TIC 3.0: Great Work, but Not Zero Trust

DHS recently published version 3.0 of the Trusted Internet Connection (TIC) architecture. A response to changing IT conditions, Executive Orders, and OMB mandates, the new architecture seeks to support IT modernization through cloud adoption while keeping security as a top priority. The comprehensive set of documents includes an overview, a catalog of security capabilities, a reference architecture, guidance for pilot programs, advice for service providers, and a very helpful set of use cases relevant to agency needs.

DHS Designates New Protections for U.S. Election Infrastructure

On the same day that U.S. intelligence agencies issued a non-classified report citing that Russian state-sponsored influence campaigns sought to “undermine public faith in the U.S. democratic process…” using a blend of covert activity (such as cyber activity) with overt efforts (state-funded media, paid trolls, etc.) the Department of Homeland Security took steps to protect the bedrock of our voting system – the nation’s election infrastructure.

FedRAMP Serves up a New User Experience

FedRAMP (The Federal Risk and Authorization Management Program) is changing. By the end of 2015, FedRAMP, aka the FISMA for the cloud, is anticipated to add high-impact cloud systems (it currently only authorizes low- and moderate-impact levels).

While only 12% of all federal systems are labeled as high impact (mostly DoD and DHS), as more agencies move to use cloud services, the need for a high-impact baseline standard is growing.

The Need for Clarity about FedRAMP Processes

Technically News – 10/28

This week in Technically News: What To Do When Your Computer Gets Kidnapped By Ransomware; Why the US Government Needs a “Digital Core”; Google or Microsoft? Army Users Get Choice; 8 Areas for Improvement in Securing Critical Infrastructure; Stabilizing DHS Cybersecurity Leadership

Technically News - 6/24

This week in Technically News: Civic Hackers (the good kind) Help Local Governments; Agencies Hot for Big Data, But Plans, Resources Are Lacking; NIST, DHS Push Security Automation to the Next Stage; Amazon’s Invasion of the CIA is a Seismic Shift in Cloud Computing; Google & Red Hat Collaborate on App Engine in Private Clouds; DLT Solutions & Oracle to Save Navy $60 Million