Saturday, December 4, 2021

Subscribers Only

Free

OMB Sets New CDM Data Standards Deadline for Agencies

In a recent memo on FY2021 requirements under the Federal Information Security Management Act, Office of Management and Budget director Russ Vought established new agency deadlines for implementation of continuous diagnostic and mitigation programs. By the end of FY2021, agencies must certify that they have implemented the CDM Program Data Quality Management Plan and are […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

OIG Recommends 5 Actions to Strengthen DHS Cyber Workforce

The Department of Homeland Security Office of Inspector General reviewed the department’s information security program for compliance with Federal Information Security Modernization Act requirements, to determine whether its program and practices adequately and effectively protected data and information systems supporting DHS’ operations and assets for FY 2019. In a report partially redacted for the public, […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

DHS Has Secured the Nation’s Election Systems, but Work Remains to Protect the Infrastructure

DHS has improved its efforts to secure the nation’s voting systems, but should take additional steps to protect the broader election infrastructure, which includes polling and voting locations and related storage facilities, according to a new report from the DHS Office of Inspector General. The Cybersecurity and Infrastructure Security Agency (CISA) has developed a set […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

Buy 1 Get 2 Free Special on Cyber Regulations: DoD Interim Rule Unveils 3...

The Department of Defense (DoD) has released its eagerly anticipated Interim Rule amending the Defense Federal Acquisition Regulation Supplement (DFARS) to implement two major initiatives: the National Institute of Standards and Technology (NIST) Special Publication (SP) 800-171 DoD Assessment Methodology and the Cybersecurity Maturity Model Certification (CMMC). The Interim Rule introduces the related clauses DFARS 252.204-7019, Notice of […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

DFARS Interim Rule: Assessing Contractor Implementation of Cybersecurity Requirements

The Department of Defense has issued an interim rule amending the DFARS to implement a DoD Assessment Methodology and the Cybersecurity Maturity Model Certification framework. DoD is implementing a phased rollout of CMMC. Until September 30, 2025, the clause at 252.204–7021, Cybersecurity Maturity Model Certification Requirements, is prescribed for use in solicitations and contracts, including […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.
executive

GAO Identifies Shortcomings in Agency Implementation of Network Monitoring Program

The Federal Aviation Administration, Indian Health Service, and Small Business Administration have deployed tools intended to provide cybersecurity data to support the DHS Continuous Diagnostics and Mitigation program, according to a new report from GAO. However, while all three agencies reported that the program improved their network awareness, none had effectively implemented all key CDM […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

GAO: Federal Agencies and OMB Need to Continue to Improve Management and Cybersecurity

Federal agencies and the Office of Management and Budget (OMB) have taken steps to improve the management of information technology acquisitions and operations and ensure the nation’s cybersecurity through a series of initiatives, GAO reports. As of July 2020, federal agencies had fully implemented 64 percent of the 1,376 IT management-related recommendations that GAO has […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.

The Rise of Internet of Things Security Laws: Part I

Blank Rome has contributed an article to the latest edition of Pratt's Privacy and Cybersecurity and Law Report discussing the enactment of California’s Internet of...

GAO: Federal Agencies Need to Coordinate on State Agency Cyber Oversight

GAO was asked to evaluate federal agencies’ cybersecurity requirements and related assessment programs for state agencies. The objectives were to determine the extent to...

Critical Infrastructure Protection: Actions Needed to Enhance DHS Oversight of Cybersecurity at High-Risk Chemical...

The Chemical Facility Anti-Terrorism Standards (CFATS) program within the Department of Homeland Security (DHS) evaluates high-risk chemical facilities’ cybersecurity efforts via inspections that include reviewing policies and procedures, interviewing relevant officials, and verifying facilities’ implementation of agreed-upon security measures. In a recent audit, GAO found that the CFATS program has guidance designed to help the […]
Must be a Paid Member or a Free Trial Member to Access Content. Members log in here.