Cybersecurity has grown in importance as networked systems become irreplaceable methods for delivering federal services and enabling day-to-day operations. The Office of Management and Budget reported in March 2010 that during fiscal 2010 agencies identified 41,776 cyber incidents--a 39 percent increase in cyber attacks over the previous year.

Big changes are afoot in the federal cyber arena, with the Defense Department having stood up Cyber Command, the Homeland Security Department readying active defense measures for federal networks and the entire federal government debating the role it should play in securing critical infrastructure in private sector hands. 



Latest Headlines

Latest Headlines

Schwartz: Cybersecurity framework gaining foothold

The federal cybersecurity framework released earlier this year is helping critical infrastructure sectors that previously lagged catch up to those with more expertise, said Ari Schwartz, a White House cybersecurity official.

Obama administration satisfied with cybersecurity regulations

The Obama administration doesn't need to develop new cybersecurity regulations, a review by the administration has concluded. Voluntary implementation of the cybersecurity framework that the National Institute of Standards and Technology released in February will suffice for now.

DHS official: Heartbleed has had 'minimal' impact on federal government

Due to hard work and improved coordination throughout the federal government, the impact of the Heartbleed bug on the dot-gov domain has been minimal, said Larry Zelvin, director of the National Cybersecurity and Communications Integration Center within the Homeland Security Department's National Protection and Programs Directorate.

Federal IT managers more optimistic about security than implementers

Executives involved in the management and oversight of information technology programs are more optimistic about the state of security than those actually implementing security programs, finds a  new study  from Hanover Research.

Ron Ross dissects NIST's newest guidance – what it means for agencies

The National Institute of Standards and Technology issued a new draft publication May 13, which aims to help agencies build or acquire IT systems with better security baked in from the start, by outlining best practices and recognized software engineering principals.  FierceGovernmentIT  spoke with Computer Scientist and NIST Fellow Ron Ross May 14, to learn more about the newest draft guidance.

UPDATED- NSA broadens funding for 4 universities to advance the science of cybersecurity

The National Security Agency is expanding funding for several universities to continue scientific research into cybersecurity. The intelligence agency awarded contracts to North Carolina State University, the University of Illinois Urbana-Champaign and Carnegie Mellon University in 2012 and recently announced that these three universities along with the University of Maryland would receive additional funding.

Postal Service cloud contracts omit security measures

The 13 cloud computing contracts that the Postal Service awarded in recent years inadequately addressed data security, says the USPS office of inspector general. Contracting officials worried that integrating policies from the agency's handbook on cloud security would drive up the cost of the contracts.

Policies should focus on 'managing,' not 'solving' cybersecurity problems, says NRC

Public policy can help address U.S. cybersecurity, but it should not be viewed as an issue that can be solved through legislation or regulation. Rather, public policy can help improve cybersecurity management, says a new  report  from the National Research Council.

Venture capitalists hearing the cybersecurity gospel from NPPD

"It's amazing to me how little" investors think about cybersecurity in their decisions, said Suzanne Spaulding, head of the National Protection and Programs Directorate.

FBI issues warning, EHRs vulnerable to cyber attack, theft

The FBI is warning healthcare providers that lax cybersecurity standards will leave their computer systems more vulnerable to hackers as the industry transitions to electronic health records.