The head of the IRS' cybersecurity operations says the Treasury agency is making progress on logging, multifactor authentication, and other aspects of "zero trust" security to help protect taxpayer data.
With nearly 50% of the government’s roughly two million civilian employees teleworking, the federal government continues to embrace digital transformation. And, just like organizations in the private sector, web browsers have emerged as essential tools…
Join us for a discussion with the Commerce Department's André Mendes and Apptio's Nick Roughan as we discuss cloud, CX and cybersecurity at the Commerce Department.
CISA has released a new secure software attestation form, and it will require the attention at the highest levels of a company.
The Office of Personnel Management faces a tight deadline to set up a new health insurance marketplace for Postal Service employees and retirees to enroll in new plans, starting next year.
It starts with federal agencies prioritizing observability strategies. Despite its growing popularity, observability is a fresh concept – one that can be difficult to define and see as a path to resilience without first understanding its foundation. The roots of observability can simply be traced down to a collection of logs, metrics and traces by which monitoring systems can more proactively mitigate potential threats.
"The worst thing would be if we suffered a serious cyber attack, and this position was vacant."
More often than not, legacy contracts and programs with existing providers and solutions are routinely extended. That may save time, but it also prevents the innovation and collaboration needed to address modern threats.
The Environmental Protection Agency's (EPA) Integrated Risk Information System (IRIS), is one of the main tools the agency relies on for environmental regulations, containing information on human health effects that may result from exposure to various chemicals in the environment. A new report from the EPA's inspector general, said the agency needs to do a better job of who has access to it. For more on the report, the Federal Drive with Tom Temin's Executive Producer Eric White talked with Jeremy Sigel, the IG office's Supervisory Audit Manager in the Information Resources Management Directorate.
As awareness of ransomware attacks grows, more and more organizations will be taking steps to protect their data. It’s possible that attackers could shift their approach to more destructive tactics, employing tactics that nation-state hackers have previously used to cripple industrial control systems and equipment.
As zero trust increasingly becomes the norm, especially in fed, not only can we expect to see more resilience, but a greater ROI in cybersecurity overall. We just have to continue to make progress on our zero trust plans with speed and transparency at the forefront of our collective approach.
No one will argue that their agency’s attack surface has shrunk — not in a hybrid multicloud world with users accessing surfaces from anywhere all the time. Discover expert advice on how ASM can help agencies reduce their vulnerabilities dynamically.
The rule will include key details on the "most ambitious cybersecurity conformity initiative ever attempted,”
The ability to automatically monitor for suspicious activity is also critical. Thanks to SBOMs, organizations can look at the specific technology they have deployed and determine what controls they need to put in place to mitigate potential attacks.
Growing numbers of federal employees are about to come under what's known as continuous vetting. Public databases automatically monitored by security officials to make sure you haven't been criminally charged or suddenly incurred large debt. Those with national security clearance are mostly under continuous vetting already. Now the Office of Personnel Management plans to expand that to feds with so-called non-sensitive public trust positions. How should agencies prepare? How should you prepare? For insight, Federal Drive Host Tom Temin spoke with the managing partner of the Tully Rinckey law firm, Dan Meyer.