Category Archives: Event News Articles

Event News Articles on GovEvents Blog includes editorials directly pertaining to Government & Military Event News.

Building the Case for Digital Evidence

Posted on by

Every crime has digital evidence, whether it's a suspect's cell phone, a witness's cell phone video, camera footage from a doorbell, a fitness tracker, or data from any number of IoT devices and sensors. This wealth of digital data is both an asset and a challenge for law enforcement. Six out of ten professionals now rank digital evidence as more important than DNA evidence. However, the sheer volume of digital evidence--the average device holds 60,000+ messages, 32,000+ images, and 1,000+ videos--provides challenges for understaffed teams that often rely on manual processes to review these valuable assets.

As digital evidence continues to grow in volume and importance, law enforcement agencies across the nation are looking for ways to more efficiently review, manage, and secure this critical asset. Continue reading

Support for Zero Trust Transitions Continues to Grow

Posted on by

Passwords, encryption, firewalls, VPNs, and two-factor authentication were all novel approaches to securing information held in IT systems. In just three years, zero trust is emerging as the next key security practice to become "table stakes" for government systems. The move to zero trust is not without challenges, but agencies are finding support in newly created offices and cutting-edge technology for meeting the critical need to constantly authenticate and authorize users on a given system.

Top-Down Support

A number of formalized zero-trust programs, offices, and guidance have become part of the landscape of government to support the mandated journey to zero trust. The NIST Zero Trust Framework, the Federal Zero Trust Strategy, and Cybersecurity and Infrastructure Security Agency's (CISA) Zero Trust Maturity Model started agencies down the path. Recently, CISA opened the Zero Trust Initiative Office to help agencies move through their maturity model with training, resources, and opportunities to collaborate with peers. The office will set metrics and benchmarks to track agency progress toward zero-trust maturity and will provide a community of practice for agency zero-trust leaders to connect and share best practices. Continue reading

State and Local Governments Building Trust with Transparency

Posted on by

Citizens typically report more trust in state and local governments than in the federal government, but that does not mean that there is no work to be done on improving citizen experience and trust. A recent study found that about 45% of Americans have a less-than-favorable view of the trustworthiness of local governments. This number has become worse since 2017, when only 40% expressed a less than favorable outlook.

Key to building trust is transparency--showing the work being done, the reasons decisions were made, as well as the process for obtaining services from government. With more and more government services moving online, it would seem that this transparency would be easier than ever to provide, but in fact, the digitization of government can often have the opposite effect. Continue reading

A Cloudy Forecast for Government

Posted on by

The need for cloud computing has moved beyond simple cost-saving calculations. The elasticity and scalability of cloud meet the demands citizens have for digital services to be efficient and personalized. Cloud is also critical for AI adoption, providing the processing power needed to facilitate the training and use of AI models.

Government Moves to Mostly Cloudy

Based on these capabilities, the use of cloud is increasing. A recent Government Accountability Office (GAO) study found that the use of the Federal Risk and Authorization Management Program (FedRAMP) increased by about 60% between July 2019 and April 2023. Continue reading

The Changing Identity of Identity Management

Posted on by

A key element of the move to zero trust is the use of "strong multi-factor authentication (MFA) throughout their enterprise." While identity management has been indicated by many as the "low hanging fruit" of a zero-trust journey, it is by no means easy. In fact, recent guidance from the Cybersecurity and Infrastructure Security Agency (CISA) and the National Security Agency (NSA) called it "notoriously difficult."

Key challenges to implementing MFA include:

  • Lack of standards - the CISA/NSA guidance pointed to confusion over MFA terminology and vague policy instructions as primary challenges to implementing more secure access. A joint committee of European Union (EU) and U.S. experts addressed this same issue in the Digital Identity Mapping Exercise Report, which aimed to define specific digital identity technical terminology. For example, the group found some definitions, such as "authoritative source" and "authentication factor," are identical between the U.S. and EU, whereas others, like "identity" and "signature," remain only partially matched.
  • Phishing - bad actors do not always hack the system; they hack the process, gaining entry through social-engineering tactics that grow more sophisticated by the day. The CISA/NSA report called on the vendor community to provide MFA services with additional investments and greater defenses against sophisticated attacks.
  • Rise of Generative AI - The Department of Homeland Security (DHS) is working to ensure technologies can determine if a submitted image is legitimate or a hacker's spoof. This "liveness detection" is needed to ensure that a submitted selfie is really a photo of a person, not a mask, photo of a photo, or other technique to try to get past the check.

Continue reading