New guidance from lead cybersecurity agencies and industry partners provides both individual developers and large companies with software supply chain security best practices
FedRAMP plays a vital role in ensuring the government can operate and innovate securely, and it faces a busy year of restructuring on the road to efficiency that meets modern demands. Federal agencies should join that ride to become champions of innovation instead of captives of compliance. Automation is the highway to progress on that journey, and OSCAL is its fast-speed lane.
Six federal and industry experts praised OMB’s revamped cloud security memo for leaning in on automation and modernizing the Joint Authorization Board concept.
As agencies ratchet up cyber controls, many find that improving user experience becomes equally critical. For an exclusive round table, we get tips and insights from security leaders at GSA, NGA, NRO, SEC and USPS.
The addition of security baselines for Google Workspace products comes after CISA already released baseline configurations for Microsoft 365.
The hackers were likely mapping the unidentified agency's network, but "no evidence is available to confirm successful data exfiltration or lateral movement during either incident," CISA says.
In today's Federal Newscast: Sen. Tommy Tuberville (R-Ala.) has lifted his abortion-driven hold on military promotions. Job satisfaction at the Homeland Security Department has increased. And GAO blames staffing shortages for the failure of federal agencies to battle cyber attacks.
In the hopes of boosting employee retention, the Office of Personnel Management launched a new platform for agencies to advertise openings in a cyber workforce rotation program.
Herb Kelsey, the Project Fort Zero Team Leader at Dell Technologies, said agencies have the opportunity to focus on the policy and process side and not the technology piece of the zero trust architecture.
Federal Government agencies are now at an inflection point — there is no turning back when it comes to hybrid work environments and employees doing their jobs from anywhere. “Agencies need to make sure their employees have the technology solutions they need wherever they are working,” said Tony Wellen, vice president of federal at Spectrum Enterprise.
Tony Wellen, vice president of federal at Spectrum Enterprise said that the government is making strides in prioritizing digital infrastructure and network evolution.
“Moving from traditional networks to more secure infrastructure is the driver for network modernization, with cybersecurity being a core focus” said Tony Wellen, vice president of federal at Spectrum Enterprise.
Starting sometime next year, companies that want to sell software to the government will need to sign new attestations – certifying that they have taken certain steps to make sure their software is secure. Earlier this month, the Cybersecurity and Infrastructure Security Agency released its latest draft of the form companies will need to submit. One of the biggest changes is the attestations will have to be signed by a company’s CEO. But there are several other updates, too. For more about them and get an industry perspective, Federal News Network Deputy Editor Jared Serbu talked with Leopold Wildenauer, the Senior Manager for Public Sector Policy at the Information Technology Industry Council.
Ramping up security for today and tomorrow – how to navigate the cyber landscape safely
A proactive system of action aligns with the principles of good cyber hygiene. It ensures that organizations are not merely responsive but anticipatory, staying one step ahead of cyber adversaries. The dynamics of cyberspace dictate that agility is the need of the hour, and a comprehensive system that enables swift responses to emerging threats embodies this agility.