Cybersecurity
-
The White House wants agencies to emphasize cyber supply chain risk management. To do so, offers Palo Alto Networks’ Deontray Jones, agencies must implement cyber best practices consistently and holistically across their enterprises.
September 14, 2023 -
“Probably one of the single most effective process changes that agencies can do is for people to get over themselves and change their mindset. The world today is not the world 10 years ago,” says Splunk’s Juliana Vida, who offers ways to move forward.
September 14, 2023 -
Following the President’s invitation to the private sector to collaborate with the federal government on the National Cybersecurity Strategy’s execution, the White House released the National Cybersecurity Strategy Implementation Plan (NCSIP). The strategy did not include a way to “RSVP” to the President’s invitation, nor does the NCSIP. The absence of specified lines of communication for the private sector to follow provides an open forum for organizations to maximize initial engagement with the federal government.
September 13, 2023 -
An unclassified summary of DOD’s new cyber strategy offers few specifics as it outlines plans to protect the industrial base and improve technology used in cyber defense.
September 12, 2023 -
The government’s federal chief information security officer shares progress update on where agencies stand on implementing phishing-resistant multifactor authentication, endpoint detection and response, and cultural changes to improve cyber posture.
September 12, 2023 -
Can your agency get access to cyber tools quickly? Yes, says AWS’ Jim Helou. It’s one of the benefits of the cyber partnerships available through Marketplace: providing agencies access to combinations of tools needed for zero trust — on a compressed timeline.
September 12, 2023 -
Yes, zero trust is a journey. But it also requires being holistic in your approach, recommends CrowdStrike’s Andrew Harris. He shares this plus three other tips for success in implementing zero trust with The Federal Drive’s Tom Temin.
September 12, 2023 -
Maybe Hansang Bae once worked at Nike. When he’s taking about zero trust, he’s so passionate that you expect at any moment he’s going to say, “Just do it.” What he definitely did say was: “My advice is to get going. The technology is mature enough.”
September 12, 2023 -
Zero-trust architecture has been top-of-mind for the federal government, especially as we approach the one-year countdown for the White House’s zero-trust memorandum deadline.
September 12, 2023 -
Getting rid of passwords once and for all is really about creating strong security that’s also frictionless for users, explains Okta’s Sean Frazier in a conversation with Federal News Network’s Jason Miller. What will that take?
September 12, 2023 -
Alex Whitaker, the director of government affairs for the National Association of State Chief Information Officers, said pushing for broader adoption of the .gov domain and harmonization of federal cyber regulations.
September 11, 2023 -
The cybersecurity team at the National Institute of Standards and Technology (NIST), is about to finalize a new version of a signature document: The Cybersecurity Framework. Next week it holds a workshop to get one last round of input on the new framework draft. For more, Federal Drive Host Tom Temin spoke with Kevin Stine, the Chief of NIST's Applied Cybersecurity Division.
September 11, 2023 -
Lt. Gen. Robert Skinner, DISA’s director and commander of the Joint Force Headquarters-Department of Defense Information Network (JTF-DoDIN), said the agency is undertaking three separate tests of tools to better protect internet boundaries.
September 08, 2023 -
The Cybersecurity Maturity Model Certification program has been in gestation at the Defense Department longer than a baby elephant. CMMC is still not operational, but, boy, has it produced documents. Just out, new scoping documents. Do contractors need to read them? To discuss that topic, Federal Drive Host Tom Temin was joined in studio by Holland and Knight contracting attorney Eric Crucius.
September 08, 2023 -
CISA is nearly done writing the proposed rules for cyber incident reporting, while the CMMC rules may be out for comment before the end of 2023.
September 07, 2023