The Defense Department, General Services Administration, and NASA have issued a final rule amending the Federal Acquisition Regulation (FAR) to add the framework for a new FAR part 40 covering information security and supply chain security. […]

The Department of Defense (DoD) stood up a new civilian-facing cyber policy office on March 20, the department announced last Friday. […]

2024 was the first year that artificial intelligence (AI) appeared on the National Association of State Chief Information Officers’ (NASCIO) list of top priorities for state CIOs. Also for the first time ever, digital government services and cybersecurity tied for the top priority spot. […]

The General Services Administration’s (GSA) Federal Risk and Authorization Management Program (FedRAMP) released a new roadmap today outlining how the program will evolve in the next 18 months, focusing on key goals such as customer experience (CX) and cybersecurity leadership. […]

The Department of Homeland Security’s (DHS) Cybersecurity and Infrastructure Security Agency (CISA) published its long-awaited cyber incident reporting rule today for the Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA), requesting public input on the forthcoming regulations. […]

Sen. Gary Peters, D-Mich., chairman of the Senate Homeland Security and Governmental Affairs Committee, is calling on the Cybersecurity and Infrastructure Security Agency (CISA) and the Department of Health and Human Services (HHS) to prioritize cybersecurity efforts in the healthcare sector. […]

The Department of Justice (DoJ) announced today that it has charged seven hackers associated with the People’s Republic of China (PRC) for “malicious” cyberattacks that targeted U.S. government officials, politicians, and companies. […]

Sen. Mark Warner, D-Va. – co-chair of the Senate Cybersecurity Caucus – introduced legislation that would provide financial incentives for healthcare providers to boost their cyber defense by requiring them to meet minimum cybersecurity standards in order to receive accelerated payment in the event of a cyberattack. […]

Automation technologies have helped the Department of Veterans Affairs (VA) stop more than 800 cyberattacks this fiscal year, a VA cybersecurity official said today during the ServiceNow Federal Forum – powered by MeriTalk – in National Harbor, Md. […]

Following the discovery of a Chinese-based hacking group compromising U.S. critical infrastructure, the White House – in collaboration with the Environmental Protection Agency (EPA) – announced plans this week to form a Water Sector Cybersecurity Task Force. […]

The National Security Agency’s (NSA) Cybersecurity Collaboration Center (CCC) has been “game-changing” for the NSA in terms of gaining unique insights from partners on specific adversaries, according to Morgan Adamski, the chief of the CCC. […]

In response to the evolving threat environment, the Cybersecurity and Infrastructure Security Agency (CISA) is looking to better coordinate cybersecurity operations across the Federal government through a newly released Federal Operational Cyber Alignment Plan, or FOCAL. […]

Michael Dickman, Chief Product Officer at security provider Gigamon, reinforced the concepts of “assume breach” and the application of network observability capabilities during a keynote address on innovative cybersecurity approaches at the Visualyze Zero Trust Security Summit hosted by Gigamon and MeriTalk on Feb. 29. […]

President Joe Biden released his budget proposal for fiscal year (FY) 2025 today, allocating $13 billion in cybersecurity funding across the Federal government. This request includes an additional $103 million for the Cybersecurity and Infrastructure Security Agency (CISA). The March 11 document for FY2025 comes as Congress continues to work to pass spending bills for […]

The Federal government should provide economic incentives such as tax deductions or Federal grants to critical infrastructure providers and other organizations that adopt cybersecurity best practices, the National Security Telecommunications Advisory Committee (NSTAC) said in a March 7 report. […]

When FITARA was first launched in November 2015, the Department of Education received a big fat “F” on its scorecard – denoting that the agency was failing across its IT and cyber categories. […]

The Biden-Harris administration’s National Cybersecurity Strategy turned one year old on March 2, and the White House’s cyber lead touted that his office has been “working tirelessly” to coordinate implementation of the sweeping policy document. […]

Global tech trade association ITI released several policy actions last week that it suggests Congress and the Biden administration should focus on in 2024 to ensure the United States remains a global leader in technology and innovation, with AI being top on the list. […]

Tech policy experts on Capitol Hill said Thursday that the recent AT&T outage across the nation showed the importance of the resiliency of America’s critical infrastructure. […]

The head of IT at the Department of Justice (DoJ) today laid out how zero trust must be incorporated into the five strategic pillars of “good IT operations,” including enhancing cybersecurity and elevating the workforce.   […]

Zero trust security is a complex and moving target, but cybersecurity experts today explained how focusing on your people and instilling a culture of cybersecurity can help Federal agencies reduce zero trust complexity. […]

The Department of Energy’s (DoE) Office of Cybersecurity, Energy Security, and Emergency Response (CESER) announced this week the allocation of $45 million for 16 projects aimed at developing new technologies to prevent cyberattacks and reduce energy disruptions from cyber incidents. […]

The White House Office of the National Cyber Director (ONCD) released a report today calling on the technical community to proactively reduce the attack surface in cyberspace by adopting memory safe programming languages and developing better cyber diagnostics. […]

The Cybersecurity and Infrastructure Security Agency (CISA), Environmental Protection Agency (EPA), and FBI published a joint fact sheet on Feb. 21 outlining the top cybersecurity actions water and wastewater systems sector (WWS) entities can take to improve their cyber resiliency. […]

President Biden signed a new executive order (EO) today that looks to strengthen the cybersecurity of our nation’s ports, as well as bolster maritime cybersecurity and supply chains more generally. […]

The Department of Justice (DoJ) and FBI, along with the U.K. National Crime Agency’s (NCA) Cyber Division and other international law enforcement partners, announced today that they have disrupted the LockBit ransomware group – one of the most active ransomware groups in the world. […]

Rep. Nancy Mace, R-S.C. – chair of the House Oversight Subcommittee on Cybersecurity, IT, and Government Innovation – is probing the General Services Administration’s (GSA) chief information officer (CIO) after the agency’s inspector general (IG) found that it had purchased Chinese-manufactured videoconference cameras with known security vulnerabilities.  […]

The government’s move to zero trust security is picking up speed, with Federal agencies facing an Office of Management and Budget deadline to meet specific zero trust goals by the end of fiscal year 2024. Peter Romness specializes in just this type of situation: the cybersecurity principal in the CISO Advisor’s Office at Cisco Systems has been helping government customers achieve their missions for nearly 35 years. In a recent interview with MeriTalk, Romness offered expert tips to agencies on how they can make faster progress – often with existing tools – in boosting cybersecurity and meeting the Federal mandates. […]

The U.S. government’s Zero Trust progress is paying off as organizations across the public and private sectors address Ivanti security breach risks.  […]

Department of Defense (DoD) Chief Information Officer (CIO) John Sherman has released new cybersecurity guidance on information sharing, best practices, and training for international partners looking to develop their cybersecurity standards and procedures. […]