The newly created position will help lead the response to a major cyberattack but has yet to be filled by the Biden administration.
The National Defense Authorization Act of 2021 created the position of national cyber director to serve as the principal adviser to the president on cybersecurity policy and strategy. In the wake of the suspected widescale Russian cyberattack against the government and private sector, the position takes on even more importance.
In addition to serving as the coordinator of federal cybersecurity strategy, the person the Biden administration chooses for the role (which requires Senate confirmation) will need to work with other key advisers and government agencies.
Read full story at FedTech…
first published week of: 01/25/2021
Innovation happened because those in government thought outside of their traditional boxes in a moment of crisis. Now it’s time to build on those efforts.
For state and local government IT professionals, the year 2020 offered valuable lessons. While it was a year that tested the resolve of many, it also showed that we can accomplish what was once thought impossible.
For evidence, look no further than the rapid pivot that many government agencies had to make, and what they were able to successfully accomplish in a short period of time. Before the coronavirus pandemic, many organizations were understandably intimidated by the scope of what digital transformation implied. COVID-19 forced them to accelerate their efforts to meet current and urgent challenges.
As a result, we saw how five key elements of digital transformation — leadership, product management, development, architecture and operations — can coalesce to enable agencies to quickly achieve outcomes that would have been otherwise not been possible.
Read full story at StateTech…
first published week of: 03/29/2021
The administration’s 2022 budget proposal continues efforts to bolster the federal IT and cybersecurity workforce.
The Biden administration’s first budget proposal focuses heavily on the federal workforce, including bolstering the IT and acquisition workforces and more training opportunities for non-technical employees.
The budget proposal released last week included more than $58 billion for civilian agency IT. But the budget documents noted—as so many practitioners have before—that IT delivery is as much about technology as it is about people, including those who use it as well as those who deploy it.
“After decades of under-investment in a modern-day workforce, a failure to partner with labor unions, and ongoing, unwarranted attacks on its independence, the civil service is in need of repair and rebuilding,” the documents state, noting the Biden administration has already taken steps in this direction.
Read full story at NextGov…
first published week of: 06/07/2021
Commitments are also expected from the public and private sectors for improving the security of foundational technology.
Building a talented cybersecurity workforce and improving the security of foundational technology will be central to a set of concrete steps the government and leading private companies will commit to taking following a meeting at the White House today, according to a senior administration official.
President Joe Biden and members of his national security team and Cabinet will meet with top executives from companies representing crucial critical industry sectors—technology, finance, energy, water and insurance—as well as relevant educational institutions to discuss collective action to improve cybersecurity.
“There will be a set of announcements that will be made tomorrow across the key areas, significantly on technology and talent, made by the participants, both government and private sector,” the official said Tuesday.
Read full story at NEXTGOV…
first published week of: 08/30/2021
The Office of Management and Budget directed agencies to comply with software supply chain security measures as set out in the May cybersecurity executive order.
A new White House memo instructs agencies on how to comply with guidance on the security of "critical software" as directed in the May executive order on cybersecurity.
An Aug. 10 memo from Shalanda Young, acting director of the Office of Management and Budget, builds off the definition of critical software issued by the National Institute of Standards and Technology in June. That definition focuses on software that has high-level authority to issue and manage computing and network privileges or otherwise operates at a high level of privilege.
The definition applies to standalone software, software embedded in devices and software in the cloud, but in the first round of implementation of the guidance, the focus should be on on-premise or standalone software, the new memo states.
Read full story at FCW…
first published week of: 08/16/2021
With vaccination rates slowing in the U.S., the White House is getting creative about getting shots in arms. Beyond protecting yourself and others from a deadly disease, the latest incentive to get vaccinated could help you find love ... .
The White House COVID-19 response team announced Friday that a number of popular dating apps would offer new perks for users who get vaccinated, with Tinder, Bumble, Hinge, Match, OkCupid, BLK, Chispa, Plenty of Fish and Badoo all participating in the promotional push. The White House hopes to make inroads with the 50 million users across those dating apps where they’re already spending time.
On Tinder, anyone who adds a sticker to their profile promoting their vaccination status between June 2 and July 4 will be gifted a free Super Like.
Read full story at TechCrunch…
first published week of: 05/24/2021
Cybersecurity awareness can't happen without clear messaging. Keith Tresh, CISO of Idaho, explores why a strong cyber defense strategy depends on CISOs learning to speak other agencies’ languages.
A chief information security officer's work may be as much about communication as it is about selecting the right defenses.
Keeping agencies safe requires compromise between cybersecurity teams charged with envisioning threats and departments that are more likely to be focused on the desirable functionalities digital solutions can offer. The CISO, therefore, needs to be able to fine-tune their security approaches to a state's particular risk levels to ensure safety without introducing unnecessary frictions. This balancing act requires cybersecurity teams to be able to explain to other departments why the security measures they settled on are necessary.
Establishing trusted, communicative relationships with other departments can be essential, said Keith Tresh when Government Technology caught up with him about his first year as Idaho’s CISO.
Read full story at GovTech…
first published week of: 05/10/2021