Zero-day vulnerabilities live on average for 6.9 years and have a low rate of discovery by other entities, which could argue in favor of stockpiling them, according to a comprehensive study by the RAND Corporation.
President Trump signed an executive order promising "a comprehensive plan for reorganizing the federal government."
Software giant CA will pay the U.S. government $45 million to settle allegations that it overcharged the General Services Administration for software licenses.
Two DHS components launched social media screening pilots in the wake of the San Bernardino shooting. The agency's internal watchdog wants to see improved coordination and measurable goals.
Defense agency contract obligations for IT and telecom services dipped over the last five years under the Budget Control Act, even as civilian side obligations held steady.
In his most pointed comments on IT to date, David Shulkin, secretary of Veterans Affairs, said that the agency will move to off-the-shelf software.
The bank regulator was responsible for 10 of 16 major information security incidents recorded in the FY2016 FISMA report.
Inspectors general fear that budget cuts could force agencies to choose between spending on program operations and cybersecurity.
The Department of Homeland Security is not providing enough context around the cyber threat indicators it shares with the private sector for firms to use the data effectively, say industry leaders.
A bipartisan letter from the House Oversight and Government Reform Committee seeks information on Trump administration compliance with federal recordkeeping laws.
Two Republican lawmakers introduced bills that would limit the amount of time that federal employees spend on union activities during work hours.