CDM – Concentrating on the How of Cybersecurity

Posted on by

The Department of Homeland Security's Continuous Diagnostic Mitigation Program (CDM) was developed as a guideline process for agencies to fortify their ongoing cybersecurity plans and tactics. Agencies have worked through the stages of the program, first identifying what and who is on their network and then looking at what is happening on the network - really identifying the who, what, when, and where. Today, the focus is to put all that information to work in developing plans that address the "how" of secure networks including:

  • Reduce agency threat surface
  • Increase visibility into the federal cybersecurity posture
  • Improve federal cybersecurity response capabilities
  • Streamline Federal Information Security Modernization Act (FISMA) reporting

According to a recent survey, in the seven years since its inception, the CDM program has met its mission of making government IT systems more secure. But this success does not mean the work is done. Legislation has been introduced that will make CDM permanent and expand its reach to meet the ongoing cyber threats that face government agencies. Moving forward, the CDM will help agencies focus on taking what has traditionally been a piecemeal approach to cybersecurity and creating a more integrated approach that ties to the an overall cyber strategy.

Continue reading

Small Event. Big Impact

Posted on by

As we begin to slide into the last quarter of the year and start planning for 2020, the human inclination is to go bigger and better next year. But, we would challenge you to look at how going smaller can actually lead to a greater impact. Smaller events can deliver the same learning as a large event, however do it in a way that enables event organizers to get closer to attendees as well as a different way for attendees to interact with the content and with each other.

For context, we would define a small event as somewhere around 20-50 people. With this size, attendees have an opportunity to get to know one another and the presenters on a deeper level. This is helpful when you're looking to build better customer intimacy or when you are looking to gather feedback. A small group allows for more interaction and questions, so organizers can take advantage of the opportunity and build in plenty of time for Q&A. Attendees can get the lecture experience at any event, so set your event apart with increased access to and interaction with speakers and thought leaders.

Continue reading

Department Spotlight ~ U.S. Department of Agriculture: Harvesting Crops and Innovation

Posted on by

Fall visits to the farmers market take us back to simpler times when people lived off the land. Today's farmers may provide the same "output" of food, but how they manage the growth and distribution of it has changed dramatically.

The U.S. Department of Agriculture (USDA) was established in 1862 and was nicknamed "The People's Department" by President Lincoln because of its mission to support the farmers that feed the nation. Today, the USDA is focused on providing "leadership on food, agriculture, natural resources, rural development, nutrition, and related issues based on public policy, the best available science, and effective management."

In achieving this mission, the USDA has become a hub for innovation. It was chosen as the first host agency for a modernization Center of Excellence (CoE). Spearheaded by the General Services Administration (GSA), the CoE at USDA was established to accelerate IT modernization across government to improve the public experience and increase operational efficiency. The CoE centralizes top government tech talent and combines it with private sector experts and expertise to implement best practices to move processes and technologies ahead. The CoE is focused on five functional areas: Cloud Adoption, Contact Center, Customer Experience, Data Analytics, and Infrastructure Optimization.

Continue reading

Growing Our Cloud Smarts

Posted on by

The move to cloud computing in government has changed from a focus on Cloud First to Cloud Smart. The initial push to cloud encouraged agencies to look at cloud options when adding or updating technology but provided no direct guidance. This "Cloud First" push provided a way to educate agencies on what cloud is and why it is a viable option for deploying applications to the government workforce. This education worked, making even the most security-conscious agencies comfortable with moving data and applications to the cloud to gain new efficiencies in time and budget.

The Cloud Smart policy, a logical evolution of Cloud First, was introduced last year and provides more guidance surrounding security, procurement, and workforce skills to foster cloud adoption and implementation. While the value cloud can provide is widely accepted, procurement of cloud remains a stumbling block to wider, easier cloud adoption. The shift in spending from capital funds to operating funds and the fluidity of the fees based on need and usage require different language and structure in contracts. Security also continues to be a focus, creating new "shared responsibility" language in cloud agreements and plans.

To help you get smarter on how to be cloud smart, we've compiled a list of upcoming events that cover the areas related to a successful cloud deployment.

Continue reading

Facing the Cybersecurity Threat Head On

Posted on by

In October, ghosts and goblins come to life as decorations on front lawns and as candy-seeking children knocking on our doors. But stepping away from the frivolity of Halloween, October has also become a time for us to reflect on the real threats we face year-round when it comes to our data, identity privacy and online security.

National Cybersecurity Awareness Month (NCSAM), spearheaded by the Department of Homeland Security (DHS), is a "collaborative effort between government and industry to raise awareness about the importance of cybersecurity and to ensure that all Americans have the resources they need to be safer and more secure online." This year's theme is Own IT. Secure IT. Protect IT. Programs around the country will address topics including citizen privacy, securing consumer devices, and eCommerce security.

More than IT professionals talking to one another, NCSAM aims to reach out to the public to emphasize personal accountability and educate people about the importance of taking proactive steps to enhance cybersecurity at home and in the workplace. The NCSAM website has some handy guides that can be shared to educate people on these actionable steps.

Continue reading