The State of Cybersecurity in the States

State and local agencies are some of the most attractive and vulnerable targets for cyber criminals. In 2023, malware attacks increased by 148%, and ransomware incidents increased by 51%. These agencies are targeted because they hold valuable personal data on citizens and control critical services--yet their security efforts have historically been underfunded and under-resourced. However, the tide may be changing.

A report on the ransomware experiences of state and local government in 2024 showed a dramatic decrease in the number of those organizations that were impacted this year. The report found ransomware attacks impacting 34% of state and local governments, marking a sharp decrease from the 69% affected in 2023. Let's take a look at some of the trends and activities that are fueling the improvement in state and local cybersecurity. Continue reading

Zero Trust Passes Key Milestone

In January 2022, the Zero Trust Federal Strategy set a deadline of September 30, 2024, for agencies to adopt some level of zero trust architecture. Based on early indications, agencies have largely met zero-trust goals. The Federal CIO reported in early September that the 24 CFO Act agencies were all over 90% of the way to meeting the zero-trust goals. Beyond that group, the federal government as a whole was at 87% goal completion.

What's Changed?

The shift to zero trust is a response to the way government and citizens are using technology. With the increased use of cloud-based solutions, the traditional "castle and moat" security that protected on-premise infrastructure no longer supports the way applications are being deployed. Zero Trust focuses on continually verifying that users have permission to access the data and systems they are using. Gaining access requires coordination among a number of technologies that all work with a common set of user identification and access policies. Continue reading

Closing the Government Workforce Gap with Innovation in Hiring and Training

Younger workers are not replacing the aging and rapidly retiring federal government workforce at an equal rate. Additionally, the work of government has changed, requiring specialized skills in cybersecurity and Artificial Intelligence (AI) not just in technology jobs but in careers across all departments. There are simply not enough candidates to fill these positions (40,000 in cybersecurity alone) utilizing standard hiring practices. Given this reality, hiring officials are getting innovative in how they fill technical roles.

Utilizing Existing Programs

The Biden administration has worked to modernize internships, apprenticeships, and fellowships to attract younger, less experienced workers to build their resumes within government. The pay for participants in these programs has been raised considerably, making them more attractive and practical to a wider base of people. An apprenticeship sprint for cybersecurity resulted in 7,000 apprentices being hired. These programs are also being used to fast-track development efforts, giving participants real assignments to develop solutions that can be put into use in government today. Continue reading

How CX Is Driving Government Modernization

Improving the "customer" experience (CX) for citizens interacting with the government has been a focus for several administrations. The reason is that better experience equals improved trust in government. It's critical that our systems live up to the promise of government for the people.

Defining the Pieces of CX

A critical part of getting experience right is understanding the different pieces that make up a customer experience. Words like "experience" and "service" are often used interchangeably when talking about CX efforts, but it is important to understand some key differentiators. Continue reading

New Tech Means New Acquisition Strategies for DoD

With more and more battles being fought in cyberspace, the pace of warfare has accelerated. However, the systems that support our warfighter were not designed to support the speed or types of products and services needed for modern defense. This year's AFCEA West Conference is focused on ensuring acquisition and readiness are on pace to meet global security demands. Ensuring our warfighters get the tools they need when they need them is a critical effort requiring evolution and reform of defense acquisition.

Improved Private Sector Coordination

A congressional hearing in late 2023 discussed the need for the Department of Defense (DoD) to tap into the innovation taking place in the private sector to stay competitive with global adversaries. A draft of the national defense industrial strategy stated that the defense industrial base "does not possess the capacity, capability, responsiveness, or resilience required to satisfy the full range of military production needs at speed and scale." Continue reading