The Federal Government has spent a long time developing efficient, strong security practices to verify and authenticate identities. With scams, identity theft, and impersonators at an all-time high, the Federal Government has developed policies and training to prevent attacks. As a result, risk management strategies and internal control systems are implemented, monitored, and modified as necessary by management and governing bodies. A successf...

As part of the Infrastructure Investment and Jobs Act of 2021, Congress included $1 billion over the next four years for state, local and tribal governments to strengthen their cybersecurity. The Cybersecurity and Infrastructure Security Agency established the State and Local Cybersecurity Grant Program and the Tribal Cybersecurity Grant Program to distribute funds. The Federal Emergency Management Agency is responsible for administration and...

Current guidance has laid out the cybersecurity priorities that federal agencies should adhere to for the upcoming fiscal year 2024 budget cycle. Civilian agencies will need to focus on making investments within the three cyber investment priority areas: Strengthening the Foundations of Our Digitally-Enabled Future, Deepening Cross-Sector Collaboration in Defense of Critical Infrastructure, and Improving the Defense and Resilience of Governmen...

Combating modern-day software supply chain attacks is significantly more complicated than in the past. Adversaries are getting craftier and are no longer waiting to exploit publicly disclosed vulnerabilities to launch a cyberattack. By shifting their focus “upstream,” adversaries can infect a single open source component, which will then be distributed “downstream” using legitimate software workflows and update mechanis...

There is a focus on ensuring an agency’s cybersecurity is as up to date as possible. But, what does one do when all systems put in place to assist in threat attacks break down? Given the high stakes in today’s cyber threat landscape, a good cyber strategy must be based on the assumption that, sooner or later, the agency’s defenses will fail. This assumption places the agency’s one step ahead of the attack: knowing that...

Technology is arguably at the center of every agency today. Introducing new technologies is important but in order for an agency to use them effectively, the workforce must evolve with the tech. Closing the gap between technology skills that are needed for mission success and those that are available is one of the most important challenges government agencies face. There doesn’t seem to be a week that goes by without a new publication on...

Quantum computing is advancing rapidly, and its impact is likely to be large—their potential computational power that could render today’s encryption algorithms obsolete. To address this looming threat, the White House issued a National Security Memorandum on Promoting United States Leadership in Quantum Computing While Mitigating Risks to Vulnerable Cryptographic Systems (NSM 10) this May. The NSM 10 fact sheet states that ...

If your agency’s day-to-day operations are critically dependent on assets – such as processing equipment, facilities equipment, and infrastructure at large repair sites – maximizing uptime is a constant challenge. Without timely maintenance, equipment failure can be catastrophic, directly impacting operations and reducing mission readiness. The traditional approach of scheduled manual periodic checks and asset condition repor...

Cloud computing has introduced new complexities to the public sector, with teams now being responsible for maintaining scalable infrastructure and applications in increasingly complex and distributed environments. The demand for automation has produced a new role, which has arguably become one of the most critical functions in a cloud-first business: the site reliability engineer. DevOps has pushed a shared responsibility for the reliability a...

Implementing the widespread use of AI can be challenging with funding and training resources. Once the first stages of implementation have gone underway, an agency needs to tackle the problems with the ethical use of AI and ML. AI has the power to elevate the citizen experience, using predictions and recommendations, while reducing a major burden on governments. But, how does an agency ensure the ethical standards are there? How can we confirm...