Both the chairman and the ranking member of the House Government Operations Subcommittee complained today – to varying degrees – about a lack of new and detailed information on Federal agency cybersecurity performance data to inform the 15th version of the biannual FITARA Scorecard released today by the House Oversight and Reform Committee. […]

IT-related gradings for the largest Federal government agencies moved moderately higher on the 15th edition of the FITARA Scorecard issued today by the House Oversight and Reform Committee. […]

Cybersecurity issues are likely to be front and center at the House Government Operations Subcommittee’s Dec. 15 hearing at which the panel will unveil the 15th edition of the House Oversight and Reform Committee’s FITARA (Federal Information Technology Acquisition Reform Act) Scorecard. […]

Google released a new research report on Dec. 8 outlining how organizations can better defend themselves against cyberattacks that target their software supply chains. The report follows up on supply chain security concerns brought to light by exploits such as the SolarWinds software supply chain attack, and efforts to guard against Log4j vulnerabilities. “We believe […]

The House Government Operations Subcommittee will hold a hearing on Dec. 15 at 9:00 a.m. to discuss results from the 15th edition of the FITARA Scorecard expected to be released by the House Oversight and Reform Committee on the same day. […]

Federal agency tech leaders this week identified issues of cost and culture when it comes to the biggest challenges to implementing zero trust security architectures. […]

The Department of Education has selected agency veteran Luis R. Lopez to serve as the department’s new chief information officer (CIO), effective Dec. 18. […]

Top Federal officials from largely public-facing agencies explained at a Dec. 1 GovExec event how zero trust security, if adopted correctly, will inherently end up improving customer experience (CX). […]

Ensuring a strong cyber posture against current and anticipated threats across the Department of Defense (DoD) has become an increasingly important priority as evidenced by the Pentagon’s release of the DoD Zero Trust Framework Strategy and Roadmap last month, an agency official said. […]

Cloud security provider Zscaler said today that its Zscaler Private Access service – a cloud-delivered, zero trust network access (ZTNA) service that provides secure access to all private applications, without the need for a remote access VPN – has achieved FedRAMP Moderate Authorization from the General Services Administration’s Federal Risk and Authorization Management Program. […]

The Department of Defense (DoD) today released its long-anticipated zero trust strategy and roadmap outlining how the agency plans to fully implement a department-wide zero trust cybersecurity framework by fiscal year (FY) 2027. “What is significant about the strategy is that the strategy makes zero trust tangible and achievable while recognizing a dynamic and frankly, […]

The Technology Modernization Fund (TMF) is looking to invest in Federal agency IT modernization projects that can yield incremental and measurable progress over the shorter term, as well as over the life of the project, a fund official said last week. […]

Federal government and private sector officials said at a Nov. 8 ATARC event that government agencies have made notable progress in implementing the Biden administration’s May 2021 cybersecurity executive order, but that the government has still has a long way to go to reach the order’s full potential. […]

The Biden administration plans to launch a process to review and revise U.S. critical infrastructure protection policy, including providing guidance to agencies on designating certain critical infrastructure (CI) as “systemically important.” […]

Federal cybersecurity experts explained at a Nov. 8 ATARC event that the road to zero trust security is a long and often bumpy journey that their agencies at still learning to navigate, despite some being in the game for several years now. […]

The National Institute of Standards and Technology (NIST) plans to create a cybersecurity practice guide for the water and wastewater utilities sector, according to an announcement published last week. […]

The Defense Information Systems Agency (DISA) is well prepared to meet the Department of Defense’s (DoD) 2027 zero trust architecture goal, officials said on Nov. 7 at a DISA press conference. […]

The Defense Information Systems Agency (DISA) is on track to complete work on its Thunderdome Prototype zero trust security project by January 2023, an agency official confirmed on Nov. 7 at a DISA press conference.   […]

Federal agencies can leverage human-centered design principles to solve a variety of IT issues, government chief information officers (CIOs) shared during the GDIT Emerge Health 2022 conference on Nov. 3. […]

Federal agency leaders agree that zero trust security is the “bread and butter” of their agencies’ cybersecurity operations in order to best secure personal health information, where the stakes are high given the special sensitivity of that data. […]

Matt House, who was named program manager of the Cybersecurity and Infrastructure Security Agency’s (CISA) Continuous Diagnostics and Mitigation (CDM) program last week, sketched out some principles in the program’s path forward today at FCW’s CDM summit event. […]

As agencies work to implement the Cybersecurity and Infrastructure Security Agency’s (CISA) Continuous Diagnostics and Mitigation (CDM) program capabilities, agency officials today said that operational technology (OT) has proved to be “one of the biggest challenges” for the program – and represents an unknown territory for both CISA and partner agencies. […]

The Department of Defense (DoD) plans to release in the coming days a detailed strategy for its ambitious department-wide zero trust security strategy, said Randy Resnick, director of Zero Trust Portfolio Management at DoD, during FCW’s CDM Summit event on Nov. 2. […]

Government and private sector experts discussed the extent to which zero trust cybersecurity principles ought to be applied to the larger problem of achieving better supply chain security at an Oct. 26 event organized by the Atlantic Council. […]

The Technology Modernization Fund (TMF) today announced a nearly $2 million investment to modernize the U.S. AbilityOne Commission’s Procurement List Information Management System (PLIMS) software. […]

Brian Conrad, acting director of the General Services Administration’s (GSA) Federal Risk and Authorization Management Program (FedRAMP), pointed to the program’s service re-use progress over the past year at an Oct. 20 ATARC event, including a 60 percent jump in re-use by Federal agencies of approved cloud services over the past year. […]

The Cybersecurity and Infrastructure Security Agency’s (CISA) Continuous Diagnostics and Mitigation (CDM) Program is helping Federal agencies to make progress on mandates in President Biden’s cybersecurity executive order to install endpoint detection and response (EDR) on their networks, a senior CISA official said. […]

The Defense Information Systems Agency (DISA) is moving closer to completing its Thunderdome project – DISA’s zero trust security model – by the target date of January 2023, but the agency still faces the challenge of scaling it across Defense Department (DoD) networks, an agency official said. […]

The Cybersecurity and Infrastructure Security Agency (CISA) is chalking up two significant milestone victories in its ongoing campaign to help Federal agencies put into action recent cybersecurity improvement mandates. […]

The Technology Modernization Fund today announced a round of new funding awards totaling $20.8 million to the Office of Personnel Management (OPM) and the Department of Housing and Urban Development (HUD). […]