US Department of Homeland Security directive requires federal agencies to fix critical flaws within 15 days

Computing | May 02, 2019

The Cybersecurity and Infrastructure Security Agency (CISA) of the US Department of Homeland Security (DHS) has issued a new binding operational directive (BOD) for federal agencies, ordering them to patch critical security flaws discovered on their internet-accessible systems within 15 days of first detection. And the countdown to remediate security flaws will start as soon as they are first detected during CISA's weekly cyber hygiene vulnerability scanning. The order cuts in half the deadline for patching critical flaws from 30 days. Flaws deemed "high" in severity still have a 30 day deadline for fixing.

Spotlight

The 2016 Government-wide Inclusive Diversity Strategic Plan (the Plan) outlines the second phase of implementation of the President’s 2011 Executive Order 13583, Establishing a Coordinated Government-wide Initiative to Promote Diversity and Inclusion in the Federal Workforce (the Executive Order). This Plan takes the lessons learned since the 2011 Government-wide Diversity and Inclusion Strategic Plan was issued and provides Federal agencies a path for continuing to create and foster a Federal workforce that includes and engages Federal employees and draws from all segments of society. The overarching strategy of this Plan is to increase the transparency of human capital processes (to the extent appropriate, in light of the obligation to protect certain test and examination materials, for example) throughout the Federal workplace as an approach to foster the inclusion that leads to the diversity of the workforce. The Plan provides a framework for the many initiatives that have been realized, the efforts that are currently underway, and the overarching strategy, offering a cohesive and comprehensive path forward. Together, Federal agencies will fully utilize policies, programs, and systems that support inclusive diversity through increasingly focused, innovative, and accelerated communication and learning strategies.

Spotlight

The 2016 Government-wide Inclusive Diversity Strategic Plan (the Plan) outlines the second phase of implementation of the President’s 2011 Executive Order 13583, Establishing a Coordinated Government-wide Initiative to Promote Diversity and Inclusion in the Federal Workforce (the Executive Order). This Plan takes the lessons learned since the 2011 Government-wide Diversity and Inclusion Strategic Plan was issued and provides Federal agencies a path for continuing to create and foster a Federal workforce that includes and engages Federal employees and draws from all segments of society. The overarching strategy of this Plan is to increase the transparency of human capital processes (to the extent appropriate, in light of the obligation to protect certain test and examination materials, for example) throughout the Federal workplace as an approach to foster the inclusion that leads to the diversity of the workforce. The Plan provides a framework for the many initiatives that have been realized, the efforts that are currently underway, and the overarching strategy, offering a cohesive and comprehensive path forward. Together, Federal agencies will fully utilize policies, programs, and systems that support inclusive diversity through increasingly focused, innovative, and accelerated communication and learning strategies.

Related News

GOVERNMENT BUSINESS

Intelligent Wave Bags Editor’s Choice As the Best Cloud Workload Protection Solution From CDM

Intelligent Waves | June 09, 2022

Intelligent Waves (IW), a leading IT integrator that provides the government with mission-focused multi-domain operational expertise and innovation through high-impact technology solutions, is pleased to announce that we have been named Editor's Choice as the Best Cloud Workload Protection solution by Cyber Defense Magazine (CDM), the industry's leading electronic information security publication. Intelligent Waves is thrilled to receive one of the most prestigious and coveted cybersecurity awards in the world fromCyber Defense Magazineduring their 10thanniversary as an independent cybersecurity news and information provider. We knew the competition would be tough, and with top judges who are leading infosec experts from around the globe, we couldn’t be more pleased.” John Hammes, Vice President and Chief Strategy Officer for Intelligent Waves The Phantom Next Generation solution from IW allows enterprises to connect to foreign points of presence for remote open-source information collecting and study while also shielding organizations and persons from foreign intelligence exposure. Furthermore, because it does not require access to a classified facility or network, the unclassified but secure cloud-based capacity facilitates telework. In this way, government organizations can benefit from a distributed, internationally remote workforce. Phantom makes use of the GRAYPATH network's full capabilities to ensure that application traffic is not detected, intercepted, or exploited, and to conceal the user's location. The Phantom platform compares the digital signature of the user to the desired place of presence. Furthermore, the user's genuine IP address, location, and data usage are hidden. User-generated traffic is made to appear to come from a remote point of presence (PoP) or interface server at the same time. The internet researcher can efficiently "hide among the noise" of normal IP activity in this manner.

Read More

GOVERNMENT BUSINESS

Accela Named Microsoft US Government Partner of the Year for Third Consecutive Year

Accela | July 08, 2022

Accela®, the trusted provider of cloud solutions for government, today announced that it was selected as Microsoft's 2022 US Government Partner of the Year for the third consecutive year. Accela was honored among top Microsoft partners for providing innovative services based on Microsoft technologies to state and local government customers, as well as demonstrating thought leadership in the government technology sector. Accela's SaaS solutions, which are powered by Microsoft Azure, equip state, county and local governments with an agile, purpose-built platform to automate and modernize essential government functions within economic development, community development, and public safety. "We are proud to be recognized by Microsoft for our partnerships with governments around the globe. With Accela, in partnership with Microsoft, our customers can have confidence their data is being kept safe with the latest updates and best practices, which is essential to support ongoing security, compliance and government regulation requirements. "By 2025, 95% of new IT investments made by government agencies will be made in as-a-service solutions. As governments accelerate their digital transformations, Accela will continue to deliver secure cloud-based solutions, powered by Microsoft, that provide vital services, modernize employee and resident experiences, and bolster economies." Tom Nieto, chief operating officer of Accela The Microsoft Partner of the Year Awards recognize Microsoft partners that have developed and delivered outstanding Microsoft-based solutions during the past year. Honorees are chosen from a set of more than 4,400 submitted nominations from more than 100 countries worldwide. More than 275 million residents globally benefit from Azure-powered Accela solutions for permitting, licensing, and code enforcement. Accela is Gold Certified Partner in the Microsoft Partner Program, with a competency in ISV/Software Solutions. As a Gold Certified Partner, Accela has demonstrated its expertise with Microsoft technologies and a proven ability to meet customers' needs. Today's announcement builds on Accela's momentum in the cloud govtech space. Most recently, Accela launched a new offering, Managed Application Services, to help government agencies achieve increased flexibility and reliability in managing IT staffing needs. About Accela Accela provides a unified suite of cloud solutions trusted by governments across the globe to accelerate their digital transformation, deliver vital services, and build stronger communities. More than 275 million citizens worldwide benefit from Accela's government software solutions. The company offers agile, purpose-built solutions and the power of a platform that provides users with a consumer-like experience, shares data across departments, and ensures world-class security.

Read More

GOVERNMENT BUSINESS

Carahsoft to Announce Partnering with Thentia

Carahsoft | June 30, 2022

Carahsoft Technology Corp. is agovernment IT solutions provider delivering best-of-breed hardware, software, and support solutions to federal, state, and local government agencies. It announced entering into a partnership with an industry-leading provider of software-as-a-service (SaaS) to government regulatory bodies. ThentiaCloud,aproprietarylicensingplatformcreatedforregulatorsbyThentia,willbemorewidelyadoptedbyregulatorsasaresultofthisnewpartnership. Thentia's Master Government Aggregator®, Carahsoft, will make Thentia Cloud available to the public sector through its reseller partner networks and contracts with the National Association of State Procurement Officials (NASPO) ValuePoint, GSA Schedule, and OMNIA Partners. This exciting partnership comes at an incredibly opportune time for Thentia, as the company experienced significant growth in 2021 and is poised for even greater platform adoption in 2022 and beyond. We look forward to working with Carahsoft to further accelerate the momentum and traction we're currently gaining with regulatory agencies acrossNorth America. Carahsoft, as well as other partners, will play a pivotal role in expanding Thentia's position in the public sector as a leading government technology platform." Bonnie Campo, Thentia's Vice President, Strategic Alliances Campo added, "We look forward to leveraging Carahsoft's market expertise, procurement services, sales channels, proactive marketing, and large customer base to support public sector digital transformation for years to come." "Thentia's competitive advantage stems from the firsthand experiences of its creators, who have all worked as regulators themselves," statedHarjeet Khalsa, who manages the Thentia team at Carahsoft. "By drawing on their experiences, they have built a highly configurable platform that addresses the nuances of governmental workflows while streamlining compliance and increasing cybersecurity. That's exactly the combination our clients and reseller partners seek."

Read More