Author Archive

Derek B. Johnson

Derek B. Johnson is a former senior staff writer at FCW.
State & Local

Can the Election Assistance Commission adapt to changing technology?

Despite working for years, EAC has yet to formally vote to adopt either the high-level principles or the more detailed technical guidance that vendors will rely on to build their systems.


EAC takes heat from states for hold-up on voting machine standards

State election officials say they have been waiting years for Election Assistance Commission to approve the newest version of technical and security standards.


How pandemic response amplifies state cyber challenges

The additional responsibilities state and local IT shops have taken on in the wake of the pandemic have stretched their already thin resources, but the work administering hundreds of federal programs may finally open the door for federal cybersecurity funding.


CISA reiterates DNS resolution requirements

The Cybersecurity and Infrastructure Security Agency reminded civilian agencies that they are legally required to use sinkholing capabilities through EINSTEIN 3 Accelerated as their primary upstream DNS resolving service.


White House tightens cybersecurity of electric grid

Trump administration issued an executive order imposing new restrictions on numerous foreign-made products and technology used in bulk-power systems.

Confidence, scope, scalability challenge military AI

As the Defense Department shifts from manual and human-based decision-making to automated, machine-led analysis, it is uncovering new challenges to using the technology.


Lawmakers seek 'complete accounting' of SBA data leak

The incident exposed personal data -- including income and Social Security numbers -- of thousands Economic Injury Disaster Loans applicants.


The rough road to secure remote work

Authenticating teleworkers for secure federal systems is challenging agencies that rely on Personal Identity Verification and Common Access Cards.


House Dems support COVID relief grants to bolster state and local cybersecurity

Four key Democrats are urging House leadership to support additional cybersecurity funding for state and local governments in the next coronavirus relief package.


How scammers can siphon off stimulus payments

While the federal government scrambles to get stimulus money to individuals and small businesses, it may be opening the process up to cybersecurity vulnerabilities and fraud.

Cloud & Infrastructure

CISA fast-tracks TIC telework guidance

The technical guidance will address email, networking, DNS, intrusion detection, data protection and other issues to help agencies keep remote workers and systems secure.

Cloud & Infrastructure

Tips for keeping virtual meetings secure

IT leaders are warning users that the pandemic’s disruption of normal work processes has created wide avenues for malicious third parties to access and exploit government systems.

State & Local

Relief package comes up short on election support, experts say

Some lawmakers and election security experts say the $400 million in the relief package for helping states and municipalities restructure their election processes in the wake of the COVID-19 pandemic sum isn’t close to what is needed.


Agencies stress workflow, cyber basics in telework blitz

As government employees move to remote work, agencies’ network infrastructure and security defenses are feeling the pressure.

Data & Analytics

Are public-health data systems up to the coronavirus challenge?

Updating data reporting, analysis and surveillance capabilities at the Centers for Disease Control and Prevention will improve detection and tracking of emerging health threats, agency officials said.


Cyber researchers get legal tips from DOJ

The Department of Justice issued some non-binding legal advice to security researchers who gather cyber intelligence from dark corners of the internet.


Ransomware evolves from side hustle to main gig

As profits increase for hackers, the number of ransomware attacks will continue to escalate, according to a new threat report.


DHS cyber chief takes on ransomware

While Cybersecurity and Infrastructure Security Agency has not aggressively addressed ransomware threats, the agency is reaching out to local governments, businesses and critical infrastructure managers about how to prepare and respond.


GitHub: Secure enough for government work, mostly

Agencies are embracing the use of open-source tools like GitHub to better coordinate development projects.

Cloud & Infrastructure

Securing FedRAMP’s future

Federal Risk and Authorization Management Program must keep pace with rapidly evolving technology and growing agency need for authorized cloud services, a new report says.