OVERVIEW By the beginning of 2021, NIST will have released the finals of many Risk Management Framework (RMF) standards: SP800-53 Rev 5 – Security Controls SP800-53B – Security Control Baselines, Privacy Framework SP800-160 Vol 2 – Systems Security Engineering SP800-161 Rev 1 – Supply Chain Risk Management SP800-171 Rev 2 – Controlled Unclassified Information (CUI) and High Valued Assets (HVA) Revisions to the NIS...

As DOD continues the roll-out of its Cybersecurity Maturity Model Certification program, both government acquisition professionals and the contracting community are scrambling to understand and implement the certification requirements. Join us to learn the latest on what is required and what may be ahead for acquisition and contracting executives concerning cyber certifications and audits as government and industry experts share their insights...

Two years after the White House issued an executive order creating a national strategy for artificial intelligence, agencies are moving past pilot projects and are looking for the next level of AI in government. Although some of the most visible projects are at NASA, DOD and IRS, many agencies are working on developing AI projects that support services, improve mission effectiveness and decision making and automate repetitive tasks. There is a...

As technology evolves, so do the threats to its security. The remote work shift caused by the continuing pandemic has pressed security teams to reassess how they verify and allow access. Zero Trust is a strategy, not a product, which reimagines the way access is granted to users, to data and to applications. Devices, which used to be central to identity, now include personal computers and home internet connections, which are not government iss...

The U.S. Equal Employment Opportunity Commission (EEOC) will host a VIRTUAL EEO Seminar, "Workplace Transformation- Light At The End Of The Tunnel And Along The Way", on March 31, 2021 from 12:00 pm – 3:10 pm EST. This highly informative and interactive seminar, featuring some of the EEOC’s most senior leaders, and other well-known and highly esteemed and sought-after speakers, will provide employers and employees in both the priva...

As the global pandemic continues and countries wait for a vaccine, estimates about when federal employees will return to their offices in force range from Summer 2021 to Never. Many organizations have discovered the advantages of telework and now plan on expanding its use, even when there is not a snowstorm or health crisis. Although some jobs require on-site personnel, the Office of Personnel Management said that 42% of federal employees are...

In October of 2020, then-Defense Secretary Esper defined defense readiness as "our military’s ability to answer the nation’s call, and to fight and win, anytime, anywhere. … The question we must answer is this: if called upon to fight tonight, are we ready?" Ensuring that answer is "yes" demands change in every corner of the Department of Defense, and especially in the technology that will power tomorrow's military. Cybersec...

The federal government has been working to update its policies, architectures and frameworks around digital identity for some time. OMB revised its Identity Credential and Access Management guide in May of 2019 and that National Institute for Standards and Technology has been working on an updated version of its guidance on security and privacy controls for information systems. Then, the pandemic hit, and all programs went into overdrive as ag...

High-value penetration testing doesn't involve just throwing a bunch of hacks at a target environment and declaring victory when a shell prompt magically pops up. Instead, the best penetration testers focus on understanding their craft in-depth, providing significant value to organizations by improving their security stance through technical excellence and implementation of a well-understood and repeatable methodologies, which will deliver rea...

IT modernization has been a federal priority for years, but many agencies still struggle to turn that goal into a practical plan of action. Securing multi-year funding is one challenge, but the fundamental obstacle is often the sheer complexity of transforming government-scale systems. Smart, successful modernization demands a holistic approach that addresses several essential pillars: security, network infrastructure, multi-cloud architecture...