Tag Archives: DC

How Cyber Basics Make a Big Impact

Posted on by

October is a fitting month for cybersecurity awareness. Phishing emails can be even more deceptive than a convincing costume and ransomware attacks can feel like a jump scare in a horror movie. Each year, the National Cybersecurity Alliance and the U.S. Department of Homeland Security spearhead an educational campaign to ensure everyone knows their role in protecting the vast amounts of online data we depend on for daily life.

The 2025 theme is "Stay Safe Online" with a focus on four key steps everyone can take to improve online safety:

  • Use strong passwords and a password manager
  • Turn on multifactor authentication
  • Recognize and report scams
  • Update your software

These tactics are important at a personal as well as enterprise level. Agencies across government have taken these best practices and implemented new security measures to protect data. Continue reading

Improved Technology Means Improved Citizen Service

Posted on by

A focus on government efficiency should benefit citizens by yielding improved service and better stewardship of tax dollars. Efforts have been underway across government for decades to improve service to the citizen. With the government embracing artificial intelligence (AI) and new security paradigms, the digitization of government continues to accelerate in support of citizen service.

Paperwork Reduction

The Paperwork Reduction Act of 1980 kicked off the government's focus on reducing both paperwork and manual effort. Now a new piece of legislation may accelerate efforts further. The ePermit Act was introduced to create an interagency data system to serve as a single point for tracking real-time data on environmental reviews. Currently, agencies have siloed systems that make it difficult to share information, even though permitting often spans multiple agencies. This act responds to the administration's desire to streamline regulatory compliance, easing burdens on industry. Continue reading

Strengthening the National Focus on Cybersecurity

Posted on by

The latest cybersecurity executive order, issued in June of 2025, aims to streamline past administrations' cybersecurity executive actions and strip mandates seen as overly prescriptive or ideological. It also introduces new guidelines and mandates to strengthen cyber practices within the government and private sector.

Key Updates to Historical Guidance

The order updates sanctioning policies from the Obama administration that allow the government to financially punish people involved in hacking activities that harm U.S. national security. This latest order "limits the application of cyber sanctions only to foreign malicious actors" to prevent the "misuse against domestic political opponents."

Cyber guidance issued in the waning days of the Biden administration encouraged government agencies to ramp up use of digital ID technologies. The latest EO strikes this mandate based on the belief that digital ID could lead to greater fraud and abuse. Continue reading

New AI Guidance, Similar Goals

Posted on by

In early April, the White House Office of Management and Budget (OMB) released a pair of memos to provide agencies with guardrails for how they use and purchase artificial intelligence (AI). These memos replaced guidance issued by the previous administration but maintain many of the same structures.

The first memorandum, M-25-21, gives agencies three priorities when accelerating the federal use of AI: innovation, governance, and public trust. It states, "...agencies are directed to provide improved services to the public, while maintaining strong safeguards for civil rights, civil liberties, and privacy." The memo maintains items that were established under the Biden administration, including:

  • The creation of chief AI officer roles and AI councils "to serve as change agents and AI advocates, rather than overseeing layers of bureaucracy."
  • Implement minimum risk management practices for "high-impact" AI use--those applications of AI that could have significant impacts when deployed.

Continue reading

Event Spotlight: Gartner Security & Risk Management Summit

Posted on by

The 2025 Gartner Security & Risk Management Summit invites attendees to "Engage. Innovate. Lead." The event draws on the expertise of Gartner analysts to address the challenges of increasingly complex cyber environments, providing insights on cybersecurity strategy and innovation, leadership, business engagement, metrics, risk management, cloud security, data security, AI, and more.

Access to Gartner analysts is a major feature of the summit. In addition to presenting research and insights in sessions, analysts are available to meet with attendees throughout the event.

This year's summit is being held June 9-11 in National Harbor, MD, just outside of Washington, DC. Gartner has seen tremendous growth in interest over the years, and this year's gathering is expected to be the biggest yet, with around 5,400 attendees. This growth can be attributed to the increased use of artificial intelligence (AI). AI use introduces new efficiencies to organizations but also opens up new opportunities for threat actors to infiltrate and impact those groups. Additionally, regulations around AI use are just being developed, leaving many chief information security officers (CISOs) unsure of how best to implement and secure AI, as well as how to communicate the associated risks to senior stakeholders. Continue reading