Keeping systems patched and secure is one of the biggest ongoing challenges faced by federal IT professionals. Applying patches can be tedious and error prone, and extremely difficult to manage in large-scale environments. Having roots in ‘open source’, Linux offers significant security advantages to include keeping all software versions and patches up to date. This informative, educational, 30-minute webinar provides an easy-to-un...

As supply chain complexity continues to grow, so does the need for illumination and regulatory standards. Federal contractors need to be aware of the updated NIST guideline requirements and best practices for implementation.

How to Prevent & Manage Supply Chain Risks Last year foreign hackers secretly broke into a US-based IT security solution provider and added infected code into their software. As part of the company’s regular software update process, the company unknowingly forwarded malicious code, creating a backdoor to their clients' IT systems. Multiple government agencies and private organizations were impacted. The breach caught many of the Fede...

Staying Compliant Without Losing Agility Adhering to compliance regimes is more critical than ever. The need for robust control and compliance often conflicts with the desire for computing power and agility that the cloud offers. Altitude™ finally solves that problem by combining scalable cloud management with automated governance. It gives end-users guardrails – not speed bumps – so they can take full advantage of the cloud....

Cyber security policies have an avowed goal of improving cyber hygiene in the workforce. But outside of recommending a few best practices, such as asking people to use complex passwords, few government or private sector entities know what actions ensure cyber hygiene. The most widely applied solution remains security awareness training involving simulated phishing attacks in conjunction with some education to assess user readiness. But there i...

OVERVIEW By the beginning of 2021, NIST will have released the finals of many Risk Management Framework (RMF) standards: SP800-53 Rev 5 – Security Controls SP800-53B – Security Control Baselines, Privacy Framework SP800-160 Vol 2 – Systems Security Engineering SP800-161 Rev 1 – Supply Chain Risk Management SP800-171 Rev 2 – Controlled Unclassified Information (CUI) and High Valued Assets (HVA) Revisions to the NIS...

Data security threats continue to increase in number and sophistication. The growing use of collaborative technologies – from mobile devices and social media to virtualization and cloud computing – will continue to be one of the most significant factors impacting the security landscape. For these reasons, the federal government has increased efforts to minimize and prevent cyber security attacks, and will continue to place signific...

Recently, the National Institute of Standards and Technology (NIST) released the final Risk Management Framework (RMF) standard (SP800-37, Rev 2), an update to the Security Control Baselines (draft SP800-53, Rev 5), and a revision to the NIST Cyber Security Framework (CSF). RMF now requires an additional step, Preparation Step with 18 new Tasks, and the security control baselines families have increased from 18 to 21 to include more privacy an...

Recently, the National Institute of Standards and Technology (NIST) released the final Risk Management Framework (RMF) standard (SP800-37, Rev 2), an update to the Security Control Baselines (draft SP800-53, Rev 5), and a revision to the NIST Cyber Security Framework (CSF). RMF now requires an additional step, Preparation Step with 18 new Tasks, and the security control baselines families have increased from 18 to 21 to include more privacy an...

Digital Government Institute is privileged to work with some of the best and brightest government leaders regarding all aspects of conference development, to include our advisory boards and conference programming. We are especially excited about the upcoming 12th annual Cyber Security Conference, scheduled for November 14 – an event to highlight women in Cybersecurity. These Cyber Leaders will share their capabilities, experiences, lesso...