Security Takes a Leading Role in Acquisition

Recent security breaches via software have made supply chain security a priority across government. No longer is it enough to build security into a solution; now every product that is part of that solution is being examined for its security and risk. In response, the Biden Administration issued a Cybersecurity Executive Order that aims to provide more control over the content of code that comes in contact with government systems and infrastructure.

Continue reading

The Growing Impact of IoT

The use of Internet of Things (IoT) to manage infrastructure and services is not a new concept, but response to the new normal of pandemic life, natural disasters, and the implementation of 5G networks all could accelerate the implementation of IoT solutions.

Remote Management

Stay-at-home orders, social distancing measures, and backlogged inspection schedules all combine to make a great case for implementing sensors and other IoT devices as part of infrastructure management. With technology providing data on the status of equipment, facilities, and general infrastructure like roads and bridges, the need to deploy inspectors to the field can be minimized. In the short term, this reduces potential points of exposure for inspectors and field staff. Longer term, it adds a new "colleague" to field management teams. IoT can handle routine, low risk monitoring, freeing up humans to focus on more complex or higher priority tasks and activities.

Continue reading

Security in the “New Normal”

With telework expected to stay long after the pandemic ebbs, government agencies are looking to shore up the remote work solutions they put in place to ensure on premise security measures extend to the dispersed workforce. Multi-cloud environments are the reality for almost every agency. The many applications needed for the diverse functions of an organization require multiple cloud solutions to provide the specific support needed.

A report from Meritalk, Multi-Cloud Defense: Redefining the Cyber Playbook, found that 83 percent of respondents are increasing multi-cloud adoption to support telework and mission needs related to COVID-19. However, 42 percent said their cyber strategies cannot keep up. One part of the challenge is creating a solution that can be applied to the wide variety of endpoint devices and meeting enterprise security requirements.

Continue reading

The 8th annual IT Security Automation Conference

Originally posted on Federal News Radio

October is National Cyber security month and will be kicked off in Baltimore with a three day conference with a focus on automating security.

The concept of security and the federal government is inevitably wrapped in guidance from National Institute of Standards and Technology NIST.

On October 3, 2012, NIST is working with a wide range of members of the security community to produce the 8th Annual IT Security Automation Conference.

Listen to the interview with Dave Waltermire, security automation architect, in NIST's Computer Security Division.

In the interview, Waltermire gives an overview of the conference, talks about security automation, the history of SCAP, competing standards, the challenges of generating standards, and the role the federal government in this process.

The conference covers continuous monitoring, software assurance, incident handling, analytics, as well as trusted computing.

Listen to the interview with Dave Waltermire.