The Government Accountability Office (GAO) said in a new report that the Social Security Administration (SSA) still needs to improve its cybersecurity by addressing how it coordinates with states and other Federal agencies. […]
While the Cybersecurity and Infrastructure Security Agency (CISA) is working to make progress on numerous discrete security policy directives and projects that it has been handed in recent years, a top agency official explained today that the higher-level goals uniting most of those tasks boil down to the government and the private sector achieving much greater visibility into cyber threats and how to defend against them, and not leaving organizations to defend against threats on their own. […]
After a releasing an op-ed with Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly last week that called CISA’s “Shields Up” campaign a new baseline for cyber defenses, National Cyber Director Chris Inglis said today that the cost of entry for cyber attackers is still too low to create stout deterrence. […]
The Government Accountability Office (GAO) has added three new priority recommendations to its list for the Small Business Administration (SBA) including new items that aim to improve COVID-19 response oversight and communications in order to reduce related risks. […]
The House on June 8 voted to approve a bill that would require the Food and Drug Administration (FDA), among other tasks, to ensure cybersecurity throughout the lifecycle of medical devices and make sure that device makers meet minimum cybersecurity requirements set by the agency. […]
Federal CIO Clare Martorana today published the Biden administration’s Information Technology Operating Plan that ties together the efforts of four big Federal tech programs and offices into the administration’s goals to improve citizen service and cybersecurity, among other goals. […]
The Department of Energy (DOE) needs to develop a comprehensive approach to electric grid resiliency that coordinates disaster response and grid recovery, as well as utilizes lessons learned from prior natural disasters, according to a June 9 report from the Government Accountability Office (GAO). […]
States have a big opportunity to provide internet service to millions of unconnected citizens people with billions in broadband funding provided by Congress in bipartisan infrastructure legislation, but states have a lot of work to do to make the most of the funds, according to a McKinsey & Co. report released on June 7. […]
As the Cybersecurity and Infrastructure Security Agency (CISA) continues to grapple with the early stages of a rulemaking process for recently enacted cyber incident reporting legislation, CISA Director Jen Easterly said it will be crucial to develop trust with the private sector so that the law is seen as “value-added” and not a burden. […]
The Biden-Harris Administration is seeking feedback on a pending national strategy for privacy-preserving data sharing and analytics, according to a request for information (RFI) released today in the Federal Register. […]
The Cybersecurity and Infrastructure Security Agency (CISA), along with the National Security Agency (NSA) and the FBI, this week issued a joint advisory warning telecommunications companies and network service providers of People’s Republic of China (PRC) state-sponsored cyber actors that continue to pose a threat to their networks. […]
The Department of the Treasury said it approved about $631 million of funding to four states from the Coronavirus Capital Projects Fund (CPF), which will provide money for affordable broadband infrastructure and other digital connectivity technology projects. […]
The Department of Defense’s (DoD) cost and schedule estimates for fully deploying its latest-generation electronic health record system (EHRM) are unreliable and could have the impact of depriving agency leadership of the right information upon which to base deployment decisions, according to a new report by the Government Accountability Office (GAO). […]
The fiscal year (FY) 2023 National Defense Authorization Act (NDAA) continued to take shape today as the House Armed Services Subcommittee on Cyber, Innovative Technologies, and Information Systems voted to approve its markup of language related to cybersecurity and other tech matters that likely will be featured in the NDAA. […]
New bipartisan legislation from Sens. Kirsten Gillibrand, D-N.Y., and Cynthia Lummis, R-Wy., aims to create a complete regulatory framework for digital assets such as cryptocurrencies, but the senators emphasized today how the bill also addresses the cyber aspect of digital assets. […]
Reps. Gerry Connolly, D-Va., and John Sarbanes, D-Md. – both of whom represent districts with large Federal employee populations – have reintroduced legislation that the members of Congress said will “strengthen and expand the federal government’s telework programs by capitalizing on lessons learned” during the coronavirus pandemic when many Federal agencies had most employees working from remote locations. […]
The National Institutes of Standards and Technology (NIST) has finalized new guidance to provide engineers across government and private enterprises with essential design principles for engineering trustworthy secure systems. […]
The Cybersecurity and Infrastructure Security Agency (CISA) on June 6 unveiled its latest cybersecurity public service campaign – aimed at trying to boost adoption of multifactor authentication (MFA) – coinciding with the opening of the RSA Conference in San Francisco, where agency leadership including Director Jen Easterly will be speaking this week. […]
The Tennessee Valley Authority (TVA) – a federally-owned electric utility serving seven states with power generated from dams on the Tennessee River – is employing vulnerable versions of operating systems in its non-dam control system, according to an audit from TVA’s Office of Inspector General (OIG) which examines cybersecurity controls that system. […]
New Senate legislation unveiled today would retain at least for now the status quo on current Federal oversight of some cryptocurrency trading, but also would set the stage for a much broader examination of how and whether the Federal government should create regulatory structures for a wider range of digital assets that includes cryptocurrency. […]
As the Federal government works through the rulemaking process for the recently signed Incident Reporting legislation that originated in the Senate Homeland Security and Governmental Affairs Committee, witnesses for that same committee today stressed the need for unity among both reporting avenues and standardization of data to help operationalize the data. […]
The Department of Veterans Affairs (VA) Office of Inspector General (OIG) is calling on the agency to address its slow progress in improving its cybersecurity posture, but the VA said a lack of funding causes the agency to lose high-quality IT personnel. […]
The Government Accountability Office (GAO) has added unemployment insurance (UI) fraud to its list of “high risk” areas for the Federal government, and has tasked the Department of Labor (DOL) – which provides funding and assistance to states to run their UI programs – with finding a fix to the problem. […]
In today’s edition of Countdown to MerITocracy, we’re taking a look at what may change for the better in the near-term U.S. outlook – how about having the government help recreate the U.S. semiconductor sector that mostly drifted overseas a generation ago – plus billions in Federal R&D funding that stands ready to be put to work in pending legislation in Congress. That money would flow through the National Science Foundation – whose director Dr. Sethuraman Panchanathan is a featured speaker at MerITocracy. […]
As the National Institute of Standards and Technology (NIST) is in the process of updating its Cybersecurity Framework (CSF), it plans to hold a series of workshops and release at least one more draft for public comment before releasing CSF 2.0, according to a NIST blog. […]
The Defense Advanced Research Projects Agency (DARPA) is seeking proposals to address challenges in artificial intelligence (AI) algorithms and architectures that deeply integrate symbolic reasoning with data-driven machine learning to create robust, assured, and, therefore, trustworthy AI-based systems. […]
A new legislative “discussion draft” that aims to create a stronger data privacy and security landscape for U.S. consumers would put the Federal Trade Commission (FTC) in charge of the proposed new rules and would preempt most existing state laws on data privacy and security. […]
The Defense Advanced Research Projects Agency (DARPA) is soliciting new contract proposals to advance and enhance machine learning and artificial intelligence (AI) technologies as part of the agency’s new Enabling Confidence (EC) program. […]
Sens. Jacky Rosen, D-N.V., and Todd Young, R-Ind., have introduced legislation aimed at strengthening the cybersecurity of medical devices, and requiring the U.S. Food and Drug Administration (FDA) to review and update its medical device cybersecurity guidelines. […]
As Federal agencies are working to make progress on President Biden’s cybersecurity executive order (EO) and implement zero trust security architectures, agencies and their leaders must have a tight handle on their zero trust implementation plans, an official from the Cybersecurity and Infrastructure Security Agency (CISA) said this week. […]