The growth in volume of data being generated every year is staggering. One company has estimated that an organization’s amount of data will triple within five years, between on-premises, cloud and software-as-a-service locations. On top of that, sensitive data – whether personally identifiable information, financial, intellectual property, etc. – can be scattered throughout the data ocean. In 2022, more than 200 government ag...

Digital transformation has been a central premise of government at all levels tackling the job of ending reliance on legacy technology, upgrading systems and expanding services. Until recently, transformation efforts at the federal level focused on “lift-and-shift,” updating their digital systems or processes to make them better or more innovative, but they didn’t have the customer or end user or employee in mind while doing...

As agencies move to implement a zero trust architecture, the dispersed nature of their cloud-based and hybrid networks means more attention than ever must be paid to the security of Active Directory (AD), which administrators use to manage permissions and access to network resources by far-flung endpoints. Attackers can gain unauthorized access to a company’s data if Active Directory is compromised; monitoring your AD will help protect s...

One Cybersecurity and Infrastructure Security Agency (CISA) program that has been widely adopted throughout the federal government also is one of its longest-established – the Continuous Diagnostics and Mitigation (CDM) program. Introduced in 2012, the program provides a dynamic approach to strengthening the cybersecurity of government networks and systems. The program has evolved over the past decade to add new capabilities, including c...

Seeing changes in the physical features of the earth historically has taken eons – sometimes literally, as in identifying the shifting of Earth’s tectonic plates and the drift that created the continents as we know them. But the advent of satellites, drones, sensors and other technologies provides a constant flow of data that accurately reflects the conditions that societies encounter today. In 2017, the Department of Defense creat...

The cybersecurity slogan for zero trust is a simple one: Never trust, always verify. States, localities, tribes and territories face the same cyber threats as the federal government, and many of their agencies are wrestling through how they can implement zero trust architectures. One of the most important elements in pursuing zero trust is implementing microsegmentation — partitioning a network into small, isolated sections to reduce the...

One of the foundational tenets of zero trust architecture is Identity – providing credentials for every person and device – in order to manage access to government systems, whether entering from the outside or moving laterally from within. In other words, identity, credential and access management (ICAM) should be addressed as a whole, not as separate point solutions. This applies across all systems, all platforms, and all environm...

As State and Local agencies pursue their zero trust goals taking into consideration the Executive Order 14028, “Improving the Nation’s Cybersecurity,” it is easy to focus on technology solutions. But that overlooks something fundamental about both the challenge and the purpose of moving to zero trust – the human beings that will use the redesigned systems to better meet their agency’s mission. If a zero-trust impl...

After several high-profile cyber incidents resulting from exploited vulnerabilities, the Office of Management and Budget released a memorandum (M-22-09) in 2022 that requires agencies to adopt a Federal Zero-Trust architecture. This new architecture includes a key element: requiring agencies to meet specific cyber standards, including application security testing, by the end of 2024. Two elements of modern software are growing in importance fo...

For government agencies, case management – delivering services to people and businesses – is the heart of their mission. In almost all cases, however, case management systems have gotten more complicated, more difficult to manage, and more expensive. Agencies today depend on legacy, siloed systems that have changed through kludges, “an ill-assorted collection of parts assembled to fulfill a particular purpose.” Rip-and-...