Zero Trust is a key component of every federal IT initiative and modernization effort. The Executive Order on Improving the Nation’s Cybersecurity, the CISA Zero Trust Maturity Model, the DISA Zero Trust Architecture, and various NIST guidance all include mission critical elements for zero trust implementation. Although the principals of Zero Trust are widely accepted, the implementation process is a detailed and time-consuming process....

Zero Trust is a key component of effectively securing government networks, data, and information. The Executive Order on Improving the Nation’s Cybersecurity, the CISA Zero Trust Maturity Model, the DISA Zero Trust Architecture, and various NIST guidance all include guidance for zero trust architectures. Zero Trust is not a specific tool, but rather an approach to an agency’s security posture. The right way to approach it quickly b...

The Federal Information Security Modernization Act (FISMA) codifies the Department of Homeland Security's role in administering the implementation of information security policies created by NIST in order to secure federal information system security. 2021 brought many changes to Federal Cybersecurity requirements that will impact FISMA compliance—and affect government and contractor information systems and enterprises. Specifically, NIS...

Ransomware is a form of malware designed to encrypt data files rendering any files on the computing device unusable. Once files are encrypted a ransom is demanded in exchange for decryption keys. Ransomware is a major ongoing security problem and a growing national security threat. Government agencies are organizing on numerous fronts to combat ransomware. On July 15, 2021 the U.S. Government launched a new One-Stop Ransomware resource at stop...

OVERVIEW By the beginning of 2021, NIST will have released the finals of many Risk Management Framework (RMF) standards: SP800-53 Rev 5 – Security Controls SP800-53B – Security Control Baselines, Privacy Framework SP800-160 Vol 2 – Systems Security Engineering SP800-161 Rev 1 – Supply Chain Risk Management SP800-171 Rev 2 – Controlled Unclassified Information (CUI) and High Valued Assets (HVA) Revisions to the NIS...

Public sector organizations face a unique challenge when it comes to the cloud: how can they successfully migrate their operations while maintaining an air-tight, heavily regulated, massively distributed environment? To solve this problem, Amazon created the AWS GovCloud (US), accessible to US customers who meet strict security and compliance standards. Whether you’re currently on GovCloud or planning to migrate, Datadog - in partnership...

Government agencies are using cloud computing solutions to reduce costs, increase efficiencies and improve service delivery. As the public sector continues to expand cloud adoption, the need for securing government data in the Cloud remains a top priority. DGI’s virtual Cloud Security Conference will explore the policies, applications, strategies, technologies, and best practices associated with securing the government Cloud.

OVERVIEW By the beginning of 2021, NIST will have released the finals of many Risk Management Framework (RMF) standards: SP800-53 Rev 5 – Security Controls SP800-53B – Security Control Baselines, Privacy Framework SP800-160 Vol 2 – Systems Security Engineering SP800-161 Rev 1 – Supply Chain Risk Management SP800-171 Rev 2 – Controlled Unclassified Information (CUI) and High Valued Assets (HVA) Revisions to the NIS...

Section 889 of the 2019 National Defense Authorization Act prohibits the federal government, government contractors, and grant and loan recipients from procuring or using “covered equipment or services” that are produced by Huawei, ZTE, Hytera, Hikvision, and Dahua. In addition to the expected due diligence around third-party suppliers, buyers are required to rapidly report any covered equipment or services discovered during contra...

Build low, SHIFT high Commercial software is not inherently designed to run in restricted and classified cloud environments, where security must meet very strict standards. With SHIFT, your development team can expedite the launch of your commercial software in these regions with confidence that it will work. Whether you're a government agency needing tools to help advance your mission, a system integrator looking to use both cleared and uncle...