CISA makes significant progress deploying EDR tools on agency systems

CISA Director Jen Easterly said her agency has completed EDR deployments at eight federal agencies, with five more in progress.

  • The Cybersecurity and Infrastructure Security Agency is making progress toward deploying, onto agency systems, Endpoint Detection and Response (EDR) tools. CISA Director Jen Easterly said her agency has completed EDR deployments at eight federal agencies, with five more in progress. In testimony before the House Appropriations Committee yesterday, Easterly said the EDR tools allow CISA to identify cyber attacks on agency networks within minutes. Within just the last six months, Easterly said the cyber agency has detected more than 1,900 threats on federal networks using the new tools.
    (Witness testimony of Jen Easterly - House Appropriations Committee homeland security subcommittee)
  • The Defense Innovation Unit has a new deputy director of commercial operations. In her new role, Liz Young McNally will oversee commercial operations at DIU, including the National Security Innovation Network and the National Security Innovation Capital initiative. She will work closely with the Office of Strategic Capital and the Office of Industrial Base Policy. This new position is key to executing DIU’s new strategy to scale commercial technology across the DoD.
  • After the White House’s return-to-office push, agencies are most of the way there, but frustrations are still brewing in Congress. House Republicans are urging further in-person presence of federal employees. Currently, agencies are about 80% in compliance with a White House goal for feds to spend half their work hours in the office. But Oversight committee members said the Biden administration’s 50% target does not take things far enough. They are raising concerns about the costs of office space, and delays in federal services. In response, Office of Management and Budget Deputy Director for Management Jason Miller told lawmakers he is still focused on reaching full compliance with the 50% in-office target. “We expect agencies to completely follow through on their implementation, and we’ll hold them accountable for that,” Miller said. OMB has not given agencies a specific deadline for those return-to-office plans.
  • Virginia lawmakers are demanding more transparency from the Postal Service, after seeing persistent mail delays. Sen. Mark Warner (D-Va.) said Postmaster General Louis DeJoy is apologizing for mail delays following the rollout of a Regional Processing and Distribution Center in Richmond, Virgina. It is a huge facility where USPS sorts mail and packages going to other regions. USPS said it is the first of about 60 such sites it plans to open. But Richmond got only about 65% of first-class mail delivered on time after USPS opened this facility. That is about 20 points lower than before this change. Warner said USPS needs to do a better job training employees at the new facility and expects performance to improve. “I do think if this reform is successfully implemented, we will see better service,” Warner said.
  • The Cybersecurity and Infrastructure Security Agency has 30 days to establish or designate an office of the national coordinator to serve as the single point of contact for sector risk management agencies, like the departments of Energy or Health and Human Services, across the government. This is one of 13 short- or long-term deadlines detailed in a new National Security Memo signed by President Joe Biden yesterday. The memo reasserts and expands CISA's role in protecting the 16 critical infrastructure sectors like telecommunications, finance and electricity. It also further encourages the intelligence community to share more threat intelligence with critical infrastructure operators. The National Security Memo updates a 2013 memo signed by then-President Barack Obama.
  • The Defense Department Cyber Service Academy (DoD CSA) has officially merged with what was the DoD Cyber Scholarship Program. This merger will allow the DoD’s Office of the Chief Information Officer to better allocate scholarship funds. It will also enable the office to streamline its administrative processes. The academy, which is currently selecting candidates for 2024, pays education expenses for students who want to study cybersecurity in return for a commitment to work at the DoD. The program was established in 2023 to help DoD recruit and retain cyber and IT talent.
  • The General Services Administration, colloquially known as the federal government's landlord, is moving ahead with plans to get rid of underutilized office space. The Treasury Department’s Bureau of the Fiscal Service is moving out of its current space in the Liberty Loan Building and relocating to the U.S. Mint headquarters. GSA plans to sell or dispose of the Liberty Loan Building, which would eliminate 141,000 sq. ft. of office space and save about $15 million it would have otherwise spent to maintain the building. GSA is looking to "right size" federal office space, now that many federal employees are on a hybrid work schedule.
  • The Biden administration said it is making progress on early-career hiring efforts. After pushing agencies to boost internship opportunities, the Office of Management and Budget said the number of federal interns increased 33% in just one year. And OMB official Jason Miller told House lawmakers this week that internships may see even more growth. With a recent update to the Pathways Program, the administration is eyeing more paid internships as a way to open doors to more diverse candidates.
    (Hearing with the Office of Management and Budget - House Oversight and Accountability Committee)
  • The lead cyber office at the Energy Department said artificial intelligence poses both risks and opportunities for the nation’s energy infrastructure. That is according to a new assessment from DOE’s Office of Cybersecurity, Energy Security, and Emergency Response (CESER). CESER said the benefits of AI for the energy sector include use cases such as predictive maintenance and better system planning. But introducing AI to energy systems also brings with it the potential for unintentional failure modes, adversarial attacks and other challenges. CESER said it will host listening sessions on AI with members of the energy sector, such as oil and gas companies, this summer.

Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.

Related Stories