Politics
Barney changed USCIS’s cyber culture by putting the user first
Shane Barney knew he had successfully changed the culture at the U.S. Citizenship and Immigration Service when it was time to debate the next year’s budget.
Barney, who left USCIS in May after serving the last almost seven years as the agency’s chief information security officer, said when the agency program offices fully funded his request for zero trust capabilities, he knew a transformation had occurred.
Shane Barney was the chief information security officer at the U.S. Citizenship and Immigration Services in the Homeland Security Department until May.
“When the zero trust executive order first hit under the previous administration, it was a huge cost to federal agencies. The day that they were discussing the funding needs that we had for zero trust, and they were significant. I mean, they were tens of millions of dollars, I couldn’t be there. I couldn’t advocate for it. I was out of the office, and I was really worried about it,” said Barney, who now is the CISO for Keeper Security, for an exit interview on Ask the CIO. “Well, the directorate heads decided ahead of time that zero trust was the most important thing for the agency to be doing. They had all allocated all the money I had asked for without me even being present or even defending it. That’s when I knew we had done something right.”
Barney called his boss, then USCIS chief information officer Bill McElhaney, and asked what happened at the meeting.
“He said, ‘You got all the money.’ And I was like, ‘What do you mean? I got all the money?’ We weren’t even there. He goes, ‘No, it was actually decided before the meeting even started. In fact, it was never even discussed. It was assumed,’” he said. “That told me everything I needed to know about where the culture of the agency was. They valued security so much that they understand the connection between what the business is trying to accomplish, and the importance of securing that at the same time, and it sold itself. I think part of me actually knew at that point that maybe my time at USCIS was probably coming to an end.”
Barney said he believes the program offices understood the value of security because USCIS was both an early adopter of zero trust concepts and because the agency survived a potentially catastrophic cyber incident.
A cyber incident wake-up
In 2015, a USCIS developer turned on one of its Amazon Web Services storage buckets in the cloud and made the data inside the bucket public instead of private. Barney said this mistake can be a common issue among security incidents, but in USCIS’s case, it meant potentially exposing 500 million to 600 million records.
“We just had to prove that yes, it was made public, but no one accessed it during the time that it was public. That was difficult because we actually hadn’t really turned on the logging necessary for us to do that. So lesson one was to get better about logging then. Then we started looking at it in detail, and I’ll never forget it, it’s 2:30 in the morning and I get a phone call from one of my security analysts and he goes, ‘Shane, listen, we didn’t really look at this as careful as we should have and yes, they made the bucket public, but they never changed the record settings themselves.’ So yes, you could go to the public record, and look at it, but the records themselves were still marked private, so you couldn’t see them. You couldn’t even know they were there,” he said. “We were actually secure without realizing we were secure. So it was a really important lesson for us in as we were pushing into the cloud.”
In the after-action report, Barney said USCIS realized how this potential incident happened and started applying automation to make sure it wouldn’t happen again.
“We just started developing in Python, and basically it was a simple script that scanned our enterprise at lightning speeds. If it found we had 20 public records, we had 20 buckets that were supposed to be public. If it wasn’t listed as one of those, it would automatically shut it off,” he said. “It was the first sort of a-ha moment for security automation for us. It dawned on us that the power of the cloud was automation. If your infrastructure is code, then your security is code too, and I literally changed the contract for my security operations center (SOC) made them all go out and become programmers, and we started building automation. We would automate it to the point where, yeah, we got an alert that something happened, but it’s already been taken care of and we moved on because if we know that something is a risk, and in this case making data public, I can automate against that risk, then I have an obligation to do that. If I do that, that means that my analysts and my SOC no longer have to watch for that, and they can move on to something else, and that became our driving force.”
Around the same time, USCIS was moving systems and applications into the cloud and Barney said the use of zero trust principles just made sense, including single sign-on as the foundation of identity management for the cloud services.
“You have to carefully align what you do as a cybersecurity program to what the end user goals are because if you create an environment that’s so restrictive and so difficult for them to do their jobs, they’re going to find workarounds, and those workarounds are going to introduce risk that you’re not even aware of, and it creates problems,” he said. “You’re better aligning those two, and even if you have to meet in the middle somewhere and give a little bit of a compromise on the security side, so you can meet the end users’ goals, that’s okay. That actually is going to get you further and give you more benefit back into the organization than you would have if you just forced your heavy handed security approach.”
Next challenge: Network segmentation
As for USCIS’s zero trust progress, Barney said the biggest remaining challenges remain around securing the network and the data.
The goal, he said, is to get the network under control through proper segmentation and proper transactional monitoring and controls.
“It is very, very, very, very difficult to do, and even more difficult, and if not bordering on impossible, but coming darn close is getting your data under control,” he said. “Now at USCIS we’re not unique with the data the hallmark of what they did, the organization that handles all the administrative side of immigration, on any given day, they’re interacting with 16 million or 17 million people around the world, and all their information was electronic at that point. All that information had to be correlated and brought under sort of an umbrella of zero trust, and in the zero trust world, and that means you’ve got to create meta tags around everything that you’re doing, and then those meta tags have to be correlated with sort of a central dictionary. That dictionary has to be maintained and updated, and if you make changes, those changes have to be able to ripple across your entire data verse and that’s very, very, very difficult stuff to do. So when we put forth our budget, the vast majority of the money that we were asking for at the time was to fix the networking piece and to fix the data piece.”
Barney said while USCIS still has a ways to go to meet all the requirements of zero trust, he’s leaving the agency in a good place.
One of the things he did before he left was changing the USCIS’s focus from managing risk to being intelligent about risk.
“Not all risks are created equal, and you need to understand when something is far more important for you to focus on, even if it’s not a higher or critical but it’s a bigger threat to your organization. That’s being intelligent about risk, and that’s the one thing we were just starting to try to drive forward,” Barney said. “It’s very, very difficult to do because it’s a data intensive activity. You need good cyber threat intelligence to make sure that you’re making good decisions corporately. Something we started doing, and we’re doing better at, was more of a threat hunt based culture. Part of our drive for automation was to get rid of the screen people watch for something to go red and alert then, and driving more of an automated approach to not just the alerting and monitoring piece, but also the entire incident response process.”
The post Barney changed USCIS’s cyber culture by putting the user first first appeared on Federal News Network.
Politics
Black Lives Matter Activist in Boston Pleads Guilty to Federal Fraud Charges – Scammed Donors to Fund Her Lifestyle
Screencap of YouTube video.
A Black Lives Matter activist in Boston named Monica Cannon-Grant pleaded guilty to federal charges this week, admitting that she scammed donors and used their money to fund her own lavish lifestyle.
Cannon-Grant was previously held up as an admired figure. The city of Boston named her the Bostonian of the year at one point for her ‘social justice activism’ and she was even recognized by the Boston Celtics basketball team for her efforts.
She is now facing a minimum of two years in prison.
The New York Post reports:
BLM-linked activist admits conning donors to fund her lavish lifestyle
A once-celebrated Boston social activist has pleaded guilty to defrauding donors — including Black Lives Matter — out of thousands of dollars that she used as a personal piggy bank.
Monica Cannon-Grant, 44, pleaded guilty Monday to 18 counts of fraud-related crimes that she committed with her late husband while operating their Violence in Boston (VIB) activists group, according to the US Attorney’s Office in Massachusetts.
The activist scammed money — including $3,000 from a BLM group — while claiming it was to help feed children and run protests like one in 2020 over the murder of George Floyd and police violence.
Cannon-Grant also conned her way into getting $100,000 in federal pandemic-related unemployment benefits — which she used to pay off her personal auto loan and car insurance policy.
But she has now confessed to transferring funds to personal bank accounts to pay for rent, shopping sprees, delivery meals, visits to a nail salon — and even a summer vacation to Maryland.
Just amazing.
Monica Cannon-Grant stole from donors, scammed the government, and lived it up while preaching about oppression. BLM grift is the only nonprofit where fraud is part of the mission statement. https://t.co/ir3q9lqYrh
— Matthew Newgarden (@a_newgarden) September 23, 2025
BREAKING: BLM activist Monica Cannon-Grant pleads guilty to 27 fraud charges, misusing over $1M from Violence in Boston for personal gain. Echoes Sir Maejor Page’s $450K scam conviction. A wake-up call for nonprofit accountability. pic.twitter.com/N9vvD369gB
— (@pr0ud_americans) September 14, 2025
Here’s a local video report:
She should pay back every penny.
The post Black Lives Matter Activist in Boston Pleads Guilty to Federal Fraud Charges – Scammed Donors to Fund Her Lifestyle appeared first on The Gateway Pundit.
Politics
Keith Olbermann Backpedals Furiously With Apology for Threatening CNN’s Scott Jennings – Jennings Responds (VIDEO)
As the Gateway Pundit reported yesterday, former MSNBC host and generally unhinged leftist Keith Olbermann, appeared to threaten CNN’s conservative pundit Scott Jennings on Twitter saying, ‘You’re next motherf**ker.’
Well, Olbermann may have gotten a phone call or a visit from the FBI because today he walked back those comments with a full-throated apology.
RedState has an update:
To quickly recap, Scott Jennings, a Salem Media Network radio host and conservative CNN political commentator, reacted to breaking news on Monday that Kimmel had been reinstated by tweeting, “So basically his employer suspended him for being an insensitive pr**k, and we don’t live in an authoritarian regime? Got it.”
This enraged Olbermann, who proceeded to tweet what many, including Jennings, perceived to be a threat. “You’re next, motherf**ker. But keep mugging to the camera.” Jennings tagged Patel and included a screengrab of the tweets in response.
Though the FBI hasn’t commented as to whether an investigation was launched, Olbermann ostensibly appears to have thought twice about what he tweeted and deleted, apologizing profusely in tweets posted on Tuesday and claiming what he wrote was “misinterpreted”:
See Olbermann’s tweet below:
I apologize without reservation to @ScottJenningsKY
Yesterday I wrote and immediately deleted 2 responses to him about Kimmel because they could be misinterpreted as a threat to anything besides his career. I immediately replaced them with ones specifying what I actually meant. pic.twitter.com/SPWLb73nEk
— Keith Olbermann (@KeithOlbermann) September 23, 2025
I oppose and condemn political violence, and the threat of it. All times are the wrong time to leave even an inadvertent impression of it – but this time is especially wrong
I should've acknowledged the deletion and apologized yesterday. I'm sorry I delayed.
— Keith Olbermann (@KeithOlbermann) September 23, 2025
Scott Jennings, always a class act, offered this hilarious response:
SCOTT JENNINGS: “Marking myself SAFE from that NUT, Keith Olbermann!” pic.twitter.com/EYZX6vm5Oh
— Dustin Grage (@GrageDustin) September 23, 2025
Keith Olbermann really needs help. The guy is just so out of control.
The post Keith Olbermann Backpedals Furiously With Apology for Threatening CNN’s Scott Jennings – Jennings Responds (VIDEO) appeared first on The Gateway Pundit.
Charlie Kirk assassin Tyler Robinson and roommate Lance Twiggs
Charlie Kirk assassin Tyler Robinson lived with his transgender partner – a male-to-female trans named Lance “Luna” Twiggs.
The FBI used Robinson’s texts with his transgender partner to solidify that Robinson was the assassin. Lance Twiggs has not been charged with any crime; however, federal authorities are still investigating.
Last week, Utah authorities released the text exchange between Tyler Robinson and his transgender lover, Lance Twiggs, sent shortly after Kirk’s assassination.
Utah County District Attorney Jeff Gray announced seven charges against Charlie Kirk assassin Tyler Robinson. They will also be seeking the death penalty.
Robinson was charged with:
– Count 1: Aggravated murder (capital offense)
– Count 2: Felony reckless discharge of a firearm causing bodily injury
– Count 3: Felony obstruction of justice for hiding the firearm
– Count 4: Felony obstruction of justice for discarding the clothing he wore during the shooting
– Count 5: Witness tampering for asking roommate to delete incriminating messages
– Count 6: Witness temperating for demanding trans roommate stay silent, and not speak to police
– Count 7: Commission of a violent offense in the presence of a child
Jeff Gray released the chilling texts between Tyler Robinson and his “love” Lance Twiggs.
Read the text exchange here:
Tyler Robinson texts with transgender lover Lance Twiggs / 1
Kirk assassin Tyler Robinson texts with transgender lover Lance Twiggs / 2
Lance Twiggs was reportedly cooperating with the FBI, however, according to the Daily Mail he has seemingly vanished.
“If [Lance Twiggs] ever comes back, it will be in a body bag,” a neighbor said to the Daily Mail. “That’s not a threat – I’m just saying that there are so many people who want a piece of him he’d be mad to show his face in public again. This was a generational event.”
The Daily Mail reported:
The Trans boyfriend of Charlie Kirk’s alleged assassin has fled their former lovenest – and locals tell the Daily Mail they never want to see him again.
Lance Twiggs, 22, was led away for questioning when police swooped on the smart three-bed condo he shared with accused gunman Tyler Robinson, 22.
Shaken neighbors say the part time plumber has not been back to the $320,000 property in St. George, Utah – one declaring: ‘Good riddance. I never want to see either of them again.’
His beaten-up Infinity compact is still parked in his space with his work gear tossed across the back seat and a sandwich wrapper and a drink on the front passenger seat.
Upstairs lights have been left on for more than a week and notes and Amazon packages are piling up outside the home owned by Twiggs’s devout Mormon family.
The post Where is Lance Twiggs? Kirk Assassin’s Transgender Lover Has Vanished appeared first on The Gateway Pundit.
21 Thrift Store Gems You Can Cash in On
How to Collect Social Security While Working (and Jobs to Consider)
Hurdle hints and answers for September 24, 2025
New Kid and Family Movies in 2025: Calendar of Release Dates (Updating)
Brooklyn Mirage Has Been Quietly Co-Managed by Hedge Fund Manager Axar Capital Amid Reopening Drama
The best sexting apps in 2025
-
Entertainment6 months agoNew Kid and Family Movies in 2025: Calendar of Release Dates (Updating)
-
Entertainment3 months agoBrooklyn Mirage Has Been Quietly Co-Managed by Hedge Fund Manager Axar Capital Amid Reopening Drama
-
Tech6 months ago
The best sexting apps in 2025
-
Entertainment5 months agoKid and Family TV Shows in 2025: New Series & Season Premiere Dates (Updating)
-
Tech7 months agoEvery potential TikTok buyer we know about
-
Tech7 months ago
iOS 18.4 developer beta released — heres what you can expect
-
Tech7 months agoAre You an RSSMasher?
-
Politics7 months agoDOGE-ing toward the best Department of Defense ever