risk assessment

NOAA evaluating multi-factor authentication for apps and devices


Chief information officer Zach Goldstein tells FedScoop the agency plans to launch a Cloud Program Management Office in fiscal 2023.

NASA agrees to insider threat risk assessment of unclassified systems


The agency plans to determine if the program needs to be expanded to protect more than just classified systems.

CISA working group assessing cyber risks to space infrastructure


CISA's working group will emulate the public-private partnership used to protect pipeline operators.

FBI awards $13.5M risk assessment contract in move to CIA clouds


Telos Corporation has a $13.5 million contract from the bureau to integrate its Xacta solution — which is already used by the CIA — with the FBI's clouds.

CMMC looks to clear up questions about cybersecurity assessors


The Accreditation Body for the Cybersecurity Maturity Model Certification (CMMC) has released more information about training and approval for people who want to be third-party assessors.

Why government is slow to endorse frameworks for quantifying cybersecurity risk


Until individual agencies like the Department of Energy and Department of the Treasury see success quantifying risk, the practice won't likely be mandated.