4, ba Are your ITGC audits really helping to reduce your cybersecurity risks? This CPE internal auditor training event is designed for the financial auditor and IT auditor who need to improve their practical knowledge covering information technology general controls (ITGC). The attendees are walked through the concepts and frameworks that are important to the ITGC internal audit activities in order to create an added value for their organizati...

The nation’s defense systems and capabilities are challenged as never before-- on the ground, in the air, on the seas, in cyberspace and real space. The military must rise to those challenges on all those fronts to ensure the nation is secure. Information technology remains warfighters’ and defenders’ powerful primary tool for their jobs. From cloud computing, cybersecurity and artificial intelligence, to machine learning and...

When the National Artificial Intelligence Initiative Act became law at the beginning of 2021, it added resources and high level support for the government’s expansion of its pilot AI projects into large scale applications. A new AI Initiative Office was created at the White House to provide policy guidance and help speed the use of AI to leverage government data. The Government Accountability Office published its Federal AI Accountabilit...

The COVID pandemic spurred agencies to move their data and applications to the cloud quicker than many had planned to make it more accessible for a remote workforce and to protect it from intensifying cyberattacks. More than a year into the new normal world of remote work, agencies are evaluating the best ways to secure the hybrid and multi clouds and their data troves to make sure it can meet the increased challenges. In May 2020, the Biden A...

OVERVIEW By the beginning of 2021, NIST will have released the finals of many Risk Management Framework (RMF) standards: SP800-53 Rev 5 – Security Controls SP800-53B – Security Control Baselines, Privacy Framework SP800-160 Vol 2 – Systems Security Engineering SP800-161 Rev 1 – Supply Chain Risk Management SP800-171 Rev 2 – Controlled Unclassified Information (CUI) and High Valued Assets (HVA) Revisions to the NIS...

OVERVIEW By the beginning of 2021, NIST will have released the finals of many Risk Management Framework (RMF) standards: SP800-53 Rev 5 – Security Controls SP800-53B – Security Control Baselines, Privacy Framework SP800-160 Vol 2 – Systems Security Engineering SP800-161 Rev 1 – Supply Chain Risk Management SP800-171 Rev 2 – Controlled Unclassified Information (CUI) and High Valued Assets (HVA) Revisions to the NIS...

As DOD continues the roll-out of its Cybersecurity Maturity Model Certification program, both government acquisition professionals and the contracting community are scrambling to understand and implement the certification requirements. Join us to learn the latest on what is required and what may be ahead for acquisition and contracting executives concerning cyber certifications and audits as government and industry experts share their insights...

As the global pandemic continues and countries wait for a vaccine, estimates about when federal employees will return to their offices in force range from Summer 2021 to Never. Many organizations have discovered the advantages of telework and now plan on expanding its use, even when there is not a snowstorm or health crisis. Although some jobs require on-site personnel, the Office of Personnel Management said that 42% of federal employees are...

With the flip of a switch, COVID-19 accelerated digital transformation for many agencies to empower an expanded remote workforce to deliver on their mission. As we approach a year of that switch, along with the hope of returning to “normal,” securing the remote workforce remains a top concern. With that in mind, we invite you to register and join us for a virtual Azure Government Meetup, "Securing your agency’s remote workfor...

High-value penetration testing doesn't involve just throwing a bunch of hacks at a target environment and declaring victory when a shell prompt magically pops up. Instead, the best penetration testers focus on understanding their craft in-depth, providing significant value to organizations by improving their security stance through technical excellence and implementation of a well-understood and repeatable methodologies, which will deliver rea...