Federal Cybersecurity News and Analysis
News and analysis covering cybersecurity across the U.S. federal government. The increasing digitization of vital information and government services has left key agencies correspondingly vulnerable to data breach by rogue actors and U.S. adversaries. This imperative to safeguard federal IT against malicious intrusion has motivated decision-makers across federal agencies to continue applying breaking cybersecurity methods to core systems.
Connected capabilities can improve mission activities, but requires the right infrastructure, security and governance.
The Office of Justice Programs leveraged zero trust strategies as a pillar to modernize its grants management system.
Automation has played a key role in helping improve cybersecurity processes, but workforce constraints still hamper efforts.
DOD leaders say you can't have JADC2 without zero trust and a "data-centric" approach to cyber.
Of the $14.1 billion proposed IRS budget, $798 million will improve the taxpayer experience and $310 million will fund Business Systems Modernization.
The agency is looking to implement large-scale information security reforms designed to meet White House goals and counter an evolving threat landscape.
The budget proposal outlines an increase of over $2.6 billion from last year's enacted level.
Division Assistant Director Bryan Vorndran sees a growing cyber workforce and improved avenues of collaboration as key.
The zero trust prototype will attempt to harmonize existing security solutions for a cloud-first environment.
CISA encourages federal agencies to adopt a zero trust approach to cybersecurity to prevent cyberattacks.
The spending boost and new requirement come as U.S. critical infrastructure sectors prepare for more cyberattacks.
Vendors need to be connected to maintain security between all end points and service providers.
CISA Director Jen Easterly encouraged critical infrastructure organizations and federal agencies to aggressively shore up cyber defenses as Russia bombards Ukrainian critical infrastructure with malware.
Organizations should treat zero trust like a mindset rather than as a set of rules or tools.
Tools like software bills of materials can improve software supply chain visibility and security.
Establishing security requirements at the beginning of the software development life cycle is key.
After a pause in the program, the Cybersecurity Maturity Model Certification will now fall under the DOD Office of the Chief Information Officer.
The initiative will help defense leaders develop more aggressive cyber defenses.
Future iterations of the scorecard could include expanded cybersecurity and infrastructure categories.