DHS, agencies need to improve compliance on cybersecurity directives, GAO says

by • 2 weeks ago

The congressional watchdog took a close look at implementation of the binding operational directives (BODs) that DHS issued to civilian agencies through December 2018.

Three agencies pull ahead in latest FITARA scorecard

by • 2 months ago

The Department of Education, GSA and USAID all got overall A grades in the latest assessment of agency IT management.

Let’s Talk About IT Ep. 7 — Is federal cybersecurity getting better?

by • 4 months ago

In this episode, sponsored by Cisco, FedScoop chats with Air Force CISO Wanda Jones Heath and Cisco's Will Ash.

Treasury’s $1 billion-plus enterprisewide cloud contract is coming

by • 5 months ago

The department unveiled a yearlong transition plan to what it's calling the T-Cloud.

CDM’s agency cyber risk scores will be relative, at least initially

by • 5 months ago

The scores won't be public, though, "because we know adversaries will be looking to see which agencies are having problems," says Continuous Diagnostics and Mitigation program manager Kevin Cox.

Cybersecurity incidents down at federal agencies, no ‘major’ ones

by • 6 months ago

The Office of Management and Budget cautioned, however, against drawing conclusions, given agencies' shifting reporting guidelines.

Why government is slow to endorse frameworks for quantifying cybersecurity risk

by • 6 months ago

Until individual agencies like the Department of Energy and Department of the Treasury see success quantifying risk, the practice won't likely be mandated.

CDM deserves more support from Congress, senators say

by • 7 months ago

John Cornyn, R-Texas, and Maggie Hassan, D-N.H., introduced the Advancing Cybersecurity CDM Act, which would make the program law.

CIOs weigh in on what FITARA has meant for them

by • 7 months ago

The metric might not be perfect, but it enables meaningful visibility.

GAO reminds agencies of FISMA requirements, says OMB report is overdue

by • 7 months ago

As of fiscal 2018, "many federal agencies were often not adequately or effectively implementing their information security policies and practices" under the Federal Information Security Modernization Act.

TwitterFacebookLinkedInRedditGoogle Gmail