Home / Tag Archives: risk management

Tag Archives: risk management

NCCoE Calls for Public to Comment on Cybersecurity Project Description

The National Cybersecurity Center of Excellence, an agency within the National Institutes of Standards and Technology, seeks public feedback on a recently drafted implementation project description. NCCoE said its project, known as Validating the Integrity of Servers and Client Devices, aims to demonstrate implementations that allow organizations to verify the authenticity of purchased computing tools.

Read More »

Grant Schneider: Federal Acquisition Supply Chain Council Eyes Guidance for Agencies in 2020

Grant Schneider, federal chief information security officer, said the Federal Acquisition Supply Chain Council will prioritize the development of guidance in 2020 to help agencies address security threats to the supply chain, Nextgov reported Tuesday.

Read More »

GSA, DOE Officials on Federal Efforts to Reduce Cyber Risks

The General Services Administration and the Department of Energy are launching initiatives to address cybersecurity risks, Federal News Network reported Friday. Larry Hale, director of information technology security subcategory at GSA’s Federal Acquisition Service, said the agency is taking steps to ensure the security of products agencies procure from acquisition schedules.

Read More »

Christopher Krebs: CISA Eyes Consolidation of Civilian Agencies’ Cyber Efforts

Christopher Krebs, director of the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency and a 2019 Wash100 winner, said CISA is collaborating with the Office of Management and Budget and Congress to explore approaches to consolidate civilian agencies’ cybersecurity initiatives, Nextgov reported Thursday.

Read More »

NIST Looks to Develop Common Cyber Standards for IoT Devices

The National Institute of Standards and Technology solicited comments from industry partners as it works on a set of cybersecurity standards for manufacturers and users of internet of things-based devices, Federal News Network reported Tuesday. NIST officials held a workshop at its Gaithersburg, Md.-based headquarters Tuesday to seek industry feedback on an IoT risk management report released in June.

Read More »

GAO: Agencies Should Apply Risk Mgmt, Cybersecurity Practices

The Government Accountability Office has listed 58 recommendations to help agencies implement key practices in their respective risk management and cybersecurity initiatives. The recommendations include coordination with the secretary of the Department of Homeland Security, development of a risk management process document, facilitation of organization-wide security assessments and modernization of risk evaluation policies, GAO said in a report published Thursday.

Read More »

NIST Issues Privacy Framework for Improved Security, Risk Management

The National Institute of Standards and Technology released its draft of "Privacy Framework" that provides information on how agencies and partners could identify and manage privacy risks more efficiently amid the growing use of the internet and new information technology platforms. “The Privacy Framework provides a common language for understanding, managing and communicating privacy risk with internal and external stakeholders,” NIST said in the document issued Tuesday.

Read More »

DHS Officials Discuss Efforts of Two Newly Formed Groups to Ensure Supply Chain Security

Officials from the Department of Homeland Security discussed the functions and responsibilities of two new organizations created to address cyber vulnerabilities in the technology supply chain during an Atlantic Council event, FCW reported Thursday. DHS formed a supply chain task force, while the Secure Technology Act passed by Congress created the Federal Acquisition Supply Chain Security Council intended to build cybersecurity resilience into federal acquisition rules.

Read More »