It has been almost seven years since the White House issued Presidential Policy Directive 40, setting out the federal continuity policy “to maintain a comprehensive and effective continuity capability through Continuity of Operations (COOP), Continuity of Government (COG), and Enduring Constitutional Government (ECG) programs, ensuring the resilience and preservation of government structure under the United States Constitution and the co...

Modern security threats are evolving at a faster pace than security technologies, while well-funded threat actors are investing in tools like machine learning (ML), automation, and artificial intelligence (AI). Legacy security operations centers – SOCs – are not equipped with the tools to respond to this rapidly evolving landscape, even as the volume of traffic and data grow exponentially. These challenges also come as many agencie...

As artificial intelligence (AI) applications proliferate across the internet ecosystem, other changes are being triggered, from the commitment to R&D funding to workforce development to new initiatives in higher education. The federal government’s spending on IT R&D and AI in fiscal year 2023 is estimated at $9.6 billion. Meanwhile, the University of Florida, for instance, declares it is “building an AI university,” a...

After decades of delay, cybersecurity has become a defining issue for the United States. In response, when the White House laid out its zero trust requirements in January 2022, it set an ambitious goal – that all agencies have their zero trust infrastructure in place before October 1, 2024. This is because of the reality of the digital age: a persistent threat environment is the norm in the IT world, and agencies have to assume they...

Military contractors of all types are trying to work through the Department of Defense’s Cybersecurity Maturity Model Certification (CMMC) 2.0. It has been something of a moving target, as the Department of Defense has changed the certification model from five levels in CMMC 1.0 to three in the current version, to better align with existing federal standards and cut red tape for small and mid-sized companies. But the purpose of the CMMC...

A recent study concluded that government agencies are deploying mixed-IT environments - whether on-prem, public cloud, CSPs, MSPs, edge, colocation - at a high rate and that hybrid multicloud is projected to grow almost 5 times over the next three years. Government agencies are rethinking their cloud strategies to meet evolving priorities and mandates and how to address this complexity, especially in the face of IT staffing and skills shortage...

When the log4j vulnerability was first identified in late 2021, the Cybersecurity and Infrastructure Security Agency responded very rapidly, including giving all federal agencies less than a week to identify and patch all their affected systems, and coordinating a nationwide response to encourage the private sector to do the same. But the vulnerability is likely to dog agencies and the private sector alike for years. There are at least two rea...

Cyber attacks are on the increase across all levels of government – and state and local governments are often targeted because they have fewer resources for security. For instance, an October 2022 survey found that more than half of state and local governments faced ransomware attacks in 2021, and just one in five organizations successfully stopped the attack. Strengthening the security and resilience of these agencies’ systems req...

The universe of artificial intelligence applications is going through its own Big Bang right now. As artificial intelligence (AI) applications proliferate across the internet ecosystem, other changes are being triggered, from the commitment to R&D funding to workforce development to new initiatives in higher education. As public awareness grows of AI’s potential and how it may affect them, there still are issues to be resolved. For i...

Cyber attacks are on the increase across all levels of government – and state and local governments are often targeted because they have fewer resources for security. For instance, an October 2022 survey found that more than half of state and local governments faced ransomware attacks in 2021, and just one in five organizations successfully stopped the attack. Strengthening the security and resilience of these agencies’ systems req...