Trump's OMB expands oversight over how independent agencies create rules

The Trump administration issued new guidelines on Thursday that will expand White House and congressional oversight and review of federal agencies' rule-making processes, including those for traditionally independent agencies such as the Federal Reserve. The 15-page memo, issued by Office of Management and Budget acting Director Russell Vought, outlines how the OMB's Office of Information and Regulatory Affairs will be granted further jurisdiction in the regulatory process for all agencies. The memo, which goes into effect next month, will require agencies to submit regulations and official guidance to the Office of Information and Regulatory Affairs in order to determine whether the proposed rules are "major" or "minor."If a regulation or guidance is deemed "major," OMB now says, it will have to be submitted to Congress for review and to be voted on. Previously, Congress was able to vote only on regulations, not agencies' guidance.

Spotlight

Spotlight

Related News

Government Business

Noblis Earns FedRAMP® Authorization for Its RunCyberAssurance® Solution and Hosting Platform

GlobeNewswire | September 21, 2023

Noblis, Inc., a leading provider of science, technology and strategy services to the federal government, today announced that its RunCyberAssurance software-as-a-service (SaaS) solution and its supporting platform-as-a-service have achieved the Federal Risk and Authorization Management Program’s (FedRAMP®) Moderate Authority to Operate designation. “Earning FedRAMP authorization for both our solution and platform is a significant step,” said Mark Lay, Noblis’ Solution Delivery Organization lead. “This designation allows federal agencies to quickly and efficiently leverage the RunCyberAssurance solution to simplify and maintain secure cloud authorization across their enterprise. At the same time, our authorized platform provides a foundation to integrate future solutions for our customers’ evolving missions.” RunCyberAssurance combines automation, analytics and a streamlined, standardized compliance workflow to help agencies continuously manage their authorized services. Depending on unique mission needs, agencies can leverage RunCyberAssurance as a FedRAMP Authorized SaaS or deploy it within their managed boundaries. Key benefits of the solution include: Continuous Authority to Operateacross entire technology portfolio Automatic managementof cybersecurity compliance Advanced analyticsto expedite decision making and proactively mitigate risks Automates processesto save time and money FedRAMP provides a cost-effective, risk-based approach for the adoption and use of cloud services by the federal government. It empowers agencies to use modern cloud technologies, with an emphasis on security and protection of federal information. About Noblis For more than 25 years, Noblis has been an innovator within the federal government, committed to enriching lives and making our nation safer while investing in the missions of tomorrow. As a nonprofit, Noblis works for the public good, providing independent and objective science, technology and engineering solutions. Together with our subsidiaries, we work with a wide range of government clients in the defense, homeland security, intelligence, law enforcement and federal civil sectors.

Read More

Cybersecurity

SentinelOne® Extends Power of the Singularity™ DataLake to Federal Agencies

Business Wire | October 10, 2023

Managing and analyzing security data is an overwhelming task - particularly for federal agencies where budgets are tight and cyber talent is in short supply. To help ease the burden, SentinelOne, a global leader in autonomous cybersecurity, is making Singularity™ DataLake, the industry’s most performant security data solution, and only FedRAMP-Authorized offering that unifies visibility, detection, and response across the entire security infrastructure, available through its FedRAMP Authorized platform. Federal Agencies can now easily access the one-of-a-kind cloud-native solution to gain a comprehensive view of their security data and quickly uncover and respond to threats in real-time. “The amount of data that federal agencies are required to collect, store, correlate, and analyze to defend against increasingly sophisticated and malicious attacks is massive and rapidly growing,” said Dale McCloskey, Federal Sales Vice President, SentinelOne. “The Singularity DataLake provides powerful cross-platform security analytics and intelligence they can use to gain the visibility needed to do it.” As the industry’s first and only unified, cloud delivered solution for OMB M-21-31 compliance, the SentinelOne Singularity DataLake combines SentinelOne and third-party security data visibility into a single console. Using the solution, federal cyber analysts can: Seamlessly ingest any data type, structured or unstructured, and fuse it with endpoint, cloud workload and user data to provide comprehensive visibility in a single, unified interface. Efficiently search, query and leverage AI-powered analytics to speed data-driven decisions. Reduce detection and response times to stop attacks faster. Achieve OMB M-21-31 compliance with cost-effective, long-term storage (up to 30 months) across endpoint detection and response (EDR) telemetry as well as other data sources. Retain existing SOC workflows through open, built-in security ecosystem integrations to deliver increased visibility and security context while reducing costs and operational resource burdens. “The future of cybersecurity for federal agencies will be driven by data and the power of analytics to extract actionable and intelligent security insights at scale and with SentinelOne Singularity DataLake, they can deliver it today,” said McCloskey. About SentinelOne SentinelOne is the leader in autonomous cybersecurity. SentinelOne’s Singularity™ Platform detects, prevents, and responds to cyber attacks at machine speed, empowering organizations to secure endpoints, cloud workloads, containers, identities, and mobile and network-connected devices with speed, accuracy and simplicity. Over 11,000 customers, including Fortune 10, Fortune 500, and Global 2000 companies, as well as prominent governments, trust SentinelOne to secure the future today.

Read More

Cybersecurity

Semperis and Carahsoft Partner to Provide Comprehensive Identity Security and Recovery Solutions to U.S. Government Organizations

Business Wire | September 12, 2023

Semperis, a pioneer in identity-driven cyber resilience, and Carahsoft Technology Corp., The Trusted Government IT Solutions Provider®, today announced a partnership. Under the agreement, Carahsoft will serve as Semperis’ Public Sector Distributor, making the company’s industry-leading identity resilience platform available to the Public Sector through Carahsoft’s reseller partners and National Association of State Procurement Officials (NASPO) ValuePoint, National Cooperative Purchasing Alliance (NCPA), and OMNIA Partners contracts. Active Directory (AD) and Azure AD (now Entra ID), used by 90% of organizations worldwide to authenticate and access critical applications and services, are under sustained attack in the Public Sector by numerous threat actors. The Semperis and Carahsoft partnership will accelerate delivery of comprehensive identity threat detection and response (ITDR) solutions for protecting hybrid AD environments across U.S. Public Sector entities. “Our partnership with Carahsoft will further expand adoption of our identity-first security solutions designed to help Federal, State and Local Government agencies protect their critical identity systems from ransomware and other directory-related attacks,” said Jared Vichengrad, Vice President, Public Sector at Semperis. “We are excited to join Carahsoft’s trusted partner network of Government IT solution providers to prevent, detect and mitigate proliferating identity attacks that are disrupting operations in the Public Sector.” Identity-related attacks on Public Sector entities are intensifying in scale and severity amidst an expanding digital attack surface and increasingly sophisticated attack techniques. Verizon’s 2023 DBIR reveals that from November 1, 2021, through October 31, 2022, public administration entities faced 3,273 incidents—and of those, 584 with confirmed data disclosure. The Public Sector is a high-value target for cyber criminals who seek to disrupt State and Local Governments, schools and public utilities in record numbers. These attacks can steal or encrypt data, disturb services and jeopardize public safety. Public Sector organizations are particularly vulnerable to AD attacks because of legacy infrastructure, lack of identity security expertise and limited resources. With a multi-layered defense approach that spans the identity attack lifecycle, Semperis offers the industry’s most comprehensive security and recovery solutions for hybrid AD environments, combined with deep incident response expertise. “We are thrilled to partner with Semperis and our reseller network to offer its identity resilience platform, provide advanced ITDR solutions and protect Public Sector customers’ hybrid AD systems from attacks,” said Brian O’Donnell, Vice President of Cybersecurity solutions at Carahsoft. “We repeatedly see how vital it is to prevent bad actors from infiltrating Government systems and how having the right solutions on board can make a significant impact in remediation. We are committed helping Public Sector organizations get access to Semperis solutions to safeguard citizens’ data and facilitate uninterrupted Public Sector services.” Semperis’ technology and services are available through Carahsoft’s NASPO ValuePoint Master Agreement #AR2472, NCPA Contract NCPA01-86, and OMNIA Partners Contract #R191902. For more information, contact the Semperis team at Carahsoft at (703) 889-9808 or Semperis@carahsoft.com. The dedicated Cybersecurity team at Carahsoft specializes in providing Federal, State and Local Government agencies and Education and Healthcare organizations with security solutions to safeguard their cyber ecosystem. To learn more about Carahsoft’s Cybersecurity solutions, visit www.carahsoft.com/solve/cybersecurity. About Carahsoft Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider®, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator® for our vendor partners, we deliver solutions for Cybersecurity, MultiCloud, DevSecOps, Big Data, Artificial Intelligence, Open Source, Customer Experience and Engagement, and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. About Semperis For security teams charged with defending hybrid and multi-cloud environments, Semperis ensures the integrity and availability of critical enterprise directory services at every step in the cyber kill chain and cuts recovery time by 90%. Purpose-built for securing hybrid Active Directory environments, Semperis’ patented technology protects over 50 million identities from cyberattacks, data breaches, and operational errors. The world’s leading organizations trust Semperis to spot directory vulnerabilities, intercept cyberattacks in progress, and quickly recover from ransomware and other data integrity emergencies. Semperis is headquartered in Hoboken, New Jersey, and operates internationally, with its research and development team distributed throughout the United States, Canada, and Israel.

Read More