The Defense Department’s (DoD) top cybersecurity official said at the RSA Cybersecurity Conference today that the agency’s current efforts to implement zero trust security concepts represent a “game changer” in the Pentagon’s network security efforts, but emphasized that traditional perimeter and layered defenses remain as important as ever in DoD’s big-picture security strategy. […]

The Defense Information Systems Agency (DISA) on May 13 released the initial Defense Department (DoD) Zero Trust Reference Architecture that aims to boost cybersecurity and “maintain information superiority on the digital battlefield.” […]

Federal agency progress in implementing the Cybersecurity and Infrastructure Security Agency’s (CISA) Continuous Diagnostics and Mitigation (CDM) program would benefit from a kick-start from Congress in the form of more funding for the program, along with money for agencies that have to pay for the additional security capabilities on an ongoing basis. […]

The White House’s much-anticipated cybersecurity executive order (EO) made public late Wednesday takes an ambitious swing at forcing general improvements to cybersecurity nationwide, but issues its most authoritative directions to the Federal government to modernize IT infrastructure and security concepts and practices. […]

Education Department CISO Steven Hernandez joined MeriTalk’s CDM Central: the Age of the Cyber Defenders virtual conference on May 12 to discuss how the Continuous Diagnostics and Mitigation (CDM) program and automation are impacting the agency. […]

As Federal agencies and organizations are looking to make the move to zero trust security architectures, the Trusted Internet Connections (TIC) program should help guide that transformation, Sean Connelly, TIC program manager for the Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) said May 12 at MeriTalk’s CDM Central: the Age of the Cyber Defender virtual conference. […]

In the wake of recent high-profile cyberattacks, IT experts gathered at MeriTalk’s CDM Central: The Age of Cyber Defenders virtual event on May 12 agreed that the Federal government needs to accelerate innovation when it comes to cybersecurity, and that includes implementing the Continuous Diagnostics and Mitigation (CDM) program, along with zero trust security concepts. […]

Federal Chief Information Security Officer Chris DeRusha explained today that the foundational elements of the Continuous Diagnostics and Mitigation (CDM) program are fundamental to moving Federal government network security to zero trust concepts and that implementation of the program only becomes more important as cyber threats increase. […]

Numerous Federal agencies are springing into action in response to the ransomware attack on Colonial Pipeline Company, a major supplier of fuel to the northeastern U.S. that temporarily shut down pipeline operations after disclosing the attack on May 7. […]

The line between cybersecurity that keeps the Federal civilian government humming toward pandemic recovery – and the mayhem threatened by mounting waves of nation-state and criminal cyber assaults on government networks – in large measure passes through the Continuous Diagnostics and Mitigation (CDM) program run by the Cybersecurity and Infrastructure Security Agency (CISA). […]

Although zero trust has become a bit of a buzzword in the IT world, experts agree that zero trust is “foundational” to all security approaches and that foundation needs to continue to grow in tandem with emerging tech. […]

The Department of Defense’s (DoD) Cybersecurity Maturation Model Certification (CMMC) program is in the process of being rolled out to every contract in the Defense Industrial Base (DIB) over the next five years, and the program is expected to help organizations implement Zero Trust practices, Katie Arrington, the Pentagon’s CISO for acquisition and sustainment, said May 5. […]

As Federal agencies look to modernize their cyber defenses and move to zero trust architecture, Trusted Internet Connection (TIC) 3.0 guidance will help push them along the path, with help from a zero trust use case that is in the pipeline, the TIC program manager said on April 29. […]

Federal government agencies need to implement zero trust security architecture and work with private sector partners to improve supply chain security in the wake of the SolarWinds Orion hack that penetrated nine Federal networks and dozens more in the private sector, government and industry security experts said in a MeriTV interview. The call to embrace […]

The Federal Aviation Administration (FAA) is looking to protect critical infrastructure and seeking more information on securing and monitoring data flows in a large enterprise environment like its own, according to a request for information (RFI) posted to Beta.SAM.gov. […]

Senior Federal IT experts – including the current and former Federal CISO and the Pentagon’s top IT official – are expressing broad agreement that the necessary ingredients are at hand to begin implementing zero trust security concepts for government networks, and that the time to act is now. […]

While a clear majority of stakeholders in the Continuous Diagnostics and Mitigation (CDM) program believe that CDM is more important than ever in defending against cyber breaches, only a small fraction praise CDM for its ability to build civilian government network resilience following a breach. […]

Federal agency leaders agree that zero trust is a journey that will take time to implement but, with modern-day cyber threats, the sooner agencies implement zero trust the better. […]

At the U.S. Patent and Trademark Office (USPTO), cybersecurity is at the forefront of mission goals that include transitioning to cloud systems, a new cyber training regimen for USPTO remote examiners, and a new insider threat program, and agency official said April 14. […]

Deputy Federal CIO Maria Roat said today that the Federal government is making progress on a number of fronts in its digital-first strategy to improve the delivery of citizen services, but needs to pursue “sustained modernization” of IT services to continue driving change for the better. […]

Back in December 2019, months before the COVID-19 pandemic hit, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) released a draft document of its Trusted Internet Connections (TIC) 3.0 guidance. […]

Cybersecurity experts stressed this week that Federal agencies must keep stay focused on future threats and on moving toward adoption of zero trust security concepts, although they acknowledged that the latter tasks is “easier said than done.” […]

Acting Defense Department (DoD) CIO John Sherman said he has set his sights on generating faster progress on implementation of zero trust security concepts throughout DoD as a key follow-up to the agency’s success in facilitating rapid and widespread telework during the coronavirus pandemic. […]

The year-plus of societal misery and dislocation wrought by the coronavirus pandemic has helped to deliver two mega-trends to the Federal government IT landscape that will far outlast the public health crisis. The first is the permanence of remote work, and second is the urgent need to evolve IT security to defend expanded attack surfaces against increasingly sophisticated adversaries. […]

The COVID-19 pandemic forced Federal agencies to shift to majority telework in a matter of days. Over the last 12 months, agencies have had to rapidly learn how to keep their networks secure in a new work environment. […]

When it comes to modernization and innovation for Federal agencies, the U.S. Air Force (USAF) is emphasizing that software and cybersecurity are foundational to its digital modernization strategy. […]

The National Security Agency (NSA) has released Zero Trust security model guidance for organizations to boost security of sensitive data, systems, and services. […]

Sens. Susan Collins, R-Maine, and Jacky Rosen, D-Nev., are introducing legislation that will provide up to $15 billion in matching grants to increase access to broadband services in areas of the United States that are unserved by broadband meeting the Federal Communications Commission (FCC) minimum definition of that service. […]

Officials from the Defense Department (DoD) and the Cybersecurity and Infrastructure Security Agency (CISA) said today that creating more effective defenses against sophisticated cyberattacks of the type used in the SolarWinds Orion hack may require further adoption of zero trust security concepts. […]

Beth Cappello, acting CIO at the Department of the Homeland Security (DHS), explained agency IT progress on a range of fronts on Feb. 10 at a virtual conference organized by FCW, including ongoing modernization efforts, implementing “SecDevOps,” and enabling implementation of zero trust security concepts. […]