When FITARA was first launched in November 2015, the Department of Education received a big fat “F” on its scorecard – denoting that the agency was failing across its IT and cyber categories. […]

The Department of Education is notching swift progress on the Biden administration’s cybersecurity executive order (EO) imperatives, with a particular focus on the identity aspect of zero trust, according to Chief Information Security Officer (CISO) Steven Hernandez. […]

Achieving effective cybersecurity relies on experts from all corners of an enterprise – network systems administrators, cloud experts, data stewards, cybersecurity officers, and more. Making all of those parts work right together makes cybersecurity the ultimate team sport, and it requires all levels of an organization to understand and avoid risks to a network, said Steven Hernandez the chief information security officer (CISO) for the Department of Education (DoE). […]

Federal chief information security officers (CISOs) today recommended that as Federal agencies implement zero trust security architectures they also put in place continuous training programs for their workforce to keep employees up to date on the technology and best practices. […]

The zero trust journey can present several challenges for organizations, with funding being just one of them, but Steven Hernandez, chief information security officer at the Department of Education, said the biggest hurdle he sees with zero trust comes down to cultural challenges. […]

Even before the coronavirus pandemic jolted Federal agencies into a crash course on network modernization, the Federal CIO Council had cooked up its prescient “Networks of the Future” white paper that lays out next-generation network technologies and strategies that provide a roadmap for agencies in the post-pandemic era. […]

Education Department CISO Steven Hernandez joined MeriTalk’s CDM Central: the Age of the Cyber Defenders virtual conference on May 12 to discuss how the Continuous Diagnostics and Mitigation (CDM) program and automation are impacting the agency. […]

The line between cybersecurity that keeps the Federal civilian government humming toward pandemic recovery – and the mayhem threatened by mounting waves of nation-state and criminal cyber assaults on government networks – in large measure passes through the Continuous Diagnostics and Mitigation (CDM) program run by the Cybersecurity and Infrastructure Security Agency (CISA). […]

As government agencies have increased their digital presence through social media, websites, or other online channels, they also have put themselves in position to be attacked outside of their traditional digital perimeters. These outside attacks can include social media impersonations, account takeovers, false or misleading information, or the disclosure of confidential agency information. […]

Federal agency leaders agree that zero trust is a journey that will take time to implement but, with modern-day cyber threats, the sooner agencies implement zero trust the better. […]

Back in December 2019, months before the COVID-19 pandemic hit, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) released a draft document of its Trusted Internet Connections (TIC) 3.0 guidance. […]

Fresh off notching an A+ grade on the latest FITARA Scorecard, the Department of Education knows it has a handle on good IT, and agency CISO Steven Hernandez said today he credits a measure of that success to an important mindset change on data. […]

While figures vary across industry and government as to the size of the “phishing-prone” population in any organization, both sides agree that sustained internal employee training efforts are necessary to cut the success rate of spear-phishing exploits down to more manageable levels. […]

Federal agency CISOs obviously have a lot to do – like securing networks, for one – but they’re also busy “selling” cybersecurity within their agencies to leadership across the organization, a panel of Federal security chiefs explained Oct. 22 at the ACT-IAC Imagine Nation 2019 conference. […]

Boosting the use of cloud services may be the answer to expanding implementation of zero-trust models of cybersecurity across Federal agencies and departments, Education Department CISO Steven Hernandez said at an ACT-IAC meeting today. […]

If you take a close look at the Federal CIO Council website, you’ll likely see some new names serving in leadership positions. […]