Tag Archives: risk management

A Federal Information Security Management Act (FISMA) report submitted by the Office of Management and Budget (OMB) to Congress shows an 8 percent drop in cybersecurity incidents reported by agencies in fiscal year 2019.

1901 Group has secured a seven-month, $2.1 million agreement, under its joint venture partner agreement with the National Technical Information Service (NTIS) for data innovation support, to assist the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency's (CISA) National Risk Management Center (NRMC), the company announced on Thursday. 

The Department of Energy’s office of cybersecurity, energy security and emergency response has advised partners in the government and energy industry to be vigilant to phishing attacks, malicious emails and other cyber threats amid the new coronavirus pandemic. CESER is calling on corporate leaders to advise their employees to be aware of risks associated with phishing, external emails and social engineering, DOE said Thursday.

Paul Cunningham, chief information security officer at the Department of Veterans Affairs, said VA wants to learn from the Department of Defense’s experience and challenges when it comes to the deployment of electronic health records system in order to facilitate its own EHR rollout, Nextgov reported Thursday.

CyberX, an IoT security company, has collaborated with Microsoft Azure Security Center for IoT to develop a unified view of security across managed and unmanaged IoT devices, Microsoft announced on Friday. 

An inspector general report evaluated the Office of Personnel Management’s security program and practices in compliance with the Federal Information Security Modernization Act and offered 47 recommendations to OPM, Nextgov reported Thursday.

The National Cybersecurity Center of Excellence, an agency within the National Institutes of Standards and Technology, seeks public feedback on a recently drafted implementation project description. NCCoE said its project, known as Validating the Integrity of Servers and Client Devices, aims to demonstrate implementations that allow organizations to verify the authenticity of purchased computing tools.

Grant Schneider, federal chief information security officer, said the Federal Acquisition Supply Chain Council will prioritize the development of guidance in 2020 to help agencies address security threats to the supply chain, Nextgov reported Tuesday.

The General Services Administration and the Department of Energy are launching initiatives to address cybersecurity risks, Federal News Network reported Friday. Larry Hale, director of information technology security subcategory at GSA’s Federal Acquisition Service, said the agency is taking steps to ensure the security of products agencies procure from acquisition schedules.

The Defense Logistics Agency is working to implement the Office of Management and Budget’s policy mandating the integration of risk management and internal controls throughout the agency.