The Federal Risk and Authorization Management Program has released updated two-volume guidance aimed at helping cloud service providers understand the process of certification from the cybersecurity risk management program. Volume 1 of
More
Federal agencies realized the importance of government-industry collaboration while responding to the cyberattacks on SolarWinds’ network monitoring software and Microsoft’s Exchange email service, according to a Government Accountability Office report. GAO found
More
Reps. Yvette Clarke, D-N.Y., and Ritchie Torres, D-N.Y., have asked the Cybersecurity and Infrastructure Security Agency to provide information on efforts to further advance the adoption of multifactor authentication to protect federal
More
Log4j is popular Java-based software intended to assemble a log to troubleshoot problems or record data. In November 2021, users noticed that there was an error in the program, which impacted almost a
More
The Government Accountability Office reviewed FISMA reports of 23 civilian Chief Financial Officers Act of 1990 agencies and preliminary results showed inconsistency in agencies’ implementation of requirements under the Federal Information Security
More
The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA) and FBI have jointly authored an advisory to alert organizations about state-sponsored cyber threats from Russia. The joint cybersecurity advisory tackles
More
The Information and Communications Technology Supply Chain Risk Management Task Force (ICT SCRM) has announced the Small Business Administration (SBA), National Association of State Chief Information Officers and the National Association of
More
The Department of Defense has launched a new consortium aimed at creating two-way communications between agency leaders and the academe to discuss cybersecurity issues, DOD News reported Monday. Senior cyber leaders across
More
Jen Easterly, director of the Cybersecurity and Infrastructure Security Agency, said that although there has been no major cyberattacks linked to a flaw in the Log4j software code so far, the vulnerability
More
The General Services Administration has released an interim rule to facilitate and complete the transfer of the DotGov Domain Program’s management, operation and ownership from GSA to the Cybersecurity and Infrastructure Security
More