How to Prevent & Manage Supply Chain Risks Last year foreign hackers secretly broke into a US-based IT security solution provider and added infected code into their software. As part of the company’s regular software update process, the company unknowingly forwarded malicious code, creating a backdoor to their clients' IT systems. Multiple government agencies and private organizations were impacted. The breach caught many of the Fede...

Staying Compliant Without Losing Agility Adhering to compliance regimes is more critical than ever. The need for robust control and compliance often conflicts with the desire for computing power and agility that the cloud offers. Altitude™ finally solves that problem by combining scalable cloud management with automated governance. It gives end-users guardrails – not speed bumps – so they can take full advantage of the cloud....

Cyber security policies have an avowed goal of improving cyber hygiene in the workforce. But outside of recommending a few best practices, such as asking people to use complex passwords, few government or private sector entities know what actions ensure cyber hygiene. The most widely applied solution remains security awareness training involving simulated phishing attacks in conjunction with some education to assess user readiness. But there i...

OVERVIEW By the beginning of 2021, NIST will have released the finals of many Risk Management Framework (RMF) standards: SP800-53 Rev 5 – Security Controls SP800-53B – Security Control Baselines, Privacy Framework SP800-160 Vol 2 – Systems Security Engineering SP800-161 Rev 1 – Supply Chain Risk Management SP800-171 Rev 2 – Controlled Unclassified Information (CUI) and High Valued Assets (HVA) Revisions to the NIS...

COVID-19 forced Federal agencies to quickly respond to an explosive global crisis, while protecting their employees and serving constituents, all without face-to-face interaction. The government’s massive response effort resulted in a rapid, transformative impact on the workforce. Now that agencies have had a chance to refocus their response efforts from triage to recovery, one thing remains clear — agency operations and employee e...

Technological advances are altering employee and citizen expectations. Hand-held devices allow users to obtain what they want, when they want it and, in the desired format. Citizens are spending more time online than ever before and have come to expect equal service capabilities from government and the private sector. Modern technology has placed the digital customer experience front and center. The Digital Experience is the sum of digital int...

Cloud Computing continues to grow in importance in the public sector. Agency personnel responsible for developing and implementing cloud-based solutions, for implementing data center consolidation and other technology efficiencies, continue to look for opportunities to learn about the best technologies, configurations, service and deployment models and appropriate mix of cloud services, based on their government agency requirements. Digital Go...

COVID-19 has accelerated government’s need to more effectively reach, serve and respond to the needs and interests of the always-on, always-connected public. With accelerated digital transformation underway, and an unprecedented rise in demand for trustworthy information, government communicators need a sound strategy to guide their efforts in the months ahead. Leading organizations prioritize understanding customer needs and pain points...

Data security threats continue to increase in number and sophistication. The growing use of collaborative technologies – from mobile devices and social media to virtualization and cloud computing – will continue to be one of the most significant factors impacting the security landscape. For these reasons, the federal government has increased efforts to minimize and prevent cyber security attacks, and will continue to place signific...

Recently, the National Institute of Standards and Technology (NIST) released the final Risk Management Framework (RMF) standard (SP800-37, Rev 2), an update to the Security Control Baselines (draft SP800-53, Rev 5), and a revision to the NIST Cyber Security Framework (CSF). RMF now requires an additional step, Preparation Step with 18 new Tasks, and the security control baselines families have increased from 18 to 21 to include more privacy an...