OMB’s memorandum M-22-09, “Moving the U.S. Government Towards Zero Trust Cybersecurity Principles,” is setting deadlines for implementation across the government. Specifically, the memo calls out the end of FY24 – an extremely short time frame in government circles – for multiple actions across the CISA-defined five pillars of a Zero Trust Architecture. One of the most important actions is for agencies to move to...

Shifting left and building software with security and compliance integrated from the start is critical to increasing trust in our digital infrastructure. As we have seen through recent executive orders and Department of Defense (DoD) memos, creating a foundation that enables a continuous ability to quickly certify and deliver software is critical to federal organizations being responsive enough to meet their missions. Enabling the Assessor to...

Most IT leaders acknowledge the growing threat from ransomware, however many state and local governments are unprepared to prevent or respond to it. When an agency does not know the blast radius of an attack, whether sensitive data is affected, or how long it may take to recover, the only option they are often left with is to pay up. In order to protect themselves against an organized, well-resourced attacker agencies need a strong security po...

GSA in coordination with the IPv6 Federal Task Force, and sponsored by the CIO Council, is hosting an IPv6 summit to address the Federal community’s desire to bring together Federal agencies and industry partners to discuss IPv6 priorities, share IPv6 success stories and lessons learned, and identify partnerships between industry and government to better assist agencies in the transition to an IPv6-only environment. This Virtual Summit i...

Embracing a decentralized modern enterprise IT ecosystem means accepting that mission critical workloads don’t just run inside of the data center. Modern customer and employee experience demands from the business are rapidly forcing IT leaders to adapt to a hybrid environment approach. Application and data are increasingly spread among multiple agencies, legacy data centers, hyperscaler clouds, software as a service (SaaS) providers, and...

Federal government agencies rely extensively on IT products and services to carry out their operations. There is, however, cybersecurity supply chain risk in connection with acquiring, deploying and using these products and services. This is evidenced by the numerous supply chain attacks over the past decade such as the Target data breach in 2013, Solarwinds attack in 2020 and Kaseya attack in 2021. As a result, the federal government has take...

Cyber-attacks and other disasters pose a constant risk to the IT operations of government agencies. The damage inflicted by these disruptions range in levels of severity and leave critical data and IT investments at risk for every hour of downtime. Preparing for a potential disaster may seem extreme, but thinking ahead and creating a plan for how to respond can make all the difference. A trustworthy modern data protection solution enables agen...

Federal agencies with a well-rounded IT situational awareness capability can provide decision makers with the depth and breadth intelligence to gain greater IT visibility to run their operation better in support of their mission. Leaders can gain insights on what IT products are running in the environment, how much they are paying for them, which digital assets are at risk of cyber incidents, and how to move them to the cloud intelligently and...

The ATARC Hyperautomation Working Group believes that government services can be delivered faster with streamlined and quality work products. ATARC's Hyperautomation Working Group invites teams to enter the Hackathon Challenge which will consist of government and industry leaders automating workflows and processes that provide improved citizen and employee experience. Teams will compete to demonstrate how the government and industry can levera...

In response to the Executive Order on Improving the Nation’s Cybersecurity published in May 2021, new mandates call for accelerating the adoption of secure open source software (OSS) and commercial off-the-shelf solutions to speed software delivery from years to minutes. Additionally, the National Institute of Standards and Technology (NIST) has provided updated guidance for strengthening the security of critical software purchased by U....