Federal IT professionals often feel stuck between a rock and a hard place. Their “customers” – which include every U.S. citizen as well as legions of internal stakeholders – want them to deliver modern services faster, more securely, and more cost-effectively at a time when workloads and expectations have never been greater. Couple this with record employee transitions and steep competition for talent, and IT professionals face a Herculean mission. […]

President Biden has announced his intent to nominate John Sherman as chief information officer (CIO) at the Department of Defense. Sherman has served as acting CIO at DoD since January. […]

Adversaries have moved beyond malware to conduct more sophisticated cyberattacks, according to CrowdStrike’s 2021 Threat Hunting Report released this week. […]

As the military moves towards utilizing a Joint All Domain Command and Control (JADC2) data fabric across operations, the Army and other military departments are increasingly engaging in operations across multiple domains. In order to maintain staunch cybersecurity practices in these environments, the military must move to zero trust, Army CIO Raj Iyer said Sept. 8. […]

The Biden administration’s latest set of directives that aim to move Federal agencies toward zero-trust security architectures and more cloud adoption are receiving positive initial reviews from Federal IT officials, although leaving some to wonder where funding will come from for agencies to follow through on the directives. […]

Like all Federal agencies, the Office of Personnel Management (OPM) is working on complying with President Biden’s cyber executive order (EO). To help comply with the EO and aid OPM’s modernization mission, the agency has funding requests out to the Technology Modernization Fund (TMF) Board to help OPM with the move to zero trust and cloud modernization, OPM CIO Guy Cavallo said August 31. […]

The only way to successfully build software now and in the future at scale while moving at a pace of relevance is with development, security, and operations (DevSecOps), the chief software officer (CSO) at the U.S. Air Force (USAF) said during a virtual summit held by ATARC on August 31.   […]

An August 10 memo from Shalanda Young, acting director of the Office of Management and Budget (OMB), is providing instructions to Federal agencies about how to comply with security guidance of “critical software” as directed by President Biden’s executive order (EO) on cybersecurity issued in May. […]

The Government Accountability Office (GAO) published a fresh update on its priority open recommendations for the Department of Defense (DoD), showing that while the Pentagon has been busy trying to satisfy numerous prior recommendations from the watchdog agency, its overall to-do list from GAO is staying about the same because a steady stream of new recommendations are being added. […]

The Cybersecurity and Infrastructure Security Agency (CISA) released a new training guide to help IT professionals advance their careers in the Federal and state, local, tribal, and territorial cybersecurity communities. […]

Federal Chief Information Security Officer Chris DeRusha said today that working to update the Federal Information Security Management Act (FISMA) – and generate more useful Federal agency cybersecurity metrics as a result – are among his top priorities currently. […]

The National Institute of Standards and Technology’s (NIST) National Cybersecurity Center of Excellence (NCCoE) has named 18 firms it will work with on NCCoE’s Implementing a Zero Trust Architecture Project. […]

With President Biden’s cyber executive order (EO) guiding Federal agencies towards implementing zero trust architectures, the U.S. Army Corps of Engineers has already created a Zero Trust Playbook to help outline the change and create guidelines, the Corps’ CIO said today. […]

U.S. Air Force Chief Software Officer (CSO) Nicolas Chaillan this week emphasized the importance of a moving toward zero trust security architectures within the Department of Defense (DoD) – a process that DoD Acting CIO John Sherman has said is a top tech priority for the Pentagon. […]

Defense Department Acting CIO John Sherman emphasized the Pentagon’s firm intent to move further toward adopting cloud infrastructures and zero trust security concepts at a June 29 hearing held by the House Armed Services Committee’s Subcommittee on Cyber, Innovative Technologies, and Information Systems. […]

While zero trust may be the latest buzzword in cybersecurity, the security principles behind a zero trust architecture aren’t new. Adoption across the Federal government has been slow as agencies deal with legacy systems, budget issues, competing priorities, and a shortage of security experts. […]

The board of the Technology Modernization Fund (TMF) has been reviewing in recent days proposals from Federal agencies to help fund their efforts to move toward zero trust security architectures, according to Matt Hartman, who is Deputy Executive Assistant Director for Cybersecurity at the Cybersecurity and Infrastructure Security Agency (CISA), and also a member of the TMF board.   […]

The cybersecurity executive order (EO) signed by President Joe Biden is requiring Federal agencies to make plans for implementing zero trust architectures to strengthen cybersecurity postures and the directive is being largely seen as a positive by agency experts. […]

The road to Federal agencies implementing zero trust security architecture – one of the overriding goals of President Biden’s cybersecurity executive order – leads unavoidably through completion of the transition to a network infrastructure that relies on all-IPv6 (Internet Protocol version 6) address protocols, Federal IT officials emphasized today. […]

Major Federal government IT and cybersecurity modernization plans – from the rapid deployment of zero trust architectures and 5G technologies to the adoption of IoT and smart infrastructures – depend upon a scalable, robust and agile network infrastructure as a foundation for such advances.  The Federal government has committed to the full transition to IPv6 as its basis for network modernization, and in November 2020, the Office of Management and Budget (OMB) issued a policy that outlined the strategic intent for the government to deliver its information services, operate its networks, and access the services of others using only IPv6. […]

The Defense Information Systems Agency (DISA) has issued a request for information (RFI) to assist the agency in efforts to procure tools, systems, and capabilities to assist in deploying a zero trust Secure Access Service Edge (SASE) capability. […]

President Joe Biden and Vice President Kamala Harris submitted the President’s Fiscal Year (FY) 2022 budget request to congress which includes $715 billion of which is allocated for the Department of Defense (DoD) to bolster the Pentagon’s technological capabilities, among other objectives. […]

Anne Neuberger, the White House deputy national security advisor for cyber and emerging technologies who is a driving force behind the Biden administration’s cybersecurity executive order issued earlier this month, today noted an initial “disappointment” with Federal network hygiene in a follow-up discussion about the broader aims of the order. […]

The Defense Department’s (DoD) top cybersecurity official said at the RSA Cybersecurity Conference today that the agency’s current efforts to implement zero trust security concepts represent a “game changer” in the Pentagon’s network security efforts, but emphasized that traditional perimeter and layered defenses remain as important as ever in DoD’s big-picture security strategy. […]

The Defense Information Systems Agency (DISA) on May 13 released the initial Defense Department (DoD) Zero Trust Reference Architecture that aims to boost cybersecurity and “maintain information superiority on the digital battlefield.” […]

Federal agency progress in implementing the Cybersecurity and Infrastructure Security Agency’s (CISA) Continuous Diagnostics and Mitigation (CDM) program would benefit from a kick-start from Congress in the form of more funding for the program, along with money for agencies that have to pay for the additional security capabilities on an ongoing basis. […]

Education Department CISO Steven Hernandez joined MeriTalk’s CDM Central: the Age of the Cyber Defenders virtual conference on May 12 to discuss how the Continuous Diagnostics and Mitigation (CDM) program and automation are impacting the agency. […]

In the wake of recent high-profile cyberattacks, IT experts gathered at MeriTalk’s CDM Central: The Age of Cyber Defenders virtual event on May 12 agreed that the Federal government needs to accelerate innovation when it comes to cybersecurity, and that includes implementing the Continuous Diagnostics and Mitigation (CDM) program, along with zero trust security concepts. […]