software supply chain
Securing open-source software is a unique challenge, and the federal government is just starting to develop ways to evaluate and minimize security risks associated with its use.
DevSecOps practices could secure open source technology as new threats emerge.
The Centers for Medicare and Medicaid Services is working to build an open source software office that will facilitate data-sharing across the public health ecosystem.
Modernizing approaches to software security leads to better detecting vulnerabilities and preventing zero-day incidents like the SolarWinds attack.
CFPB and DOE shift their attention to zero trust as they work to eliminate risks and build a higher level of protection around their software supply chains.
OMB’s new supply chain memo calls on agencies to utilize software that has been built following common cybersecurity practices.
Concepts and mandates such as cyber incident reporting, DevSecOps and zero trust only go so far.
Kessel Run, DOD's first software factory, is about to help one air combat command unit move all operations to a software environment designed via DevSecOps.
Software supply chain risk management and continuous monitoring are key strategies for maintaining a strong cyber posture in the cloud.
SolarWinds, CISA and the White House issued new information regarding the state of cyber and advised how to better secure critical infrastructure.
Eric Hysen brings his experience at USCIS to a reimagined office focused on cybersecurity and data management.
Cyber vulnerabilities in federal agencies' supply chains aren't going away any time soon, and addressing them will take a consistent, concentrated effort.
Transitioning to 5G is a key strategy for federal agencies' network modernization efforts, but the next generation of communication comes with unique supply chain hazards.
DHS cyber leaders have a laundry list of items for federal CISOs to address.
Greater supply chain transparency and information-sharing will improve federal cyber posture.
As cyber crime explodes, cyber experts and federal cyber leaders insist on systemic change.
DHS and CISA want to lead the federal register and private industry by example.
FDA is tackling security measures for the health technologies it regulates.