Digital Government
NIST framework focuses on election cybersecurity
The new draft framework combining election security and cybersecurity is the first of its kind for NIST.
Cybersecurity
What cyber risks will Biden's supply chain EO uncover?
The administration has ordered a wide-ranging assessment of the risks to manufacturing and technology supply chains. Analysts, former government officials and industry say a large workforce gap and problematic frameworks are among the threats cybersecurity poses to the country's supply chains.
Cybersecurity
Under new law, NIST looks to map out vulnerability disclosure policies for government
Lawmakers in December tasked NIST with to developing processes that would ensure software vulnerability reports flow to the appropriate government offices and the issues are promptly fixed.
Cybersecurity
NIST offers tools to defend against nation state cyber threats
The National Institute of Standards and Technology cites a 2018 hack of a Navy contractor as inspiration for a new publication on cyber defense, but security analysts say the tools are just as relevant to SolarWinds Orion.
Acquisition
IoT cyber law signed amid growing vulnerabilities
The passage of the IoT Cybersecurity Improvement Act of 2020 means that NIST will start to address the gap in post-market guidance to help organizations adequately address newly discovered vulnerabilities in devices already on their networks.
Acquisition
Senate passes IoT cybersecurity bill
The legislation mandates minimum security requirements on internet of things devices bought by the federal government.
Cybersecurity
House votes for new rules on federal IOT acquisition
Legislation from congressional tech stalwarts would add security requirements for connected devices purchased by the federal government.
Cybersecurity
House bill aims to strengthen digital ID
Legislation proposed in the House would tap the National Institute of Standards and Technology and the Department of Homeland Security in new effort to help set national digital identifier capabilities.
Cybersecurity
How zero trust solves the 'weakest link' problem
Many government agencies currently have components of zero trust already in their infrastructure, including identity credential and access management and continuous monitoring, so moving to a comprehensive zero trust model would just strengthen what is already there.
Modernization
Staying ahead of threats on government networks
Why securing data and managing cyber risk must now become critical elements in agency ERM frameworks.
Cybersecurity
CMMC training registration opens, but implementation worries persist
The first cadre of DOD cybersecurity assessors is expected to graduate by early August, but concerns loom over Cybersecurity Maturity Model Certification.
Cybersecurity
Data exchange and cybersecurity
Ensuring different software systems can easily communicate and exchange data is as much about people and process as it is technology.
Cybersecurity
NIST official says post-quantum environment still years away
Despite industry claims of quantum supremacy, a NIST official said there's no danger in the near future that modern tools will be able break current encryption methods.
People
Strategies for finding and keeping new feds
Federal agencies are getting creative as they look to replace retiring employees with new hires.
Cybersecurity
NIST looking for partners to secure energy IoT
The agency is looking for new methods for secure connected devices in the U.S. energy industrial sector, from sensors attached to machinery and vehicles to insecure devices that help transmit data from distribution control systems.
Cybersecurity
NIST seeks comment on privacy framework
The latest version comes with a number of notable additions, such as increased flexibility for organizations and a concerted effort to align the agency's privacy and cybersecurity efforts.
Cybersecurity
DHS supply chain risk assessment set for White House review
The chair of the Supply Chain Task Force told a government advisory panel that a taxonomy of IT and communications sector risks is in the final stages of approval.
Cybersecurity
With defense contractors in the crosshairs, NIST rolls out new cyber guidelines
Foreign countries are targeting and compromising U.S. contractors so frequently that the Department of Defense asked NIST to develop custom security guidance.
Cybersecurity
Federal networks escaped harm in DNS tampering campaign, official says
A DHS official said there are still "a handful" of agencies who have yet to fully comply with a January 2019 emergency directive on DNS tampering and gave insight on a budget request for new tech to detect such threats earlier.
Almost There!
Help us tailor content specifically for you: