A Practical Approach to A-123 Compliance Programs Join us for a unique, interactive workshop that "walks you through" the latest update of The Green Book which now conforms to the Internal Control Integrated Framework (COSO 2013). This training is focused on the current Standards for Internal Control in the Federal Government as detailed in the Green Book. This 18 hour CPE course provides you with the tools to implement a compliance program th...

There are plenty of benefits to innovative new technologies, from greater efficiency to cost savings to customer satisfaction. It is rare, however, for a new technology to truly replace existing IT – rather, it gets incorporated into or bolted onto current systems. This approach, along with the explosion of mobile devices and proliferation of software and SaaS applications, dramatically increases and clouds an Agency’s cyber footpr...

Government agencies at all levels face cyber threats at an increasing rate. Ransomware attacks alone increased by 70% year over year in 2023. Yet agencies are constrained by budget limitations and the shortage of cybersecurity professionals, leading to trying to manage from crisis to crisis and never catching up. Automating security workflows can help agencies get a handle on their challenges and prioritize their security needs, but it isn...

In today’s interconnected digital landscape, application programming interfaces (APIs) play a pivotal role in facilitating seamless communication and data exchange between various applications and systems. However, with this increased connectivity comes heightened security risks, particularly concerning the protection of sensitive data in those APIs. One of the most notorious examples of API risk is the Cambridge Analytica scandal in the...

In today’s rapidly evolving cybersecurity landscape, Zero Trust has emerged as a critical strategy to defend organizational assets against persistent cyber threats. However, the presence of mobile devices in enterprise environments poses significant challenges to traditional Zero Trust implementations. As government agencies increasingly rely on mobile devices to conduct business and communicate, ensuring the security of these endpoints...

Election security is top of mind across the United States, from concern about malign foreign interference, to DDoS attacks against election websites, to the security of voting machines and their software, to insider and third-party threats, even to “swatting” of local election officials, to name just a few. At the heart of all these threats is the intent to change the outcome of political races. Outcomes, in the end, are determined...

All the elements of the U.S. healthcare system are under siege by hackers. A recent article in Modern Healthcare reported that “[o]ver the past five years, there’s been a 256% increase in large breaches reported to [the U.S. Department of Health and Human Services] involving hacking and a 264% increase in ransomware.” Federal health agencies face the same risks – and private-sector attacks ripple through the agencies, a...

While the Personal Identity Verification (PIV) and Common Access Card (CAC) represent a high assurance, technically interoperable, and a highly regulated method of authentication, they suffer from factors such as ease of use, ability to work with mobile devices and across devices. Office of Management and Budget (OMB) memorandum M-19-17, Enabling Mission Delivery Through Improved Identity, Credential, and Access Management, opened the door for...

You are invited to attend Acquisition Training for the Real World’s Summer Camp event, July 15 - 19, 2024! This week-long series of two hour, virtual training sessions features engaging thought leaders who know the challenges that acquisition professionals face and can provide real-world solutions. Participants can earn up to 10 CLPs over the week! Classes offered this session include: Quest for Clarity: Asking the Right Procurement Ques...