Author Archive
Public Safety
Legislation sets penalties for drone misuse
The Drone Act of 2022 would set new federal penalties for drone operators who weaponize drones, disrupt emergency operations or use the technology to deliver contraband into prisons.
Cloud & Infrastructure
Infrastructure investments should focus on 'cyber smart' projects
Funding appropriated in the $1.2 trillion Infrastructure Investment and Jobs Act should go toward investments that bolster resilience and protections for America's digital and physical infrastructure, National Cyber Director Chris Inglis said.
Cybersecurity
Water sector wants greater cybersecurity for its infrastructure
Experts from the water and wastewater sectors called on the Environmental Protection Agency to bolster cybersecurity for what they called America's "weakest link" when it comes to critical infrastructure.
Cybersecurity
Watchdog finds cyber risks in TVA control systems
The Tennessee Valley Authority, a federal utility operating in seven southeastern states, lacked proper IT controls and cybersecurity oversight of systems assisting with flood and river management, according to a recent inspector general report.
Cybersecurity
EPA seeks funding to improve the cybersecurity of America’s water systems
The Environmental Protection Agency aims to invest $4 billion in upgrades to the nation’s water and wastewater infrastructure with a strong focus on cybersecurity.
Cybersecurity
New cybersecurity bill authorizes DHS to ramp up incident response efforts nationwide
The National Cybersecurity Preparedness Consortium Act gives the Department of Homeland Security a range of opportunities to bolster cybersecurity preparedness at the state and local level, including and technical assistance services.
Data & Analytics
Panel closes in on federal data use recommendations
The Advisory Committee on Data for Evidence Building is preparing a series of recommendations that officials said will increase collaboration with state governments.
Cybersecurity
NIST moves toward cybersecurity labeling for IOT devices
If a plan proposed in the Biden administration's executive order is successful, consumer internet-of-things devices will come with a cybersecurity seal of approval.
Cybersecurity
CISA's public-private cyber defense group helped speed Log4j mitigation, experts say
A panel of cybersecurity pros testified that the Cybersecurity and Infrastructure Security Agency's collaborative operational body helped speed up response times and provide critical real-time insights on the Log4J software vulnerabilities to a vast range of companies and federal agencies.
Cybersecurity
White House starts the clock on zero trust adoption
Agencies will have to meet specific zero trust security requirements by the end of fiscal year 2024 under a new policy memo, including updates to identity policies that will affect how federal employees access systems and applications.
Cloud & Infrastructure
Citizen satisfaction with federal government services hits all-time low
The American Customer Satisfaction Index 2021 Federal Government Report showed citizen satisfaction in government services in a freefall over the last four years, with declines across all driving indicators of satisfaction.
Cybersecurity
Ransomware to overtake phishing as top cause for data compromises, report says
A new report says 2021 set a record for data breaches, but increasingly notifications to victims and authorities often lack transparency, hindering investigations.
Data & Analytics
Data management's role in sustaining digital transformation
As agencies move from the research to implementation phase of their digital transformations, federal data experts say intelligent data management is crucial to better leverage and protect critical data.
Cybersecurity
FTC warns of legal risks of failing on Log4j mitigation
The Federal Trade Commission issued a warning urging companies to take "reasonable steps" to mitigate known software vulnerabilities or face potential legal consequences, recalling the $700 million settlement Equifax paid for a major breach in 2017.
Cybersecurity
CISA, FBI issue new guidance on addressing Log4j risks
The Cybersecurity and Infrastructure Security Agency and its partners are providing new ways to identify Log4j risks and mitigate possible exploitation.
Cybersecurity
DHS scales up bug bounty program
Department of Homeland Security Secretary Alejandro Mayorkas announced a plan to pay vetted cybersecurity researchers between $500 and $5,000 for identifying cybersecurity vulnerabilities within agency systems.
Cybersecurity
CISA floats plan to better secure federal civilian email
The Cybersecurity and Infrastructure Security Agency wants to beef up federal civilian email security with CISA-provisioned threat hunting and incident response efforts, according to a request for information published last week.
Cloud & Infrastructure
Lawmakers dig into FedRAMP security
Security weaknesses in the FedRAMP program were raised at a meeting between federal officials and lawmakers ahead of a vote to codify the General Services Administration’s Federal Risk and Authorization Management Program into law.
Cybersecurity
Feds still unsure of ransomware’s reach
A Department of Homeland Security official suggested the department lacked critical data about ransomware attacks targeting the private sector and government agencies.
Cybersecurity