risk management

NIST releases automation-friendly security and privacy assessment procedures

by • 7 months ago

The agency developed an online comment tool to release future controls and assessment procedures concurrently to keep pace with evolving cyber threats.

DOD CIO updating cyber reciprocity guidance after audit finds weaknesses

by • 8 months ago

In a recent audit, the DOD IG observed a mixed bag of some DOD components leveraging reciprocity and others not.

Delayed DHS biometrics system’s risk management issues persist

by • 1 year ago

GAO says acquisition practices for the new system, HART, must also be improved.

GAO: Agencies must ramp up supply chain risk management practices

by • 2 years ago

A new GAO report reveals that few agencies have implemented recommended practices for managing IT supply chain risks, especially pertinent following the SolarWinds attack.

Cloud and AI key to managing risk for government agencies

by • 2 years ago

IT leaders are overwhelmed with security and regulation requirements. But using AI-enabled tools and a holistic cloud strategy can help agencies better mitigate security risk.

State Department is looking for tools to manage its global supply chain risk

by • 2 years ago

The department wants to better understand its supply chain of IT vendors and be able to rapidly discover or anticipate risks to its networks.