Cyberattacks against organizations are now often using what might be considered a “bank shot” – planting malicious code in software components before they are used in products. When coders draw upon software libraries, whether open source or proprietary, to build new applications, they unwittingly include the malware. This is a less conspicuous method that threatens the software supply chain and harms organizations’ wil...

As part of the Infrastructure Investment and Jobs Act of 2021, Congress included $1 billion over the next four years for state, local and tribal governments to strengthen their cybersecurity. The Cybersecurity and Infrastructure Security Agency established the State and Local Cybersecurity Grant Program and the Tribal Cybersecurity Grant Program to distribute funds. The Federal Emergency Management Agency is responsible for administration and...

Our nation’s K-12 schools are data-rich, but often resource-poor. That combination makes them very attractive targets for ransomware attacks. The Multi-State Information Sharing and Analysis Center, part of the Center for Internet Security, just released a new report that 29% of its member organization reported being victims of ransomware attacks – and the rapid expansion of remote learning in response to the pandemic has only made...

Modernizing the Federal Acquisition Lifecycle As Federal procurement policy and processes become more complex, agencies must adapt their business processes and technology solutions to better enable their acquisition professionals to maintain compliance and efficiency while executing mission-critical tasks. IT modernization initiatives empower acquisition professionals and leadership to make better-informed decisions throughout each phase of th...

The state of Texas wants to accelerate the use of next-generation technology to deliver secure digital services. To that end, it has released its 2022-2026 State Strategic Plan for Information Resources Management, which sets four overarching goals: Secure IT service delivery Advanced data management Strategic digital transformation Proactive approach to emerging technologies Just as Texas agencies are looking to modernize and transform their...

The federal government continues to encourage agencies to move to the cloud. The Cybersecurity and Infrastructure Security Agency (CISA) in June published Cloud Security Technical Reference Architecture v.2 (TRA), which strengthens its guidance to meet cybersecurity standards laid out in Executive Order 14028, "Improving the Nation’s Cybersecurity." The TRA includes an introduction to the concept of “cloud security posture manageme...

Providing for our national defense, responding to natural disasters, and securing our infrastructure are just a snapshot of the kinds of services Americans expect of their government. Behind these activities are the 2.1 million federal civil servants who bring government agencies to life. These organizations are only as strong as their workforces are empowered and motivated. That motivation must be built on a combination of an unbreakable comm...

The upheaval in the American workforce due to the Covid-19 pandemic and volatility in the nation’s economy provide a perfect opportunity for the government to retain the next generation of employees. Gen X workers are generally between 40 and 54 years old, in the prime of their lives, concerned with stability and opportunities to improve their own and their families’ quality of life. The Gen Z cadre, roughly 20 to 24 years old, are...

Ransomware continues to be one of the single biggest threats to government networks, and IT professionals are increasingly worried about employees who work remotely ignoring security guidance and clicking on malware-infested links or attachments. Their concerns are justified, particularly with regard to highly evasive adaptive threats that target web browsers and take active measures to avoid detection by current-generation security. These att...

There is increased focus within agencies at all levels of government on “environmental, social and governance” (ESG) policies – already making an impact in the business world – as a framework for agencies to minimize their environmental impact while creating an inclusive and values-led culture for employees. It’s also about creating equitable experiences for the people and organizations they serve. For instance, i...