Identity Authentication

Army plans ICAM rethink to support unified network operations

To make mobile device use more secure, the Army is preparing a new identity and access requirements as it adopts zero trust security principles.

White House embeds cyber EO in FISMA reporting

Federal agencies will be reporting on zero-trust adoption and automation efforts in their annual cybersecurity reports to the Office of Management and Budget.

Funding challenges hamper cyber EO compliance, CIOs say

A group of agency CIOs shared their biggest obstacles in meeting a series of aggressive deadlines and modernization goals of the Biden administration's sweeping cybersecurity executive order.

GSA looks to scale Login.gov with TMF award

The General Service Administration plans to scale up the Login.gov program to make digital identity verification a more equitable and secure practice after it was awarded nearly $187 million through the Technology Modernization Fund.

House reconciliation bill includes nearly $800 million for CISA

The funding supports the implementation of President Joe Biden's May executive order on cybersecurity and workforce development.

Digital ID left out of infrastructure bill

A plan to get federal support and funding behind digital identity proofing as a way to combat benefits fraud wound up on the cutting-room floor as the Senate crafted its $1.2 trillion infrastructure bill.

Agency zero trust does not start from point zero

The good news is that consistent IT policy spanning previous presidential administrations has allowed the federal government to slowly put the necessary building blocks in place for the inevitable zero trust architecture journey.

CISA launches new initiative to combat ransomware

The Joint Cyber Defense Collaborative (JCDC) will allow the federal government and corporate partners share information to combat ransomware.

CISA predicts cyber EO will drive progress on zero trust

Most agencies are just getting started creating plans around zero trust, but tight deadlines featured in President Joe Biden's cybersecurity executive order and a wave of new guidance, may speed up implementation across the entire government.

VA watchdog warns of security risks from undocumented PIV cards

A new report warns contracting officers at the Veterans Health Administration are failing to comply with agency and federal guidelines ensuring contractor personnel return personal identity verification (PIV) cards after employment.

Creating a more resilient American infrastructure

With the necessary reforms to modernize federal IT now clearer, it's critical to call out that the government has far too long relied on antiquated technologies that cannot thwart today's stealthy and persistent adversaries.

White House tees up cyber labeling policy

A 2020 law could provide some legal cover for executive orders regulating software and IoT cybersecurity, but new legislation could be required.

Why the network compass is obsolete

Old labels for network traffic are out of date with government users connecting from devices outside traditional perimeters, but TIC 3.0 offers a new map.

Senate Dems demand answers on DOJ's hack exposure

A group of Democratic senators want detailed answers from the Justice Department and the judiciary branch by the end of the month about the impact of the SolarWinds breach.

FireEye not ready to ascribe SolarWinds hack to Russia

The cybersecurity firm credited with discovering the compromise of SolarWinds Orion isn't saying that Russia didn't do it, but that more evidence is needed to make a definitive attribution.

Watchdog: GSA needs to account for contractor PIV cards

The General Services Administration still needs to do a better job tracking and recovering access cards from its contractors, according to a report for the agency's watchdog.

Civilian-side CMMC

The General Services Administration will add more supply chain and cybersecurity protection language, including DOD's CMMC requirements for vendors, to its new contracts as risks grow, according to one of the agency's top acquisition managers.