4(g): Government cybersecurity leaders publish a definition for “critical software” that addresses topics such as level of privilege or access required, integration and dependencies, and potential for harm if compromised.
3(b): Agencies share updated plans for adoption and use of cloud technology and implementation plans for zero trust architecture. 3(c-iii): DHS/CISA issue a cloud service governance framework for FCEB agencies. 3(d-i): Agencies provide progress reports about multifactor authentication and data encryption; new reports are required every 60 days until full adoption is achieved. 3(f): GSA/OMB/Agencies start modernizing FedRAMP by establishing training, improving communication, incorporating automation, digitizing and streamlining documentation, and identifying relevant compliance frameworks and mapping them onto requirements.
4(f): Commerce, in coordination with others, publishes minimum elements for a Software Bill of Materials (SBOM) 4(i): Commerce/NIST/DHS/CISA/OMB publish guidance outlining security measures for critical software, covering least privilege, network segmentation, and proper configuration. 4(r): Commerce/NIST/DoD/NSA release guidelines for minimum standards for vendors’ testing of software source code, including manual and automated testing.
3(c-i): OMB/DHS/CISA/GSA/FedRAMP release a Federal cloud security strategy and guidance for agencies. 3(c-ii): DHS/CISA/OMB/GSA/FedRAMP issue cloud security technical reference architecture documentation with recommendations on cloud migration and data protection for FCEB agencies. 3(c-iv): Agencies provide reports to DHS/CISA/OMB evaluating types and sensitivity of their unclassified data, including prioritization and appropriate processing and storage. 3(e): DHS/CISA/AG/FBI/GSA/FedRAMP establish framework to collaborate on cybersecurity and incident response activities related to FCEB cloud technology.
7(h): DoD/ODNI/CNSS establish policies that effectuate NSA’s recommendations for improving detection of cyber incidents affecting National Security Systems. 7(i): CISA reports to OMB/APNSA on how authorities granted to conduct threat hunting on FCEB networks without agency authorization are being implemented and makes recommendations for ensuring mission-critical systems are not disrupted.
Click on the different category headings to find out more. You can also change some of your preferences. Note that blocking some types of cookies may impact your experience on our websites and the services we are able to offer.
Essential Website Cookies
These cookies are strictly necessary to provide you with services available through our website and to use some of its features.
We provide you with a list of stored cookies on your computer in our domain so you can check what we stored. Due to security reasons we are not able to show or modify cookies from other domains. You can check these in your browser security settings.
Google Analytics Cookies
These cookies collect information that is used either in aggregate form to help us understand how our website is being used or how effective our marketing campaigns are, or to help us customize our website and application for you in order to enhance your experience.
If you do not want that we track your visit to our site you can disable tracking in your browser here:
Other external services
We also use different external services like Google Webfonts, Google Maps, and external Video providers. Since these providers may collect personal data like your IP address we allow you to block them here. Please be aware that this might heavily reduce the functionality and appearance of our site. Changes will take effect once you reload the page.
Google Webfont Settings:
Google Map Settings:
Google reCaptcha Settings:
Vimeo and Youtube video embeds:
The following cookies are also needed - You can choose if you want to allow them: