5 Keys to Getting the Most Out of Event Attendance

Attending an event, whether online or in person, is an investment of time and money. It's an investment well worth making to further your professional education, make new personal connections (as well as those that will benefit your organization), and provide a platform to promote your organization and its activities. In order to get approval to spend the time away from daily responsibilities, and to use professional development funding from your organization, you'll need to show how you plan to make the most of your investment of time and money.

Consider these tips as you register for your next event. Continue reading

New AI Guidance, Similar Goals

In early April, the White House Office of Management and Budget (OMB) released a pair of memos to provide agencies with guardrails for how they use and purchase artificial intelligence (AI). These memos replaced guidance issued by the previous administration but maintain many of the same structures.

The first memorandum, M-25-21, gives agencies three priorities when accelerating the federal use of AI: innovation, governance, and public trust. It states, "...agencies are directed to provide improved services to the public, while maintaining strong safeguards for civil rights, civil liberties, and privacy." The memo maintains items that were established under the Biden administration, including:

  • The creation of chief AI officer roles and AI councils "to serve as change agents and AI advocates, rather than overseeing layers of bureaucracy."
  • Implement minimum risk management practices for "high-impact" AI use--those applications of AI that could have significant impacts when deployed.

Continue reading

Introducing FedRAMP 20x

The Federal Risk and Authorization Management Program (FedRAMP), designed to ensure services offered by cloud providers meet certain cybersecurity requirements before government agencies can use them, is getting an update. FedRAMP 20x is focused on introducing automation to increase the pace of authorizations, a longstanding issue with the program.

A key change is moving from manual compliance checklists to automated security validations. The stated goal is having automated validation for over 80% of the program's security requirements, as opposed to the written explanations currently required. Currently, FedRAMP packages contain hundreds or even thousands of pages of text, screenshots, and logs, which are expensive to produce and keep current, and provide little ongoing value to the government or the vendor. This updated effort is delivering on language in the 2023 FedRAMP authorization bill as well as the revamped guidance issued in the summer of 2024 that focused on introducing automation.

This automation will also address recent cuts to FedRAMP staff. The program eliminated nearly all contractor positions (around 80 in total). To make up for the cuts in contractors, the General Services Administration (GSA) has been growing the government staff over the past year with a group of 18 employees managing the program today. Continue reading

Event Spotlight: Gartner Security & Risk Management Summit

The 2025 Gartner Security & Risk Management Summit invites attendees to "Engage. Innovate. Lead." The event draws on the expertise of Gartner analysts to address the challenges of increasingly complex cyber environments, providing insights on cybersecurity strategy and innovation, leadership, business engagement, metrics, risk management, cloud security, data security, AI, and more.

Access to Gartner analysts is a major feature of the summit. In addition to presenting research and insights in sessions, analysts are available to meet with attendees throughout the event.

This year's summit is being held June 9-11 in National Harbor, MD, just outside of Washington, DC. Gartner has seen tremendous growth in interest over the years, and this year's gathering is expected to be the biggest yet, with around 5,400 attendees. This growth can be attributed to the increased use of artificial intelligence (AI). AI use introduces new efficiencies to organizations but also opens up new opportunities for threat actors to infiltrate and impact those groups. Additionally, regulations around AI use are just being developed, leaving many chief information security officers (CISOs) unsure of how best to implement and secure AI, as well as how to communicate the associated risks to senior stakeholders. Continue reading

Navigating Government Event Travel and Spending Restrictions

The Department of Government Efficiency Cost Efficiency Initiative Executive Order (EO 14222) looks to transform "Federal spending on contracts, grants, and loans to ensure Government spending is transparent and Government employees are accountable to the American public." One specific focus mentioned is spending on travel. In addition to an initial freeze on travel, the EO also mandates agencies implement an online system for employees to submit "written justification for ... [non-essential] federally funded travel" to facilitate travel authorizations moving forward.

This guidance has left many in government wondering how and if they can travel to events. It has also left event planners wondering if they need to alter agendas, create back-up plans for speakers that may have to cancel, or even cancel events altogether due to a risk of low public sector attendance. Continue reading