When Executive Order 14028, “Improving the Nation’s Cybersecurity,” was issued in May 2021, it included directives for agencies to establish several incident response and logging procedures, including sharing information on incident detection and response, by August 2023. In August of that year, the Office of Management and Budget issued Memorandum 21-31 setting specific requirements for agencies to meet, for which the Cybers...

Florida is the third-largest state in the U.S. by population, and it continues to grow rapidly – from 2010 to 2020, its population grew by 14.5%. That kind of growth rate might be the envy of other states, but it also means increased pressure on the state government to deliver internet-based, user-friendly services for everything from child support services to renewing business licenses. Bringing digital transformation to the Sunshine St...

Federal departments and agencies are making headway in meeting the requirements of Executive Order 14028, issued in May 2021, to strengthen their cybersecurity by implementing a zero trust architecture. To date, many agencies have made progress in areas like identity management and secure access. But the journey toward achieving a zero trust environment is different for every department. The challenges that civilian agencies must overcome are...

It has become clear over the past several years that maintaining U.S. election integrity is not just a single agency’s responsibility. Conducting fair and accurate elections is the responsibility of each state and territory. Meanwhile, nation-states, partisans, and scammers can interfere with voter information, try to cast doubt on election outcomes, and spread disinformation across social media, to name just a few. The Office of the Dir...

In an era where cyber threats are increasingly sophisticated, the need for robust cybersecurity strategies in government IT departments is more pressing than ever. These threats are continuously evolving, leveraging new technologies and exploiting vulnerabilities in innovative ways. As a result, there is an urgent need for IT sectors to adapt and enhance their cybersecurity strategies. This adaptation isn’t just about implementing new te...

Cybersecurity has always contended with evolving threats. As the internet has become more embedded into social and economic life and smart phones, tablets and other handheld devices become ubiquitous, bad actors have devised new attacks to capitalize on new vulnerabilities. And just as agencies are implementing zero trust architecture to help with this wave, other IT developments are threatening to upend cybersecurity even more. For instance,...

A decade ago, the Continuous Diagnostics and Mitigation (CDM) Program put agencies on the right path with critical investments in identity and access automation, but technology hasn’t stood still. Today, the Federal Zero Trust Strategy aims to accelerate cyber maturity throughout the government and secure our nation’s future. At the same time, relentless innovation in Artificial Intelligence is changing the game for attackers and d...

The Centers for Medicare and Medicaid Services (CMS) is on a multi-year IT modernization journey – harnessing the power of new and emerging technologies to achieve mission-driven innovations, enhanced security, and delivery of improved access and care for millions of beneficiaries. CMS has done extensive work to date in cloud enabling applications and creating user friendly tools and enhancing security. The agency is now embarking on its...

The cat-and-mouse game between threat actors and cybersecurity professionals continued unabated in 2023, with new threats designed to avoid detection. Many of these threats are new takes on old ones, such as “leveling up” invoice fraud. And ransomware attacks are evolving; rather than encrypting victims’ data, they are straightforwardly stealing the information and extorting payment by threatening to post the info online or t...

Zero trust revolutionizes network security architecture because it is data-centric and designed to stop data breaches. While that is its primary purpose for government, it also increases agility for modern networks that traditional network designs can’t emulate. It has been almost two years since the Office of Management and Budget issued its federal zero trust architecture strategy, which set out specific goals for agencies to achieve b...