Tag Archives: MD

Securing Our Healthcare Infrastructure

Posted on by

We don't typically think of healthcare as infrastructure, but the functioning of our healthcare facilities is just as essential as that of our roads and utilities. Because of this criticality, healthcare systems require 100% uptime, a necessity that is vulnerable to the reality of cyber threats.

According to the FBI's Internet Crime Report, the healthcare industry reported 444 cyber-related incidents in 2024, the most out of any critical infrastructure industry. Despite this reality, many hospitals and health systems feel unprepared to respond and recover from these threats. The Travelers Risk Index survey found that only 51% of healthcare respondents were confident their organizations have best practices in place to prevent or mitigate a cyber event. Key challenges driving this lack of confidence include: Continue reading

Our Autonomous Future Starts Now

Posted on by

The autonomous future imagined by The Jetsons, 2001: A Space Odyssey, and even Back to the Future Part II may not yet be a reality, but a perfect storm of technological innovation is moving us closer. Drones, autonomous robots, and self-driving cars all rely on a complex web of technology to perform as programmed. Advances in artificial intelligence (AI) and 5G availability are enabling autonomous devices to be more, well...autonomous.

Device autonomy is a spectrum. Basic autonomy could look like the end result of setting a flight path for a drone and then initiating an unmanned flight. More complex autonomy could resemble giving a drone parameters such as, "here's the data we want to capture" and the device then designing the tactics, flight path, and timing needed to meet that goal. The wide rollout of 5G provides infrastructure that can handle the high data volumes and speed required by autonomous devices and missions, while AI advances are allowing machines to engage in more advanced and proactive decision-making.

While the reality of autonomy will look different than what Hollywood visionaries depicted, its impact will be just as exciting as any blockbuster. Autonomous systems will be a critical part of realizing a number of key government goals. Continue reading

Ready or Not CMMC is Here

Posted on by

Cybersecurity Maturity Model Certification (CMMC) sets security standards for contractors working with the Department of Defense (DoD) to ensure the data they interact with is protected. The standards have been in place since the introduction of the Defense Federal Acquisition Regulation (DFARS) in 2015, and now, 10 years later, a more formalized compliance process is being implemented.

Starting October 1, 2025, the CMMC clause will start to be used in DoD contracts. This clause requires contractors to align their security practices with the CMMC level required by the contract. While contractors have been required to meet rigorous security standards for some time, whether they did was determined primarily through self-attestation. This roll-out introduces the need for third-party validation of compliance claims, ensuring the security of the defense supply chain. Continue reading

Funding Security at the Local Level

Posted on by

The State and Local Cybersecurity Grant Program (SLCGP) was launched as part of the 2021 infrastructure law to help states and localities bolster their cybersecurity defenses. State and local agencies hold incredibly sensitive data yet historically lack the budget and staff to implement modern security tools and approaches, making them a target for threat actors. The SLCGP was designed to bridge this gap, allowing states to bolster their cyber infrastructure. Funding for this program is set to expire in September 2025, leaving states worried about how they will continue to maintain and enhance their cybersecurity postures.

What is the SLCGP?

The Cyber Grant Program is jointly administered by the DHS's Federal Emergency Management Agency and the Cybersecurity and Infrastructure Security Agency. It requires states to funnel 80% of the funding to local governments, which are often the shortest on IT staff and funding, to ensure the equitable distribution of funding across organizations. Continue reading

Event Spotlight: Gartner Security & Risk Management Summit

Posted on by

The 2025 Gartner Security & Risk Management Summit invites attendees to "Engage. Innovate. Lead." The event draws on the expertise of Gartner analysts to address the challenges of increasingly complex cyber environments, providing insights on cybersecurity strategy and innovation, leadership, business engagement, metrics, risk management, cloud security, data security, AI, and more.

Access to Gartner analysts is a major feature of the summit. In addition to presenting research and insights in sessions, analysts are available to meet with attendees throughout the event.

This year's summit is being held June 9-11 in National Harbor, MD, just outside of Washington, DC. Gartner has seen tremendous growth in interest over the years, and this year's gathering is expected to be the biggest yet, with around 5,400 attendees. This growth can be attributed to the increased use of artificial intelligence (AI). AI use introduces new efficiencies to organizations but also opens up new opportunities for threat actors to infiltrate and impact those groups. Additionally, regulations around AI use are just being developed, leaving many chief information security officers (CISOs) unsure of how best to implement and secure AI, as well as how to communicate the associated risks to senior stakeholders. Continue reading