Trending
May14 is the deadline to apply for the next class of Presidential
Innovation Fellows
security and a lack of internal detection methods.
“Over the past decade, our system of protection has largely relied on sen- sors at the perimeters of networks that are designed to be fed by intelligence” about known threats, Wales said. “Our adversaries have advanced. They are no longer using the same infrastructure to target us repeatedly.”
He said CISA will use funding under the American Rescue Plan Act to invest in new tools for endpoint detection, but ultimately, agencies need to find a bal- ance between both forms of security.
“That balance was too far out of whack in the past,” he said. “It is too focused on the network and not \[focused\] enough inside of networks at the host.”
— Justin Katz
Agency hacks could accelerate push to zero trust security
The White House will push federal agen- cies to start moving toward a “zero trust paradigm,” said Chris DeRusha, federal chief information security officer, during a recent hearing on Capitol Hill.
“In this new model, real-time authen- tication tests users, blocks suspicious activity and prevents adversaries from the kind of privilege escalation that was demonstrated in the SolarWinds inci- dent,” he told members of the Senate’s Homeland Security and Governmental Affairs Committee.
“Many of the tools we need to imple- ment this model already exist within industry and agency environments, but successful implementation will require a shift in mindset and focus at all levels within federal agencies,” he added.
Zero trust, which advocates authen- ticating a user or device every time it
Chris DeRusha
Brandon Wales
tries to connect to an organization’s systems, has become a popular topic for cybersecurity analysts since the breach involving SolarWinds was dis- covered. Once hackers gained access, they were able to move laterally across government networks, according to the Cybersecurity and Infrastructure Secu- rity Agency.
While testifying alongside DeRusha at the hearing, Acting CISA Director Bran- don Wales said the government’s failure to stop the intrusion was partially due to an overemphasis on network perimeter
Democrats press for federal role in modernizing unemployment systems
Democrats in the House and Senate are urging the federal government to take an active role in helping states modernize the outmoded technology they use to deliver unemployment benefits.
That technology foundation was tested to the breaking point in the past year as millions of applicants flocked to state systems during the economic upheaval caused by the pandemic. At the same time, state agencies struggled to deal with massive increases in fraud.
The American Rescue Plan Act appro- priated $2 billion to the Labor Depart- ment for administrative costs related to fraud prevention, equitable access and timely payment of unemployment benefits. Thirty lawmakers sent a letter to Labor Secretary Marty Walsh in late March with recommendations on how
the agency should spend that money. The lawmakers want the depart- ment to use the recently introduced Unemployment Insurance Technology Modernization Act as a blueprint for its efforts to modernize unemployment IT. The bill would put the Labor Depart- ment at the center of a national effort to modernize unemployment technology by developing and maintaining a set of modular technology pieces for states to
assemble as they see fit. Furthermore, any modernization
efforts the Labor Department pursues with the new funds should also focus on developing technology for administering unemployment programs at the federal level, according to lawmakers.
“This past year has proven that indi- vidual states attempting to modernize
their system in isolation hasn’t yielded results,” the lawmakers wrote. “That failure has contributed to unconscio- nable delays for millions of workers. A cohesive federal approach would not only ensure that every state has access to modern, efficient technology to meet their needs, but would also be far more cost-effective than investing in 53 sepa- rate systems.”
If the Labor Department decides to use the bill as a blueprint, it would also create a digital services team to help state agencies with their technology needs, emphasize the importance of the customer experience in the devel- opment process and promote the use of best practices for cybersecurity and procurement.
— Natalie Alms
March/April 2021 FCW.COM 29