. […]

Chief information security officers (CISOs) and other IT executives have become more proactive in their approach to cybersecurity investment and risk management, according to a new study. “Over the past couple of years the landscape has changed dramatically,” researchers at Southern Methodist University’s Darwin Deason Institute for Cyber Security found. “Cyber risk is now a […]

Categories