Measuring Cyber Risk in Your Digital Supply Chain

Sponsored by

State Dept working toward SBOM adoption to improve supply chain risk management

Although there’s some disagreement over when agencies will actually start benefitting from them, many agencies are currently laying the foundation to start using SBOMs.

With software memo out, OMB moves into cyber EO implementation phase

Chris DeRusha, the federal chief information security officer, said the focus on securing commercial software comes from the cyber executive order.

Getting to the bottom of software supply chain security

As federal agencies and contractors come to grips with the burden of protecting their software supply chain, understanding who had a hand in the development of their software products has taken on increasing importance. It comes down to pedigree. Where did your software come from? Was it domestic or international? Who had a hand in developing it?

Why it takes a fourth party to accomplish third-party software supply chain risk assessments

In the federal software world, supply chains are often extensive. How can an agency ensure its risk assessments can adequately gauge potential threats? The Federal Drive’s Tom Temin asks just that of RiskRecon cyber expert John Ehret.

IRS has 37,000 webpages. About 2% get nearly all of its traffic

The IRS is tapping into billions of dollars in multi-year modernization funds to provide a higher level of customer service to taxpayers.

IT Modernization
DHS names China, AI, cyber standards as key priorities for critical infrastructure

Agencies that oversee critical infrastructure are developing new sector risk management plans, with cybersecurity continuing to be a high priority.

Cybersecurity
Robust data management is key to harnessing the power of emerging technologies

Comprehensive data management is key to unlocking seamless, personalized and secure CX for government agencies.

Commentary
VA looking at ‘smart home’ tech to keep aging, disabled vets living independently

A smartwatch saved the life of VA’s chief health technology officer. The department expects this device data can also save the lives of other disabled vets.

Veterans Affairs
Energy working with renewables industry, cloud providers on cyber requirements

CESER’s work with cloud service providers comes amid growing threats to critical infrastructure, as well as questions about cloud security responsibilities.

Cybersecurity
IRS adds another state to Direct File, as House Republicans seek to defund it

About 580,000 Oregon residents will be eligible to use the IRS’ Direct File platform next filing season, as long as the program remains funded.

IT Modernization
USINDOPACOM Mission Partner Environment success:  A blueprint for CJADC2 path forward 

DoD can duplicate USINDOPACOM’s transformation to rapidly implement multi-enclave environments on a broader scale in support of CJADC2.

Commentary
NSF initiative aims to bring better data to the cyber workforce challenge

Policymakers often talk about a cyber talent gap, but official data on the national cyber workforce is also in short supply.

Federal Report