What are the impacts on the new Federal Information Security Management Act (FISMA) reporting resulting from the new documents released in 2022? Some of the key documents are: Presidential Executive Order 14028 that has increased emphasis on advancing toward “Zero-Trust Architecture” and “Endpoint Detection and Response (EDR)” and moving systems to FedRAMP clouds. Office of Management and Budget’s (OMB’s) M-...

Information drives and powers modern government with federal, state, and local agencies seeking to improve engagement opportunities with citizens. The challenge is to effectively manage the explosion of information while also protecting citizen’s data and privacy. Keeping up with the rapid expansion of information has put pressure on outdated governance and compliance practices. The 2021 Federal Data Strategy outlines specific actions to...

The Executive Branch has made it clear the United States needs a more resilient and secure supply chain to ensure economic prosperity and national security. The supply chain is only truly secure when all entities throughout the public sector supply chain carry out effective and coordinated security measures to ensure the integrity of supply chain data, the safety of goods, and the security of the respective agency. This virtual workshop will r...

DevSecOps incorporates security initiatives at every stage of the software development life cycle (SDLC). It is a set of practices combining software development, security, and IT operations with the goal of shortening the systems development life cycle securely. From identifying patterns to uncovering new ways to support the mission, DevSecOps is playing an essential role in government’s digital transformation efforts. This virtual work...

The Federal Risk and Authorization Management Program (FedRAMP) began in 2011 to ensure the security of cloud services used by the U.S. Government. FedRAMP is a government-wide program providing a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. FedRAMP uses NIST guidelines in its own framework to enable U.S. Government agencies to use cloud services securely and efficientl...

It has been a busy past decade for the Records Management Community: 0MB Memorandum M-12-18, Managing Government Records Directive, required to the fullest extent possible, agencies eliminate paper and use electronic recordkeeping. 0MB Memorandum M-14-16, Guidance on Managing Email, with goal of by December 31, 2016, Federal agencies will manage both permanent and temporary email records in an electronically accessible format OMB Memorandum M-...

Many cloud subject matter experts agree that an agency’s cloud strategy must be aligned with agency mission. Among the most common reasons cloud strategies fail are not having a solid business/operational case for cloud migration, failing to test before deployment, and underestimating the time and funding required. Success factors include “ensuring the whole organization understands the intent, direction and roadmap of cloud adopti...

The Continuous Diagnostics and Mitigation (CDM) program is a way government agencies move toward fortifying their cybersecurity networks and systems. It was developed in 2012 to provide government agencies with risk-based cybersecurity solutions to protect federal civilian networks across organizational tiers. Specifically, CDM helps federal agencies identify cybersecurity risks, prioritize those risks, and enable staff to focus on those prior...

The Continuous Diagnostics and Mitigation (CDM) program is the way government agencies move toward fortifying their cybersecurity networks and systems. It was developed in 2012 to support government-wide risk-based cybersecurity solutions to assist participating agencies improve their security posture consistently and cost-effectively. In this virtual workshop, government & industry experts will provide the following: a status update on CD...

Are you getting more time back than you put in with your analytics project? How long does it take to onboard a new dataset? Who views what dashboards and for how long? These, and other questions will better help you understand the value of the data and analytics routinely put together on projects. Often, these questions will unlock different understandings of what is extremely valuable and what may not be important at all, not just from the im...