Treasury’s $1 billion-plus enterprisewide cloud contract is coming
The department unveiled a yearlong transition plan to what it's calling the T-Cloud.
CDM’s agency cyber risk scores will be relative, at least initially
The scores won't be public, though, "because we know adversaries will be looking to see which agencies are having problems," says Continuous Diagnostics and Mitigation program manager Kevin Cox.
Cybersecurity incidents down at federal agencies, no ‘major’ ones
The Office of Management and Budget cautioned, however, against drawing conclusions, given agencies' shifting reporting guidelines.
Why government is slow to endorse frameworks for quantifying cybersecurity risk
Until individual agencies like the Department of Energy and Department of the Treasury see success quantifying risk, the practice won't likely be mandated.
CDM deserves more support from Congress, senators say
John Cornyn, R-Texas, and Maggie Hassan, D-N.H., introduced the Advancing Cybersecurity CDM Act, which would make the program law.
CIOs weigh in on what FITARA has meant for them
The metric might not be perfect, but it enables meaningful visibility.
GAO reminds agencies of FISMA requirements, says OMB report is overdue
As of fiscal 2018, "many federal agencies were often not adequately or effectively implementing their information security policies and practices" under the Federal Information Security Modernization Act.
Data Center Optimization issue throws wrench in otherwise stable FITARA 8.0 scorecard
While no agency scored an A for overall IT management, there were, for the second time running, no failing grades either.
Agencies cite data concerns in slowness to implement CDM
The departments of Energy and Health and Human Services want to take stock of the data they have to determine how best to safeguard the information.
What keeps federal cyber experts up at night about CDM
NASA is an early CDM success story, but continuous monitoring tools need maintaining.