NSA, CISA release compendium of security practices for software developers


The agencies have worked with industry to develop a set of recommendations that includes more in-depth source code reviews.

President’s NSTAC advisory committee proposes real-time monitoring of operational technology across federal agencies


The President’s National Security Telecommunications Advisory Committee also recommends that CISA work with GSA to establish guidance on federal procurement language for operational tech.

Lack of identity engineers hinders agencies’ MFA adoption


A new generation of identity talent is needed to usher in factors beyond PIC and CAC cards, cyber experts say.

OMB guidance presents chance to standardize software bill of materials


Practical deadlines for vendors and a concrete process for using the information SBOMs contain at agencies are needed, security experts say.

NIST gives agencies new guidance to prepare for next SolarWinds-like hack


During the 2020 SolarWinds hack, bad actors were able to access thousands of networks inside and outside government.

Commerce CIO: Solarwinds pushed agency to abandon siloed approach to cybersecurity


André Mendes says the 2020 breach led to a major change in how IT leaders at the agency work together on cybersecurity.