Securing open-source software is a unique challenge, and the federal government is just starting to develop ways to evaluate and minimize security risks associated with its use.
Health and civilian agencies expect to build off progress to improve health equity, smarter IT acquisitions and better customer experience through digital services.
Federal agencies will need to incorporate post-quantum cryptography into their data security frameworks to avoid potential cybersecurity risks from quantum computers.
CISA and GSA identity management leaders unpack new playbook.
Ransomware-related filings skyrocketed in the second half of 2021, costing U.S. critical infrastructure more than $1 billion in ransomware payments.
CISA is confident in the security and resiliency of election infrastructure, but concerns remain due to a complex threat environment.
The final episode in this miniseries explores ransomware trends and strategies from CISA's perspective.
The State of the Federal Cyber Workforce report outlines areas for improvement and a new action plan.
CISA's new directive aims to improve asset visibility and allow to manage cybersecurity risks federal agencies face.
Data standards and governance determine federal agencies's readiness for zero trust.
OMB’s new supply chain memo calls on agencies to utilize software that has been built following common cybersecurity practices.
SBOMs and transparency are key to resilient cybersecurity models.
CIO John Sherman highlighted a new upcoming cybersecurity workforce strategy to help its tech talent problem.
Good cyber defense comes down to consistent communication and information-sharing.
CISA Director Jen Easterly wants to make cyber defense and collaboration 'sexy.'
CISA said moving to hybrid cloud also reduces cybersecurity complexity.
CISA’s Robert Costello and Commerce’s Nagesh Rao talk zero trust, standardization and culture change.
Customer-facing services like the CMS provide unique cybersecurity challenges, but the White House's Office of the National Cyber Director is providing new funding assistance.
Concepts and mandates such as cyber incident reporting, DevSecOps and zero trust only go so far.