Blockchain technology is a new way of passing information from point A to point B. The data passes through a "block" that gets validated by a network of unrelated computers, and democratizes the transfer of data. This creates a transparency for the path of the data and makes that path irreversible. It also allows for computational logic to be attached to data, enabling automation around actions associated with it.
Organizations across government have been experimenting with ways blockchain technology could make transactions more efficient, secure, and transparent. With the COVID-19 pandemic the ability to easily, securely, and transparently share data has never been more important. In the many areas of our lives affected by the pandemic, blockchain is proving to be a tool for meeting the quickly evolving demands of public health, financial markets, and even democracy itself.
More than finding cost efficiencies with cloud, government has realized its adoption is critical to business continuity. With mandatory telework as a result of COVID-19, organizations that have been proactive in their move to cloud found themselves able to quickly adapt and continue business as usual in very unusual times. Organizations that did not prioritize cloud found themselves scrambling to give employees access to the technology they needed to do their work.
Luckily, policies including the Cloud Smart mandate helped put more people in the first category than the second. A study completed in March (before pandemic telework began) found that 71% of federal respondents agreed that Cloud Smart was driving cloud adoption. In addition to Cloud Smart, the FedRAMP program also helped drive cloud adoption leading up to and during the pandemic. In 2020 alone FedRAMP added 200 authorized products and are on track to authorize over 60 cloud service offerings. The program has also achieved over 1,850 reuses of cloud products.
With many people in a rush to put 2020 behind us, those of us in the government market can safely say we're operating like it's 2021 (not as fun as partying like it's 1999, but anything beats 2020, right?). While the rush to meet the deadline for federal government fiscal year (GFY) spending on September 30 may have felt oddly comforting in its familiarity, there are many changes happening in government acquisition and procurement to make processes more responsive to today's workforce and technology needs.
The use of automation is expanding beyond using Robotic Process Automation (RPA) to handle rote, repetitive tasks. RPA has been incredibly beneficial for freeing up the time of acquisition professionals to focus on innately human activities, rather than administrative tasks. Now, acquisition groups are going a step further and introducing Artificial Intelligence (AI) to improve processes by tapping into all of the data available in acquisition systems. For example, GSA uses an AI-enabled bot to "track, find and change Section 508 disability clauses in contracts." This helps ensure compliance, feeding updated clauses to humans for final review.
In September, the Department of Defense (DOD) issued Directive 5000.01, an update to the 5000 series instructions that focuses on the roles and responsibilities for its acquisition process in an effort to simplify the buying process. The end goal of this simplification is to get technology in the hands of the warfighter faster. Continue reading
Necessity is the mother of invention, and that is in fact the case with virtual events. The ability to host virtual events has been available for quite some time, but the demand has not been there. With the sudden shutdown of the country due to COVID-19, event planners looked to postpone events but, as the crisis continued, they quickly embraced the online medium to keep some kind of connection to the public they needed to reach.
Virtual events are proving to be more than a stopgap as we work through the response to a public health crisis. It is generally accepted that habits form after 21 days and lifestyle changes cement themselves after 90. Being far beyond 90 days into online meetings and gatherings, we all now accept and even enjoy attending events and learning online. For event planners, virtual events have proven to be an amplifier of their content, often attracting more people than would have attended in person and providing a recorded version of sessions that can be used in other ways throughout the year.
For the past 17 years, the Cybersecurity & Infrastructure Security Agency and the National Cybersecurity Alliance have led a month-long national focus on cybersecurity best practices. In coordination with a number of organizations around the country, each October features events and campaigns to help educate businesses and individuals on avoiding dangers lurking online. As with everything else, the activities for the 2020 Cybersecurity Awareness Month will look a bit different. But perhaps it is fitting that most of it will be taking place online. It's a great opportunity to practice what you preach when hosting virtual events and resources.
The theme for 2020 is "Do Your Part. #BeCyberSmart," encouraging individuals and organizations to look at their own role in protecting cyberspace and providing proactive steps to enhance cybersecurity. A big part of this is the idea of "if you connect it, protect it." Resources and speakers will focus on securing devices at home and at work, securing Internet-connected healthcare devices, and looking ahead to the future of connected devices.
In government, doing "your part" means making a transition to a zero trust security environment where access controls are maintained around data and systems even after someone has shown the proper credentials to get into the network. The name "zero trust" implies a difficult hurdle that has to be overcome to earn the trust, but that is not the case. A different way of looking at it is "context-based trust" or "variable trust" meaning that devices with network access will receive immediate entry. Other devices that are unknown to the network will be subject to additional checks and balances. Key to this is establishing what is perceived as normal behavior on the network and by users. As activity deviates from that norm, systems and data can be locked up until legitimate access is verified. Continue reading