Editor’s Note: See, Does Use of Huawei or ZTE Equipment/Services Trigger SEC Cyber Risk Disclosure Requirements?
From: Federal News Radio
By Jason Miller
***
Oct
24
Commerce to leverage NOAA’s TIC
From: GCN
By Sara Friedman
***
“NOAA has developed a stack of tools that provides the same information to Einstein that a commercial provider would provide from the Managed Trusted Internet Protocol Services program,” Turk said. “We are going to start running the Department of Commerce’s traffic through this connection that NOAA has developed for us.”
Einstein is a program operated by the Department of Homeland Security that detects and blocks cyberattacks targeting federal systems. DHS is the in the process of moving into the third phase of the Einstein program that involves continuous monitoring of government networks with help from major internet service providers.
Oct
24
OMB Sets 2018 Deadline for Annual FISMA Reports
From: ExecutiveGov
The Office of Management and Budget has released a memorandum that requires federal civilian agencies to submit their annual Federal Information Security Modernization Act reports to OMB and the Department of Homeland Security by March 1, 2018, MeriTalk reported Wednesday.
Agencies should also file their FISMA reports with the Government Accountability Office and Congress, OMB Director Mick Mulvaney wrote in the memo published Monday.
Oct
20
DHS to Stand Up CDM Cloud Shared Services for Small Agencies
From: MeriTalk
By:
The Department of Homeland Security’s (DHS) National Protection and Programs Directorate (NPPD) is standing up shared Continuous Diagnostics and Mitigation (CDM) cloud security resources for small agencies.
“That’s a rock star idea that’s coming to a government near you,” said Jeffrey Eisensmith, chief information security officer for DHS, at the CISQ Cyber Resilience Summit on Oct. 19.
Oct
20
DHS piloting agile cyber acquisition, CDM for cloud, CISO says
From: FedScoop
Written by Carten Cordell
***
Eisensmith also spoke about the benefits of shared services in deploying cybersecurity options for smaller agencies, a key component of the Trump administration’s cybersecurity executive order.
He said that the continuous diagnostic and mitigation program’s group F task order would soon being offering smaller agencies cloud-based cybersecurity defenses.
Oct
11
The CDM Marathon: How Feds are Keeping Pace
From: MeriTalk
By:
While the Cybersecurity Sprint focused attention on how to generate improvements quickly, one of our most important cyber efforts – the Department of Homeland Security (DHS) Continuous Diagnostics and Mitigation (CDM) program – is unquestionably a marathon. Now in its fourth year, the program is maturing agencies’ abilities to identify cyber risks and adopt a risk-based approached to mitigation.
The program is entering Phase 3, but agency progress has been staggered. Every agency started from a different point of cybersecurity maturity, so this is not surprising.
Oct
10
How one contractor belittled the White House’s IT modernization strategy
From: Federal News Radio
By Jason Miller
***
Along with Oracle’s comments, here are a few others that were interesting or out of the ordinary:
***
• Adobe is encouraging the White House to not just accelerate the continuous diagnostics and mitigation program, but move to phase four immediately. Under phase four, DHS would provide data protection tools, such as encryption and digital rights management. Additionally, Adobe brought up the lack of any mention of citizen services in the draft strategy. “On balance, the report’s recommendations include networks, security controls and improved contracting. But these are tactics on a road toward digital modernization strategy. In contrast, a strategic focus for improving government begins with tackling the citizen and government customer experience. Ensuring a concurrent focus—or equally prioritized emphasis—on modern digital experiences achieves an even greater outcome of reduced operating costs, increased performance, and better advocacy from the electorate, as well as the hardworking personnel who execute the business of government,” Adobe stated.
Oct
03
HIPAA and FISMA: Computing with Regulated Data (A CCoE Webinar Presentation)
From: Indiana University | IUScholarWorks
Ramsey, Susan; Shankar, Anurag
Keywords:HIPAA; FISMA; Regulated Data
Type:Presentation
