The U.S. Navy and its revitalized CIO office is looking to modernize its systems and capabilities, with artificial intelligence (AI) as a tool to tackle a complicated environment, said Christopher Cleary, Navy CISO, in a November 12 speech. […]

The Office of Personnel Management’s (OPM’s) cybersecurity fell under scrutiny in two audits by the agency’s inspector general, with both identifying issues in OPM’s controls and security practices. […]

John Sherman, Principal Deputy CIO at the Department of Defense (DoD), said Oct. 28 that the Pentagon is making progress with IT modernization activities for the parts of the agency known as “the Fourth Estate” – offices that are not military services or intelligence community agencies. […]

A new survey finds that 82 percent of Federal IT decisionmakers expect the majority of the work week to consist of telework even after the COVID-19 pandemic subsides. The survey also finds decisionmakers still face challenges in managing systems and cybersecurity. […]

Communication, collaboration, and coordination are being touted as the keys to success for teleworking during the coronavirus pandemic, but the best frameworks for cyber defense in these modern times may end up coming from old teachings. […]

U.S. policy-makers and several close foreign allies issued a statement this weekend calling for technology providers to provide access for governments and law enforcement to encrypted data and protected systems. […]

The Federal Aviation Administration (FAA) needs to take further action to spur improvements in aircraft avionics systems in order to meet evolving cybersecurity threats and the trend toward increased connectivity between aircraft and systems, the Government Accountability Office said. […]

Across several agencies with the Department of Defense (DoD), building a zero-trust architecture to secure IT systems is becoming the strategy of choice for agency leaders as several confirmed efforts to transition over from a traditional perimeter approach today. […]

The Treasury Department is asking organizations not to pay off malicious actors to terminate ransomware attacks without carefully considering possible national security threats – and said it may implement penalties for organizations that choose to pay ransom to their attackers. […]

The increased shift to telework seems like it is here to stay as employers work to slow the spread of COVID-19 several months into the pandemic, and the Cybersecurity and Infrastructure Security Agency (CISA) released new telework tips for leaders, IT professionals, and teleworkers to keep the remote environment secure. […]

The Cybersecurity and Infrastructure Security Agency (CISA) is partnering with the National Cyber Security Alliance (NCSA), a public-private partnership dedicated to the cause, to lead the 17th annual National Cybersecurity Awareness Month starting today.   […]

In a discussion about creating more diversity in the field of cybersecurity, Department of Agriculture CISO Venice Goodwine encouraged cyber professionals not to let anyone put them in a box, to invest in themselves, and to be deliberate in their career decisions. […]

A two-part ransomware guide released yesterday by the Cybersecurity and Infrastructure Security Agency (CISA) and Multi-State Information Sharing and Analysis Center (MS-ISAC) directs cyber professionals on how to protect against and respond to attack. […]

The Government Accountability Office (GAO) is recommending that the Treasury Department take steps – in coordination with the Department of Homeland Security and others – to better track and prioritize cyber risk mitigation efforts across the financial services sector. […]

A Government Accountability Office (GAO) official said on Sept. 16 that the Department of Veterans Affairs (VA) is taking action on several major IT modernization and cybersecurity issues that GAO has flagged in recent years, but that the agency still has a lot of work to do to address many of them. […]

The Internet of Things (IoT) Cybersecurity Improvement Act of 2020 passed the House today and is moving to the Senate for consideration. The legislation would set a minimum-security standard for all IoT devices purchased by government agencies. […]

The Cybersecurity and Infrastructure Security Agency (CISA) revealed today that malicious actors affiliated with the Chinese Ministry of State Security (MSS) are using open-source information plans and readily available exploits to attack networks. […]

In preparation for Federal efforts in outer space, the Trump Administration is calling on leaders across government to prepare space IT systems against cyberattacks before launch. […]

Continuous Diagnostics and Mitigation (CDM) Program Manager Kevin Cox said Sept. 9 that his office’s high-level aims for Fiscal Year 2021 feature an extensive menu of goals – fuller “operationalization” of CDM data, progress on installing the latest version of the CDM dashboard at the agency and Federal levels, and helping agencies to better understand and handle security for data in the cloud and from mobile services. […]

Assessing the current threat landscape six months into the COVID-19 pandemic, Director of the Cybersecurity and Infrastructure Security Agency Christopher Krebs listed nation-state spies, cybercriminals committing fraud, and the spread of disinformation as top cyberattack vectors. […]

Deputy Federal CIO Maria Roat asserted at the Billington Cybersecurity Summit that the Federal government is using a DevSecOps approach to integrate security into every aspect of modernization, but she insisted that the workforce must be cyber ready to be entirely secure. […]

The Information Technology Industry Council this week released its guide for cybersecurity certification, which includes a warning against a “one-size-fits-all solution” in certification. […]

For agencies looking to implement cybersecurity solutions, Terry Kalka, Chief of Mission Support at the Department of Defense Cyber Crime Center, emphasized that basic cyber hygiene practices will block a majority of cyberattacks unless those attacks stem from a particularly advanced threat actor. […]

The Department of Health and Human Services (HHS) is embracing a new cybersecurity routine after the ongoing public health crisis placed a new target on the agency and malicious actors boosted their efforts to infiltrate the agency and access sensitive data, HHS CISO Janet Vogel said this week. […]

Days after the director of the National Counterintelligence and Security Center (NCSC) announced the ongoing efforts of foreign nations to interfere in U.S. elections, he offered five additional areas as the present and future of cybersecurity. […]

The Department of Veterans Affairs (VA) is seeking an in-depth cybersecurity audit of its Financial Services Center to analyze its compliance with Federal statutes, how the agency is adapting processes to support compliance, and cybersecurity sustainment across VA. […]

Cloud security provider Zscaler said it is making progress in efforts to obtain “High Impact” level classification under the Federal Risk and Authorization Management Program (FedRAMP) for its Zscaler Internet Access (ZIA) service – a secure internet and web gateway  solution that was the first product of its kind to receive to earn FedRAMP certification earlier this year. […]

As government cybersecurity practices shifted to adjust to the increase in telework during the COVID-19 pandemic, officials from the Department of Homeland Security (DHS) and the Cybersecurity and Infrastructure Security Agency (CISA) previewed cyber tools offered by the agencies, but reminded Feds that knowing the network architecture is an early and necessary step toward selecting the correct protections. […]

When it comes to the security of sensitive information in the energy sector, collaboration between the Department of Energy, intelligence community, and private sector are foundational to these efforts, Senior Advisor at the Office of Policy for Cybersecurity, Energy Security, & Emergency Response Alexander Gates said. […]

Department of Agriculture (USDA) CIO Gary Washington is crediting the cloud for keeping agency networks cyber-secure during the coronavirus pandemic, and lauding the technology’s cost-savings and efficiency benefits in a remote environment. […]