Information Security

Home Information Security

CMS CISO: In Cybersecurity, Beware Death by a Thousand Vulnerability Reports

“Security has a lot of tools. We have tools to scan networks, code, open-source libraries, databases, cloud configuration, endpoints, infrastructure as code, and more. As security teams, among our key modes of communication are vulnerability reports. More specifically, identifying these issues and letting others know about them with the appropriate context so they can be […] The post CMS CISO: In Cybersecurity, Beware Death by a Thousand Vulnerability Reports appeared first on FedHealthIT, a service of MileMarker10.

FCW: SBA faces fraud risks and IT security woes, IG says

“The Small Business Administration has been inundated with potentially fraudulent proposals for economic relief during the COVID-19 pandemic, at a time when increased workload throughout the agency deflected attention from IT security issues, the agency’s Inspector General Hannibal Ware testified Wednesday. Economic relief programs associated with recovery efforts around the pandemic, including the COVID-19 Economic Injury Disaster Loan (EIDL) program, […] The post FCW: SBA faces fraud risks and IT security woes, IG says appeared first on G2Xchange FedCiv.

MeriTalk: Federal Agencies Require More Work to Be Cyber Ready

“Kevin Walsh, director of Information Technology and Security at GAO, explained at a Jan. 11 event organized by GovExec that Federal agencies currently face four major cybersecurity challenges: establishing a comprehensive strategy and performing effective oversight; securing Federal systems and information; protecting critical cyber infrastructure; and protecting privacy and sensitive data. To solve these challenges, agencies must focus on big […] The post MeriTalk: Federal Agencies Require More Work to Be Cyber Ready appeared first on G2Xchange FedCiv.

Federal News Network Commentary: Let the dust settle on CMMC 2.0

“At a high level, here are the important takeaways from CMMC 2.0: There are now going to be three levels of security, reduced from CMMC 1.0’s five levels. The new Level 1 security retains the same 17 controls as CMMC 1.0 Level 1 but removes independent validation requirements, allowing DIB vendors to perform annual self-assessments. The new Level 2 (previously […] The post Federal News Network Commentary: Let the dust settle on CMMC 2.0 appeared first on G2Xchange FedCiv.

Press Release: Aveshka awarded DOJ USMS subcontract for Prisoner Biometric Identification Software Development Kit...

“Aveshka, Inc. a trusted provider of innovative technologies was awarded a subcontract with the U.S. Marshals Service’s (USMS) Justice Prisoner Alien and Transportation System (JPATS) to deliver a Biometric Identification Software Development Kit (SDK). Aveshka is a subcontractor to Rank One Computing Corporation (ROC). JPATS supports the Department of Justice and the federal judiciary by managing the coordination, scheduling and […] The post Press Release: Aveshka awarded DOJ USMS subcontract for Prisoner Biometric Identification Software Development Kit (SDK) appeared first on G2Xchange FedCiv.

FedScoop: Commerce launches pilot to understand vendors’ cyber capabilities

“The Department of Commerce launched a pilot program to improve its understanding of vendors’ cybersecurity and related IT capabilities, as well as industry’s understanding of its mission needs. Dubbed the Government and Business Exchange (GABE), the forum will consist of 30-minute sessions hosted by Enterprise Services-Acquisition to share existing and emerging cyber requirements and watch vendor demonstrations…” “The Department of […] The post FedScoop: Commerce launches pilot to understand vendors’ cyber capabilities appeared first on G2Xchange FedCiv.

Federal News Network: Lawmakers see ‘real opportunity’ to modernize federal cyber playbook

“The House Oversight and Reform Committee released a ‘discussion draft’ of its FISMA reform bill today. Chairwoman Carolyn Maloney (D-N.Y.) said it holds a lot of similarities with a bill that passed the Senate Homeland Security and Governmental Affairs Committee last fall. ‘We have a real opportunity to pass FISMA reform this year, and to protect the intellectual property, sensitive […] The post Federal News Network: Lawmakers see ‘real opportunity’ to modernize federal cyber playbook appeared first on G2Xchange FedCiv.

Government Technology Insider: In 2022, Agencies Will Return Their Focus to FedRAMP Solutions

“It could be a breakthrough year for the Federal Risk and Authorization Management Program (FedRAMP). The SolarWinds attack of late 2020 brought a nearly overnight shift in the nation’s attention to securing its data networks and IT supply chain. In fiscal 2021, agencies reused more FedRAMP-authorized cloud security packages than ever before – a 45 percent increase from the prior […] The post Government Technology Insider: In 2022, Agencies Will Return Their Focus to FedRAMP Solutions appeared first on G2Xchange FedCiv.

Treasury OCC awards $19M Cybersecurity Assessments contract

Beating out seven other bidders, this small business that delivers solutions to complex security challenges has been awarded a 5-year, $19M contract by the Department of the Treasury's Office of the Comptroller of the Currency to provide cybersecurity assessments and compliance. The post Treasury OCC awards $19M Cybersecurity Assessments contract appeared first on G2Xchange FedCiv.

Nextgov: NIST Updates Cybersecurity Engineering Guidelines

“Set against a national backdrop of enhanced cybersecurity risk across all industries, the National Institute of Standards and Technology updated its guidance for system engineers. Called the ‘Engineering Trustworthy Secure Systems,’ the document stems from President Joe Biden’s 2021 executive order aimed at boosting the federal government’s defenses in the wake of several large-scale attacks on critical infrastructure…” “’This publication […] The post Nextgov: NIST Updates Cybersecurity Engineering Guidelines appeared first on G2Xchange FedCiv.

EDITOR PICKS