With so many high-profile hacks this year, it's easy to want to throw up your hands and say, "Is there nothing that can be trusted?!" Interestingly, that lament is what is driving the latest approach to cybersecurity -- zero trust. Zero trust is what it sounds like, a security approach centered on the belief that organizations should not automatically trust anything accessing their systems either inside or outside their perimeters. Instead, all people and devices must be verified before access is granted. To the untrained eye, this seems untenable. How, in this day and age, when we depend on digital information and connection to do most anything, can we use a process where we have to constantly verify identity and access permissions? Luckily, the practice of zero trust is more sophisticated than its premise.
This May, after the CDC updated their public health guidance around masking and social distancing for vaccinated individuals, GovEvents surveyed its members to find out what government professionals were comfortable with in terms of in-person events. Feedback from event planners at the beginning of 2021 showed they were beginning to plan toward a hybrid event schedule, looking to introduce in-person events in the late summer or fall. Now that schedule seems to be a reality based both on health guidance and attendee attitudes.
The GovEvents survey of 275+ public sector professionals found that nearly 75% of respondents would be comfortable attending an event in-person sometime in 2021.
President Biden's $2 trillion infrastructure plan is far-reaching, impacting the way we manage, use, and maintain our nation's critical infrastructure. It also has a considerable impact on the job opportunities available in private companies and government agencies at all levels.
Transportation spending is focused not only on improving existing roads and bridges but paving the way for clean energy and modern transit systems to include electric vehicles, Amtrak repairs, and airport and waterway improvements.
Housing and community spending is focused on retrofitting older buildings to be more energy-efficient. Schools also get funding for upgrades and new construction.. Water systems and electrical grids are also being funded for safety and environmental upgrades. For communities at large, $100 billion is earmarked to improve broadband connectivity.
Improving care for the elderly and disabled is also a focus of the funding, with $400 billion dedicated to improving wages for caregivers and improving access to care and care facilities.
With a number of high-profilesecurity hacks involving widely used software, government agencies are retraining their focus on their organization's security measures and those of the vendors and service providers that work with them. This shift in focus was actually on the rise before the recent hacks in anticipation of cyberattacks just like the ones we've recently seen.
In January of 2020, the Defense Department implemented the Cybersecurity Maturity Model Certification (CMMC), a unified standard for implementing cybersecurity across the defense industrial base (DIB), which includes over 300,000 companies in the supply chain. Contractors have always been held responsible for implementing and documenting their IT systems' security that touch sensitive government data. Under CMMC, this continues, but adds the need for a third party to assess the contractor's compliance.
Shared Services in government is nothingnew. The idea began in the 1980s with the consolidation of payroll and some other administrative functions. In the '90s the focus was on creating entities that could provide common business functions across government and, in that effort, become a cost center.
The 2000s saw the rise of the term 'Line of Business' that looked at common business functions across government to identify opportunities to transform, streamline and share. The Obama Administration looked specifically to IT as a shared service, releasing the Federal IT Shared Services Strategy that provided federal agency chief information officers and key stakeholders guidance. This guidance focused on the implementation of shared IT services as a key principle of their efforts to eliminate waste and duplication, with the intention to reinvest in innovative mission systems.