It’s been a decade since "Cloud First" was put forth as a formal goal of government. In that time, agencies have moved from wary experimentation to straightforward "lift and shift" efforts to, increasingly, enterprise as-a-service solutions. The question is no longer whether to leverage cloud servicers, but how best to do so. Yet as the easier moves to the cloud have been made, the remaining systems and workloads require decidedly more c...

Two years after the White House issued an executive order creating a national strategy for artificial intelligence, agencies are moving past pilot projects and are looking for the next level of AI in government. Although some of the most visible projects are at NASA, DOD and IRS, many agencies are working on developing AI projects that support services, improve mission effectiveness and decision making and automate repetitive tasks. There is a...

Most government agencies have made the journey to cloud since the Cloud First and Cloud Smart strategies came from OMB starting in 2010. Many organizations have more than one cloud. The challenge becomes blending the different types of cloud and service models to provide access to needed data, while at the same time protecting a much enlarged attack surface created by the large number of workers who are accessing the data remotely. If there is...

OVERVIEW By the beginning of 2021, NIST will have released the finals of many Risk Management Framework (RMF) standards: SP800-53 Rev 5 – Security Controls SP800-53B – Security Control Baselines, Privacy Framework SP800-160 Vol 2 – Systems Security Engineering SP800-161 Rev 1 – Supply Chain Risk Management SP800-171 Rev 2 – Controlled Unclassified Information (CUI) and High Valued Assets (HVA) Revisions to the NIS...

The global information technology supply chain has been hit with a growing and unprecedented number of attacks as adversaries attempt to compromise systems with various forms of malware in an attempt to steal or compromise or hold for ransom sensitive information. Federal executives realized how complex the question of supply chain security was in 2017 when officials tried to implement the Department of Homeland Security’s order to remov...

The Federal Data Strategy's action plan was reworked in response to the COVID-19 crisis, while state and local governments are simultaneously expanding health data initiatives and looking for more cost-effective data solutions. Add in the growing importance of data-intensive cyber threat detection and the broad potential of AI and automation, and it becomes clear: Agencies' data challenges are evolving rapidly, and a solid data strategy is mis...

To protect the health and safety of attendees, this event has been canceled due to COVID-19 concerns. Special Offer for In-House Counsel: In its fifth year, the National Institute on Cybersecurity is putting down the welcome mat for in-house counsel with in-house counsel able to request one free registration per organization for an attorney to attend. "In-house counsel" refers to a practicing lawyer whose primary responsibility is providing le...

Agencies have made significant progress in improving interactions with their citizen customers by modernizing their infrastructure, moving to the cloud, using agile digital services and emerging technologies on the front end and capturing and analyzing the data on the backend. There is still work to be done, however, and the 21st Century IDEA Act -- passed as part of the 2018 NDAA -- has added new priorities for improving and expanding the typ...

As agencies follow the administration's IT Modernization guidance and move more of their systems to the cloud, it's essential to protect the data from a host of evolving threats. There are a number of programs to help with the journey, however. The FedRAMP program is an important part of any agency’s cloud strategy, and it is providing a path and structure to the move by certifying cloud services providers so agencies have a trusted list...

Register today for the FCW Workshop: The Future of FedRAMP being held on November 19th in Washington, DC, featuring speakers from NIST, GSA and more. Hear these seasoned experts explore FedRAMP's latest initiatives, the pre- and post-approval obligations, and the 2020 outlook for both government and industry stakeholders. Topics for discussion may include: * The impact of FedRAMP Connect * Best practices for pursuing an Authority to Operate* M...