All the elements of the U.S. healthcare system are under siege by hackers. A recent article in Modern Healthcare reported that “[o]ver the past five years, there’s been a 256% increase in large breaches reported to [the U.S. Department of Health and Human Services] involving hacking and a 264% increase in ransomware.” Federal health agencies face the same risks – and private-sector attacks ripple through the agencies, a...

While the Personal Identity Verification (PIV) and Common Access Card (CAC) represent a high assurance, technically interoperable, and a highly regulated method of authentication, they suffer from factors such as ease of use, ability to work with mobile devices and across devices. Office of Management and Budget (OMB) memorandum M-19-17, Enabling Mission Delivery Through Improved Identity, Credential, and Access Management, opened the door for...

You are invited to attend Acquisition Training for the Real World’s Summer Camp event, July 15 - 19, 2024! This week-long series of two hour, virtual training sessions features engaging thought leaders who know the challenges that acquisition professionals face and can provide real-world solutions. Participants can earn up to 10 CLPs over the week! Classes offered this session include: Quest for Clarity: Asking the Right Procurement Ques...

The continuous evolution of technology presents us with a dynamic landscape filled with both promise and challenges. As the internet gained widespread adoption, it revolutionized various aspects of our lives, introducing innovations such as online shopping and real-time news updates, alongside issues like spam, phishing, and malware. Traditionally, government entities have been cautious in adopting new technologies, often due to regulatory con...

States’ voter registration systems and voter access have undergone a host of changes over the past five years, thanks in large part to the Covid-19 pandemic. Many states expanded vote-by-mail options, stepped up automatic voter registration programs, or both. Cities took action, as well – Los Angeles, for instance, has overhauled its voting system infrastructure, using open source, the cloud, and cybersecurity partnerships to updat...

A Practical Approach to A-123 Compliance Programs Join us for a unique, interactive workshop that "walks you through" the latest update of The Green Book which now conforms to the Internal Control Integrated Framework (COSO 2013). This training is focused on the current Standards for Internal Control in the Federal Government as detailed in the Green Book. This 18 hour CPE course provides you with the tools to implement a compliance program th...

State governments understand that utilizing IT effectively is the key to delivering excellent customer service. For instance, in Ohio the current strategic plan forthrightly states that the “use of State technology assets to increase the wellbeing of Ohioans and their health, property, security, livelihood, and prosperity is essential.” Measures include improving information security and privacy, building on cloud-smart infrastruct...

This CMMC (Cybersecurity Maturity Model Certification) Level 1 Implementation training event focuses on helping organizations establish a security foundation required for higher levels of the CMMC model. DoD contractors are required to be CMMC Level 1 certified by January 1, 2026. This first 4 CPE training event overviews the practices outlined in 48 CFR 52.204-21, which sets basic safeguarding requirements for covered contractor information...

In this CPE training event, we overview the principles and implementation of Zero Trust Architecture to enhance your organization's security posture. Zero Trust Architecture, based on the NIST SP 800-207 criteria, revolutionizes the traditional approach to cybersecurity. It challenges the assumption of implicit trust within networks and promotes a model where trust is never granted by default. Instead, it emphasizes continuous analysis and eva...

This 2 CPE training event "Protecting Controlled Unclassified Information" is based on NIST SP 800-171 R3." In this webinar, we will overview the essential strategies and guidelines outlined in NIST SP 800-171 Revision 3 (R3) to safeguard Controlled Unclassified Information (CUI). Our CPE training is designed to equip participants with the knowledge and tools needed to protect sensitive information from unauthorized access, disclosure, or los...