Author Archive

Chris Riotta

Staff Writer, Nextgov/FCW

Chris Riotta
Chris Riotta is a staff writer at Nextgov/FCW covering government procurement and technology policy. Chris joined FCW after covering U.S. politics for three years at The Independent. He earned his master's degree from the Columbia University Graduate School of Journalism, where he served as 2021 class president.
Cybersecurity

Ransomware vulnerability warning pilot yielding valuable lessons, CISA official says

The program aims to improve information sharing on cyber vulnerabilities across all levels of government, focusing on resource-poor organizations such as state, local, tribal and territorial agencies.

Cybersecurity

AI/ML advancements outpacing government policies, cyber experts warn

National security, emerging technology and cybersecurity experts told lawmakers Wednesday that the federal government must implement new guardrails to cope with recent advancements in artificial intelligence and machine learning.

Cybersecurity

CISA releases updated guidance for zero trust security architectures

The Cybersecurity and Infrastructure Security Agency is encouraging increased automation and enhanced security for access controls in its latest roadmap for agencies and organizations working to achieve zero trust.

Cybersecurity

CISA director details plan to address security risks in open source software

From hiring an open source security lead to establishing new public-private sector initiatives, the Cybersecurity and Infrastructure Security Agency is taking open source software security risks head on, according to Jen Easterly.

Cybersecurity

How smaller agencies are working to close their technology talent gaps

From innovative fellowships to nixing degree requirements on job listings, smaller agencies are getting scrappy when it comes to hiring tech and cyber talent. 

Public Safety

New federal website offers grants info and research to counter domestic terrorism 

A one-stop shop for state and local governments offers grant funding opportunities and research to support efforts against domestic terrorism.

Cybersecurity

Acting national cyber director offers new details on upcoming cyber workforce strategy

The forthcoming plan is meant to accompany an overarching cyber strategy released last week that industry groups and cybersecurity experts said would be challenging to implement given the nation’s cyber workforce woes. 

Cybersecurity

White House to officially ban TikTok from government devices within 30 days

The guidance follows legislation Congress passed late last year that officially required federal agencies to ban TikTok after dozens of states moved to restrict the app on government devices.

Data & Analytics

CDC technology office plans roadmap for public health data interoperability

The Centers for Disease Control and Prevention’s Office of Public Health Data, Surveillance and Technology is aiming to expand public health data sharing and nationwide health equity over the next two years.

Cybersecurity

Census Bureau data susceptible to ‘reconstruction attacks’ exposing individual data, report claims

A team of computer scientists demonstrated how cybercriminals can leverage commercial laptops to reverse engineer the Bureau’s statistics, leaving Americans exposed to risks like identity theft and discrimination. 

Emerging Tech

NIST researcher calls for further evaluation of the AI impact on humans

Amid growing concerns that artificial intelligence systems could be misused by cybercriminals and for malicious purposes, a leading researcher said more study is needed to determine the societal impact.

Cybersecurity

NIST on tap to improve cybersecurity of water systems

The National Institute of Standards and Technology hopes a new project will create a set of best practices to help the nation’s complex water and wastewater systems bolster their cybersecurity posture.

Cybersecurity

CISA director 'very concerned' about election influence from foreign adversaries

Jen Easterly, director of the nation's cyber defense agency, said foreign adversaries could potentially weaponize disinformation and misinformation to incite violence and undermine the public's confidence in the upcoming elections.

Cybersecurity

The U.S. is the top target of ransomware attacks, report says

The majority of ransomware attacks worldwide targeted industries that play a "critical role" in domestic and international supply chains, including IT, health care and the public sector, according to new research.

Cybersecurity

Cyber criminals increasingly relying on ransomware-as-a-service, report says

A new report reveals threat actors are using the same ransomware as in previous years – but relying on new malware-free intrusion methods and ransomware-as-a-service offerings to evade popular mitigation techniques.

Cybersecurity

CISA teases strategy to protect critical infrastructure

The Cybersecurity and Infrastructure Security Agency will soon release a sweeping plan to bolster cybersecurity protections for the nation's critical infrastructure industries.

Cybersecurity

NSA, CISA and ODNI release new software supply chain guidelines for developers

The guidelines include best practices on open source management, verifying third-party components, delivering code, component maintenance, hardening the build environment and more.

Data & Analytics

New report warns of growing 'data divide'

The Center for Data Innovation says a lack of collection and use of data across demographics is leading to disparities in access to critical services.

Cybersecurity

CISA's cyber info sharing program didn't always deliver, watchdog says

The Cybersecurity and Infrastructure Security Agency did not always provide more than 300 participants of a public-private cyber threat partnership with actionable information to address potential vulnerabilities, according to an oversight report.

Cybersecurity

FTC explains 'reasonable' cybersecurity

From risk-based management to staying up-to-date about known vulnerabilities and their patches, the Federal Trade Commission is detailing key steps organizations can take to avoid getting hit with a data security complaint.