When FBI Director Christopher Wray speaks publicly about the cyberthreat posed by the Chinese government to U.S. critical infrastructure, it is past time to take the danger seriously. “The PRC [People’s Republic of China] has made it clear that it considers every sector that makes our society run as fair game in its bid to dominate on the world stage, and that its plan is to land low blows against civilian infrastructure to try to...

Agencies increasingly rely on Software-as-a-Service (SaaS) platforms such as Salesforce for mission-critical functions, which offers them numerous benefits including flexibility, reducing upfront IT resource costs and delegating upgrades and patches to the provider. Using Salesforce does not remove the agencies’ responsibility for cybersecurity, however, and SaaS applications face their own risks, including misconfigurations, poor access...

Ever since the issuance of Executive Order 14028, issued in May 2021 to improve cybersecurity across the entire government by implementing a zero trust architecture, federal agencies have been hard at work to meet the requirement. Then, in October 2023 – less than 18 months later – a new executive order, 14110, was released on the “Safe, Secure, and Trustworthy Development and Use of Artificial Intelligence.” These are...

It may seem ironic, but government agencies at all levels wrestle with the difficulty of compliance with regulatory requirements even as they issue regulations for others (sometimes including themselves) to meet. For example, just as the healthcare industry follows HIPAA, so too do Veterans Administration hospitals – along with all federal, state, local, tribal and territorial health organizations. Then there are government-only policies...

Federal cyber leaders are tasked with the challenge of balancing active defense efforts, particularly when the U.S. is involved in international conflict, with building an infrastructure secure from the individual device all the way to enterprise environment. To do all of that, defending their networks and building for the future, DoD leaders must prioritize continuous monitoring of their cyber systems to address hidden vulnerabilities to addr...

Getting ready to attend VETS24 or another government contracting conference this year? Plan your strategy before attending so you can get the best return on your investment. Conferences connect industry professionals, government buyers, and small business owners. Learn how to prepare to make new connections, and explore potential opportunities. FREE LinkedIn live VETS24 | Step-by-Step Guide for Success at Federal Market Conferences In this tra...

The lineup for GSA’s FAST 2024 “Emerging Innovation and Trends” conference is filled with experts from across the federal government and industry discussing topics crucial to making your next acquisition a success! Register to learn about: How to expedite your acquisition process by using emerging technologies, trending solutions, and best practices GSA’s pricing-control standardization and our automated continuous moni...

The internet is an increasingly dangerous place. The FBI warns of Chinese threats to U.S. critical infrastructure, while the National Security Agency releases guidance for strengthening AI system security. Meanwhile, agencies still wrestle with phishing, ransomware and myriad other threats that occur every day. At the same time, government organizations are expected to implement zero trust architectures, improve identity and access management,...

The state of New York is emphasizing improving its IT resilience. The state’s 2022-23 strategic plan focuses on moving off legacy systems, implementing an enterprise architecture, and improving service delivery to its residents, to name a few. In addition, the state has its first cybersecurity strategy, and created a Joint Security Operations Center. As the largest city in the United States, New York City has its own technology roadmap,...