Digital Forensics 101

The digitization of records and processes across government increases the need for sound digital investigation tools and processes. Whether it is looking into a data breach or gathering information for litigation, organizations are spending a lot of time culling through this data to get answers to pressing issues. An IDG survey found that a vast majority of organizations conduct digital investigations on a weekly basis. These investigations range from proving regulatory compliance, security incident response (including post-event analysis), and stopping high risk employee behavior (acceptable use violations).

We sat down with Tod Ewasko, Director of Product Management at AccessData to learn more about the role of digital investigations as a part of everyday IT efforts.

Q: Who "owns" forensics? IT? Legal? HR?

A: The answer is kind of all three. Many people lump forensics in with cybersecurity, but it's really a separate entity. Yes, forensics tools are used to investigate cyber incidents, but they are not preventative. That is what you have the "hunting" tools out there for - watching firewalls and logs for anomalous behavior or activity. Once that is stopped, then the forensics tools come in to make sense of it - to see how it happened and drive the plans to make sure it does not happen again. Forensic tools look beyond the event and gather all data relevant to the systems in question.

Q: Is forensics all reactive then? Continue reading

National Guard Chief Predicts Changes In Training

From time to time GovEvents will come across information we feel our members and audience would benefit from. Here's something we wanted to share:

As some Army National Guard soldiers begin training under a new system that increases the number of days on the range, the chief of the National Guard Bureau predicts "some changes" if the greater demands are not sustainable over the next few years.

In remarks at a March 12 forum hosted by the Association of the U.S. Army's Institute of Land Warfare, Air Force Gen. Joseph L. Lengyel said the Sustainable Readiness Model put in place in fiscal 2017 as a means of reaching a higher level of readiness across all components makes higher training demands on reserve forces. It may not be sustainable for individual soldiers whose "civilian lives won't be able to tolerate it," he said. "I predict there will be some changes."

"Those heavy brigades are going to do 39 days one year, 48 days next year, 60 days in that third year and to sustain that readiness they're going to do 51 days the following year," Lengyel said. "That's a lot of training days. A lot of days." Continue reading

Give Them a (Meaningful) Break

Time is a precious commodity. With events, attendees are giving up precious time away from the office and possibly, away from their families. Because event organizers know that their attendees' time is valuable, their response is often to pack as much into an event as possible to provide the most value in attending. But, as in many areas of life, this "more is more" mentality can backfire. A lack of breaks can leave attendees tired and their purpose for attending left unfulfilled. Without these breaks, there is no time for attendees to absorb information or make impromptu connections. 

If the event is organized in a way that encourages interaction with and by attendees, you want to give them the chance to recharge from all of that engagement. A study published in the Harvard Business Review revealed that the most engaged employees are also the ones that burn out the quickest. With this understanding, it makes sense that engaged event attendees will get tired (burn out) as they are being challenged with new ideas and information. So, what should event planners do to maximize both the quantity and quality of the time spent with their attendees?

Continue reading

A Bitcoin for Your Thoughts: Demystifying Blockchain

Blockchain is a new way to structure data for greater sharing and security. Its algorithm and distributed data structure were initially designed to manage online currency (like bitcoin) in a way that does not need a central administrator to distribute it among people. This removed the need for a middleman (like a bank) to authenticate that what was being transferred was real currency. Instead, this authentication happens because all of the nodes on a peer-to-peer network connected to the block (the asset, money, or data) have to "approve" its transfer to a new party (a good image of this process is found here).

Blockchain essentially provides an online ledger book. The records (or blocks) are individually secured using cryptography that links them to one another and gives each block its own timestamp and provides data about that particular transaction (who it went to). Looking at the ledger you can see where data started and where it went. Through cryptography and the intricate linkages, the blocks (the original asset) cannot be tampered with. This traceability and security has gotten the attention of the government as a way to better protect sensitive data and transactions. Agencies are investigating how to use it to speed procurement, secure employee records, and better enable electronic health records.

Continue reading

Getting (Vendor) Certified

We've written before about the importance of certifications for expanding your knowledge base and helping you stand out among competition when looking for new career opportunities. As we highlighted in that post, industry certifications show mastery of a certain skill area from security to project management to database administration. Today we want to highlight the power of vendor-specific certifications for your career.

Much like we wrote about the value of vendor-led events, there is a tangible benefit in being certified in specific technologies as there's no escaping the major technology vendors. Their technology is in place across the government and oftentimes is providing the platform on which entire IT infrastructures are designed. Doing a deep dive and getting certified in a technology that is critical to your agency makes you a key resource for ensuring that the systems that rely on that vendor keep running and evolving.

Based on what we see in the market, here are some recommendations of vendor certifications that can add to your knowledge-base as well as your value to current and future employers.

Continue reading