Adopting a zero trust policy has become imperative for agencies aiming to safeguard their digital assets against increasingly sophisticated threats. It represents a true paradigm shift, away from traditional perimeter-based security models to a more dynamic, trust-never always-verify approach. One critical part of implementing zero trust is managing digital identity – ensuring that access to resources is securely managed and continuously...

Cybersecurity education and workforce development is a significant issue given large current national capability and skills gaps. In this webinar, we bring together key partners and major stakeholders from the public sector, private sector, and academia to discuss pathways of collaboration and partnerships moving forward to solving this important problem. Panel members will discuss their experience and “best practices” to reduce th...

Insider Risk Programs have continued to evolve naturally over the past 20 years. They have grown exponentially beyond the traditional lens of trying to identify spies through cyber-focused data exfiltration events. Today, Insider Risk Programs have expanded to include internal HR, legal, and compliance stakeholders within organizations and have expanded security beyond strictly physical and cyber domains to now include analysts, investigators,...

In the modern age of cloud migration and deployment, many security and operations teams are having to adapt their controls, processes, and overall strategies to better accommodate hybrid on-premises and cloud environments. While some architecture and control concepts stay relatively static, many don't. So what should organizations do? How can traditional firewalls and cloud-native controls co-exist? What network security controls are most read...

Mobile devices are an integral part of an efficient workplace and securing them has become a prevailing concern for individuals and organizations, given their widespread use and the sensitive data they contain. To address these concerns and to provide guidance on how mobile devices can be protected, the National Institute of Standards and Technology (NIST) has developed a set of guidelines for managing the security of mobile devices throughout...

One Cybersecurity and Infrastructure Security Agency (CISA) program that has been widely adopted throughout the federal government also is one of its longest-established – the Continuous Diagnostics and Mitigation (CDM) program. Introduced in 2012, the program provides a dynamic approach to strengthening the cybersecurity of government networks and systems. The program has evolved over the past decade to add new capabilities, including c...

Alchemy Global Networks recognizes that most Security Information and Event Management (SIEM) solutions face challenges such as poor asset intelligence and immature or nonexistent process workflow automation. These lead to a population of unmanaged systems that render the SIEM an expensive "event collector." The event management system is the "brains" of cloud and/or data center services as it collects, aggregates, and correlates data while re...

The persistence of nation-state actors has introduced a threat to America’s cybersecurity landscape that has never been seen before. Ample countermeasures have been prescribed through various White House, DoD, and CISA guidance that places responsibility on government and private industry to follow these new guidelines for the development of secure software. As we turn the corner toward the close of the federal fiscal year and begin cybe...

Federal agencies across government have started the shift in mindset from just patching and remediation to truly transformative cybersecurity modernization. There is no better example than the move to developing zero trust architecture governmentwide. While every agency is in a different stage of its ZT implementation journey, there are key guideposts and best practices that every federal IT and security team should be following to optimize th...

Social media is the first place people turn when they have a question or want to discuss a crisis, controversy, or community event. So it only makes sense that community leaders are a part of the conversation. However, public agencies have a unique set of challenges when it comes to posting on social media. Concerns about data privacy, security, fake news, and misinformation prevent many agencies from using social media to its fullest. Join Ho...