FITARA 8.0 – No News is Good News

Posted on September 12, 2019 by Kerry Rea President of GovEvents

In place since 2014, the Federal Information Technology Acquisition Reform Act (FITARA) has aimed to provide guidance and checkpoints for agencies' modernization efforts. Over the years, the compliance status of the agencies has had its ups and downs.

The latest report card, issued in June 2019 showed fairly steady performance when it comes to meeting FITARA goals and mandates. This 8.0 report card was the first to include a cybersecurity score that focused on FISMA (Federal Information Security Modernization Act) compliance. This report also took out the score for Data Center Optimization Initiative (DCOI) as the majority of agencies are holding steady on that score and/or it is complicated by technology interdependencies.

Continue reading →

Department Spotlight: The Department of Energy

Posted on August 7, 2019 by Kerry Rea President of GovEvents

The mission of the Department of Energy (DOE) is "to ensure America's security and prosperity by addressing its energy, environmental, and nuclear challenges through transformative science and technology solutions." Technology plays a huge role in both the research surrounding and protection of energy resources.

The DOE may lead the government in their use of supercomputer technology. In fact, supercomputering is one of the key focus areas in the agency's budget. This spring the DOE issued a contract that will allow them to build the world's most powerful computer with a performance greater than 1.5 exaflops. Supercomputers, like the one being built, provide researchers with the needed speed and scale to conduct scientific modeling and simulations as well as utilize AI and analytics for activities as diverse as manufacturing and public health.

Of course, the security of the data running through these supercomputers, as well as the national power grid itself is of paramount focus for the DOE. To support these growing needs, the DOE is looking to blockchain as a way to secure energy delivery and more.

We've pulled together a list of upcoming events that will help the DOE, as well as the companies that serve it, better understand the technologies that can ensure our energy supply remains secure and efficient.

Continue reading →

Insider Threat Goes Mobile

Posted on July 24, 2019 by Kerry Rea President of GovEvents

Insider Threat has been a recognized attack and vulnerability vector for some time. In fact, one survey found that government IT professionals report that insider threats are at an all-time high. One source of this increase may be the rise in the use of mobile devices to access government systems. The main challenge in securing mobile access is ensuring that the person who owns the device is the one actually using it and the apps that reside on it. The portability and ease with which devices are lost and misplaced complicate security authentication efforts. But there are ways to mitigate this risk.

Agencies have looked to multi-factor identification to confirm the person accessing the system is who they say they are. This process includes combining two or more credentials. Typically this is something a person knows (a password), and something they have (an access card or a fingerprint). A practice growing in popularity as part of multi-factor identification is behavioral analytics (BA). This looks at how users typically interact with an application or device analyzing things like browsing habits, message syntax, even how they hold the device. If the behavior is out of the realm of normal, the system can lock that user out until they prove their identity another way.

Implementing these types of identity tracking and management is, of course, not without issue. The Department of Homeland Security is being challenged to put more procedures and policies in place to ensure its insider threat program doesn't violate employees' Fourth Amendment rights (protection against unreasonable searches and seizure).

There are many events in the coming months that include a deep look at insider threat and identity management to help navigate these security challenges.

Continue reading →

An Agile Modernization

Posted on July 10, 2019 by Kerry Rea President of GovEvents

As government agencies look to respond to modernization calls from the executive branch as well as citizens at large, agile and DevOps practices are being employed to help speed time to "market" with new applications. A report issued in early 2019 found that sixty-nine percent of respondents said that their organizations are piloting agile, if not partially or fully adopting it. But, the same report also saw a significant percentage of respondents say that agile met their expectations "less than expected" and "much less than expected." So, if agile is seeing an uptick in use, why is it not meeting expectations?

The issue may lie heavily in training and understanding. Agile is not just a new process; it's a new mindset. It requires a new organizational structure that is a departure from the traditional command and control hierarchy of government. Agile teams are relatively flat with everyone holding interconnected and equally important roles. There's not only a logistical change that needs to happen in terms of org charts and structures, but also a cultural shift to a collaboration-driven rather than command-driven environment.

To begin really seeing the benefits of adaptability, speed, and cost efficiencies agile promises, people need to be trained not only on the process but on the softer skills of communication and collaboration that power the process. We've pulled together a collection of upcoming events that may help. Continue reading →

Small Area, Small Problems? Not the Case with State and Local Governments

Posted on June 21, 2019 by Kerry Rea President of GovEvents

The operating challenges around budgets, resources, and legacy technology we see at the Federal level are amplified at the state and local level. Just because these groups are responsible for a smaller population does not mean their problems are smaller. On the contrary, historically low staffing levels and a geographically-limited pool of talent feed into the core challenges that all government teams face.

Security - Securing systems and the data that lives on those networks is now seen as a focus beyond IT. Everyone plays a role in cybersecurity, and there is a real need to update systems and processes as well as educate users.

Innovation - Since teams are so busy with day-to-day operations, stepping back to foster innovation can be difficult. Many are finding ways to make the transformation work. In fact, some of the most innovative public sector programs are happening on the local level.

Managing change - Communication is key in implementing change within small, tight-knit teams. Participation in decision making ensures that new solutions meet the needs of the workforce as well as the citizens.

Finding time for training - All of the challenges above feed into an inability to make time for training and education to keep up with the rapidly evolving technology field. Continue reading →

Tag Archives: cybersecurity

Department Spotlight: The Department of Energy

Insider Threat Goes Mobile

An Agile Modernization

Small Area, Small Problems? Not the Case with State and Local Governments

CEUs

CFPs

Please enter your email and password: