Agencies increasingly rely on Software-as-a-Service (SaaS) platforms such as Salesforce for mission-critical functions, which offers them numerous benefits including flexibility, reducing upfront IT resource costs and delegating upgrades and patches to the provider. Using Salesforce does not remove the agencies’ responsibility for cybersecurity, however, and SaaS applications face their own risks, including misconfigurations, poor access...

It may seem ironic, but government agencies at all levels wrestle with the difficulty of compliance with regulatory requirements even as they issue regulations for others (sometimes including themselves) to meet. For example, just as the healthcare industry follows HIPAA, so too do Veterans Administration hospitals – along with all federal, state, local, tribal and territorial health organizations. Then there are government-only policies...

The state of New York is emphasizing improving its IT resilience. The state’s 2022-23 strategic plan focuses on moving off legacy systems, implementing an enterprise architecture, and improving service delivery to its residents, to name a few. In addition, the state has its first cybersecurity strategy, and created a Joint Security Operations Center. As the largest city in the United States, New York City has its own technology roadmap,...

The state of New York and many of its cities are aggressively pursuing a strategic overhaul of the delivery of services to residents. For instance, the state’s 2022-23 IT strategic plan emphasizes improving IT resiliency in part by getting away from legacy systems, implementing an enterprise architecture, and improving demand management and service delivery, to name a few. The state recently unveiled its new statewide cybersecurity strat...

With a growing number of dams approaching their design service life, dam safety engineers are looking for ways to mitigate the risks related to public safety, aging infrastructure and rising maintenance costs. Modernizing dam monitoring and maintenance practices with digital advancements, including the latest automated condition monitoring solutions, drone-captured reality modeling and digital twins, are giving public sector dam operators tool...

It is hard to think of a technology that has taken over the IT ecosystem faster than artificial intelligence. OpenAI released ChatGPT in November 2022, and yet it already has evolved so much that it bears little resemblance to v .0. The federal government has been moving quickly by its standards to address AI’s challenges and capabilities, including a Blueprint for an AI Bill of Rights, an AI Risk Management Framework from the National I...

State and local governments had to adapt quickly to the effects of the pandemic, as workers and residents alike were encouraged to shelter in their homes. This created major challenges for agencies’ IT systems and technical support staff. Rather than using a “hub-and-spoke” method of connecting employees to servers, data, applications, and each other – where cybersecurity focused on firewalls around the perimeter ...

Cybersecurity has always contended with evolving threats. As the internet has become more embedded into social and economic life and smart phones, tablets and other handheld devices become ubiquitous, bad actors have devised new attacks to capitalize on new vulnerabilities. And just as agencies are implementing zero trust architecture to help with this wave, other IT developments are threatening to upend cybersecurity even more. For instance,...

Cybersecurity has always contended with evolving threats. As the internet has become more embedded into social and economic life and smart phones, tablets and other handheld devices become ubiquitous, bad actors have devised new attacks to capitalize on new vulnerabilities. And just as agencies are implementing zero trust architecture to help with this wave, other IT developments are threatening to upend cybersecurity even more. For instance,...