Cybersecurity Executive Order
GSA to set baseline requirements for cloud providers through Ascend
Requirements will emphasize Cloud Smart objectives and cybersecurity supply chain risk management while providing agencies an open source experience.
OMB working to develop system for real-time zero trust scoring
If implemented, OMB’s desired system would compare a session’s trust score to the trust requirement on a function or feature.
CISA releases second version of secure cloud migration guidance for agencies
Next up the agency will publish finalized TIC 3.0 cloud use cases and a new version of the Zero Trust Maturity Model.
FAR updates that would mandate cyber incident reporting for contractors a year or more away
OMB has submitted two proposals for updating contract language to the FAR Council.
TIC program releases draft Cloud Use Case
The use case is the last one required by the Office of Management and Budget in its September 2019 memo launching the initiative.
OMB guidance presents chance to standardize software bill of materials
Practical deadlines for vendors and a concrete process for using the information SBOMs contain at agencies are needed, security experts say.