Federal agencies are taking seriously the administration’s September 2024 deadline for implementing zero trust throughout government systems. When Executive Order 14028, “Improving the Nation’s Cybersecurity,” was issued in May 2021, it set tight deadlines for agencies to meet zero trust requirements. One year after the EO was released, a survey found that two-thirds of agencies said they would meet the maturity require...

In June 2019 the Office of Management and Budget released MemorandumM-19-21, directing all Executive Branch departments and agencies to transition to fully digitize all permanent records by Dec. 31, 2022. But many agencies are going to miss that deadline. Between the scope of the requirements and the effects of the pandemic, fully one-third of agencies have indicated they are going to miss the deadline. The challenge is not simply digitizing r...

Phishing continues to be one of the most common internet crimes today, but the stakes have risen enormously as our society has become online-driven. More than 80% of these attacks involve credential misuse in the network. With increased remote workers, users need a seamless mobile device experience to be able to do their jobs. Derived credentials allow agencies to utilize existing investments, adopt modern protocols, and apply phishing-resista...

Cyberattacks against organizations are now often using what might be considered a “bank shot” – planting malicious code in software components before they are used in products. When coders draw upon software libraries, whether open source or proprietary, to build new applications, they unwittingly include the malware. This is a less conspicuous method that threatens the software supply chain and harms organizations’ wil...

As part of the Infrastructure Investment and Jobs Act of 2021, Congress included $1 billion over the next four years for state, local and tribal governments to strengthen their cybersecurity. The Cybersecurity and Infrastructure Security Agency established the State and Local Cybersecurity Grant Program and the Tribal Cybersecurity Grant Program to distribute funds. The Federal Emergency Management Agency is responsible for administration and...

Our nation’s K-12 schools are data-rich, but often resource-poor. That combination makes them very attractive targets for ransomware attacks. The Multi-State Information Sharing and Analysis Center, part of the Center for Internet Security, just released a new report that 29% of its member organization reported being victims of ransomware attacks – and the rapid expansion of remote learning in response to the pandemic has only made...

Modernizing the Federal Acquisition Lifecycle As Federal procurement policy and processes become more complex, agencies must adapt their business processes and technology solutions to better enable their acquisition professionals to maintain compliance and efficiency while executing mission-critical tasks. IT modernization initiatives empower acquisition professionals and leadership to make better-informed decisions throughout each phase of th...

The state of Texas wants to accelerate the use of next-generation technology to deliver secure digital services. To that end, it has released its 2022-2026 State Strategic Plan for Information Resources Management, which sets four overarching goals: Secure IT service delivery Advanced data management Strategic digital transformation Proactive approach to emerging technologies Just as Texas agencies are looking to modernize and transform their...

The federal government continues to encourage agencies to move to the cloud. The Cybersecurity and Infrastructure Security Agency (CISA) in June published Cloud Security Technical Reference Architecture v.2 (TRA), which strengthens its guidance to meet cybersecurity standards laid out in Executive Order 14028, "Improving the Nation’s Cybersecurity." The TRA includes an introduction to the concept of “cloud security posture manageme...

Providing for our national defense, responding to natural disasters, and securing our infrastructure are just a snapshot of the kinds of services Americans expect of their government. Behind these activities are the 2.1 million federal civil servants who bring government agencies to life. These organizations are only as strong as their workforces are empowered and motivated. That motivation must be built on a combination of an unbreakable comm...