News

VA gets serious about PIV, two-factor authentication during cybersecurity sprint

The Veterans Affairs Department is using the recent information system breaches at the Office of Personnel Management as an opportunity to review current security practices and push existing protocols that may not have been fully implemented.

IG: IRS needs to make online accounts top priority in customer service revamp

A new Treasury Inspector General report states that the Internal Revenue Service is making headway toward meeting customers' demands for more electronic services and products

Phishing campaigns target OPM data breach victims

Phishing campaigns have emerged as a result of the Office of Personnel Management's post-breach identity protection offerings.

DHS CIO restructures office to improve procurement, oversight

Spurred by initiatives such as the Federal IT Acquisition Reform Act, the Homeland Security Department is restructuring the Office of the Chief Information Officer to better meet information technology needs.

Industry group says federal background check system taken offline may affect contractors' work

In a July 1 letter addressed to federal officials, the Professional Services Council expressed concern over the suspension of the Office of Personnel Management's "e-QIP" system two days earlier after the vulnerability was discovered.

Federal government plans to enhance analytics dashboard for public over next 6 months

More than 3,800 government websites across 37 agencies have used the analytics program since it was introduced in 2012. Agencies can use web analytics and customer satisfaction tools and get performance metrics guidance, metric benchmarks and training at no cost.

VMware, Carahsoft to pay $75.5M settling allegations they overcharged gov't for software, services

Justice Department officials said that VMware and Carahsoft hid their commercial pricing practices and overcharged the government from 2007 to 2013.

OPM suspends background investigation platform for security upgrade

The Office of Personnel Management notified federal agencies and departments June 29 that the web-based platform used to submit background investigation forms, known as e-QIP, will be offline for four to six weeks for security enhancements.

Archuleta keeps breach numbers close to the vest, has federal CIO's support

During the last of three congressional hearings held last week to address data breaches at the Office of Personnel Management, OPM Director Katherine Archuleta held her ground in refusing to peg a final number on compromised records.

Agile and iterative contracting techniques used during wartime helped develop life-saving tech

The military needed technology to counteract roadside bombs that were causing a high number of casualties during the wars in Afghanistan and Iraq. Combatants and insurgents were using cellphones and other devices to remotely detonate bombs.

Army's new simulation environment lets soldiers further hone cyber skills

The U.S. Army Communications-Electronics Command announced June 23 the Cyber Battleground Range, which it expects to be open to all units later this summer, according to an Army article.

Federal agencies exposing login and password information, technology company finds

Login credentials for 47 federal agencies across 89 unique domains may have been exposed, leaving them open to espionage and criminal attacks, reported Recorded Future, which analyzed open source intelligence data and 17 paste sites for a year.

Official: DHS has authority to order agencies to bolster network security, but no stick to enforce

The Federal Information Security Modernization Act of 2014 authorizes DHS to assist the Office of Management and Budget with managing and monitoring implementation of security requirements by agencies and providing them with operational and technical assistance, among other activities.

US partners with Estonia on cybersecurity, digital services

Speaking in Talinn, Estonia, Defense Department Secretary Ash Carter announced a new initiative to bolster NATO's cybersecurity efforts, while 18F employees met with Estonian technologists in Washington to learn from one another's digital services offerings.

House votes to keep congressional control over domain name system transition

The House approved a bill that would let Congress check over plans to shift control over the Internet's domain name system to an international organization.

GPS celebrates its 20th anniversary

The Air Force announced GPS' full operational capability two decades ago. On July 17, 1995, the service had 24 satellites in orbit, providing global 24-hour coverage.

OPM releases report outlining 'concrete steps' to bolster security, modernize IT systems in wake of breaches

U.S. officials blame Chinese hackers for stealing personal data on about 4 million current and former government employees, although a news report cites other government officials saying that it may have actually affected up to 18 million people, including prospective employees.

Less than one-third of weaknesses in gov't web and mobile apps fixed, new industry report says

The Veracode report also found that three out of four web and mobile applications developed or used by government organizations fail standard security policies and they also have a high prevalence of SQL Injection vulnerabilities when first assessed.

NIST finalizes guidance on protection of sensitive federal data by nonfederal organizations

The guidance is designed to ensure that sensitive federal data stay confidential when processed, transmitted and stored by contractors, state governments, research and academic institutions and other nonfederal organizations.

US will directly address OPM hack at China summit, says State Dept. official

The State Department will directly address the recent Office of Personnel Management cybersecurity breach at a major upcoming economic forum with China, says an unnamed State Department official in a June 22 press call transcript.