Operational Policy

Why good program governance is a key to success

Having the rights stakeholders with the right information is imperative to improving decision-making.

  • By Richard Spires

Lawmakers examine TSA's growing role in cyber

Lawmakers on the Homeland Security Committee convened cybersecurity experts and key stakeholders from the transportation industry to discuss new rules in the works for the transportation sector.

  • By Chris Riotta

New missions could present challenges for the DOD cyber workforce

Mieke Eoyang, the deputy assistant secretary of defense for cyber policy said one of DOD's main cyber workforce challenges is being able to set expectations around policymakers' calls to step in and defend against cyberattacks.

  • By Lauren C. Williams

OMB report highlights major barriers to equity in federal programs

Onerous paperwork, complex requirements and opaque guidelines are just some of the many roadblocks preventing racial equity across government services, a new report says.

  • By Chris Riotta

NIST defines 'critical software' under the cyber EO

The National Institute of Standards and Technology's new definition of "critical software" is foundational to new federal efforts to exert more control over the code supply chain.

  • By Chris Riotta

Biden's pick to lead GSA: 'We can't implement government policy if we can't get the damn websites to work'

Robin Carnahan said she will focus on making General Services Administration's offerings more user friendly and digitally secure while improving governmentwide cybersecurity efforts.

  • By Chris Riotta

TSA's role in pipeline security looks like a weak link to some in government and industry

Questions about whether TSA is rightly positioned to oversee cybersecurity for natural gas and oil pipelines are resurfacing in the wake of the ransomware attack on Colonial Pipeline.

  • By Justin Katz

Why zero trust is having a moment

Improved technologies and growing threats have agencies actively pursuing dynamic and context-driven security.

  • By Troy K. Schneider

Biden taps D.C. employment lawyer to lead MSPB

The Merit Systems Protection Board has been without Senate-confirmed leadership since March 2019 and without a quorum to decide appeals since January 2017.

  • By Adam Mazmanian

We need more federal guidance on mobile IT security

Effective systemwide security requires mobile threat detection and privacy measures to be active on as many devices as possible.

  • By Sean Kanuck

Expected breach disclosure mandates will test government-industry cooperation

The White House and lawmakers are eyeing steps to make sure contractors have to alert the federal government to cybersecurity breaches on their systems, but expect companies to balk at rules that put them at risk for legal action or require the disclosure of trade secrets.

  • By Justin Katz

ATO ASAP: Streamlining government security with a Federal Compliance Library

With communal resource for commonly used components, agencies could devote more time to security postures that are truly unique.

  • By Mary Lazzeri

Biden to use Quad as 'vehicle' for regional cyber cooperation

Jake Sullivan, the national security advisor, says President Joe Biden discussed both the supply chain attack on SolarWinds and vulnerabilities being exploited in Microsoft Exchange with leaders of Japan, India and Australia.

  • By Justin Katz

CISA eyes changes to combat future supply chain hacks

The acting director of the Cybersecurity and Infrastructure Security Agency today said his agency is looking various changes to protect federal networks in the wake of the massive breach discovered late last year.

  • By Justin Katz
Featured eBooks

ATO ASAP: Let’s finally fix the security compliance problem

The process federal agencies go through to prove a system is secure may actually be making us less secure. This is a problem that we must fix today, not tomorrow.

  • By Mary Lazzeri

Trump issues last-minute order targeting foreign cyber threats

A Jan. 19 executive order from Donald Trump in the waning hours of his presidency aims to force cloud providers to keep more complete records about their customers to support U.S. investigations of hacks and other computer crimes.

  • By Justin Katz

Biden promises 'overwhelming focus' on hack recovery

The president-elect called out the Trump administration for failing to prioritize cybersecurity in general, and for "downplaying the seriousness" of the ongoing breach that has hit multiple federal agencies.

  • By Justin Katz

OPM rule would elevate performance in layoff decisions

The current rules for reductions in force have performance last on the list of factors to consider in the determining which employees to keep, with the type of job coming first and followed by veterans preference and service length after.

  • By Natalie Alms

USAF primed to launch new phase of data strategy

Eileen Vidrine, the Air Force's chief data officer, talks about department's priorities are, how they've changed this year and how the Defense Department's data strategy ties it all together.

  • By Lauren C. Williams

Making software more than 'IT thing'

Software modernization has a branding problem, and it's going to take more than the colloquial culture shift to speed up the Defense Department's adoption of modern tech capabilities, according to Deputy CIO Peter Ranks.

  • By Lauren C. Williams

OPM directs agencies on civil service overhaul

A memo from acting personnel chief Michael Rigas told agencies they could look outside the boundaries of a recent executive order for jobs to reclassify, but that the Office of Personnel Management would make final determination.

  • By Natalie Alms