Cybersecurity is akin to the 20th century Cold War. On the one hand, bad actors – whether nation-states or common criminals – are constantly searching for new vulnerabilities and creating new tools to attack them. On the other, all government agencies and private sector companies are trying to remain alert and find new ways to fend off those attacks. Among the innovative ways agencies are responding to the ever-evolving threat land...

Ever since the dawn of the internet, its value lies in the data it handles, whether moving it, storing it, or calculating with it. As a result, just as Willie Horton once said he robbed banks because “that’s where the money is,” many of today’s cyber bad actors target agencies’ data because they can monetize it. Even hostile nation-states such as North Korea seek U.S. and state agencies’ data because they ne...

It has been almost seven years since the White House issued Presidential Policy Directive 40, setting out the federal continuity policy “to maintain a comprehensive and effective continuity capability through Continuity of Operations (COOP), Continuity of Government (COG), and Enduring Constitutional Government (ECG) programs, ensuring the resilience and preservation of government structure under the United States Constitution and the co...

The federal government has a complex hiring process, governed by a host of regulations and policies. Difficulties in hiring young people and individuals with valuable skills such as cybersecurity, and the impact of the pandemic on all employers, has modernizing HR is at the forefront of many agency leaders’ minds. Data and AI-driven tools can increase visibility into, and lessons learned from hiring, onboarding, and turnover, but underst...

As agencies move to implement a zero trust architecture, the dispersed nature of their cloud-based and hybrid networks means more attention than ever must be paid to the security of Active Directory (AD), which administrators use to manage permissions and access to network resources by far-flung endpoints. Attackers can gain unauthorized access to a company’s data if Active Directory is compromised; monitoring your AD will help protect s...

One Cybersecurity and Infrastructure Security Agency (CISA) program that has been widely adopted throughout the federal government also is one of its longest-established – the Continuous Diagnostics and Mitigation (CDM) program. Introduced in 2012, the program provides a dynamic approach to strengthening the cybersecurity of government networks and systems. The program has evolved over the past decade to add new capabilities, including c...

The cybersecurity slogan for zero trust is a simple one: Never trust, always verify. States, localities, tribes and territories face the same cyber threats as the federal government, and many of their agencies are wrestling through how they can implement zero trust architectures. One of the most important elements in pursuing zero trust is implementing microsegmentation — partitioning a network into small, isolated sections to reduce the...

As State and Local agencies pursue their zero trust goals taking into consideration the Executive Order 14028, “Improving the Nation’s Cybersecurity,” it is easy to focus on technology solutions. But that overlooks something fundamental about both the challenge and the purpose of moving to zero trust – the human beings that will use the redesigned systems to better meet their agency’s mission. If a zero-trust impl...

Federal agencies take seriously the cybersecurity of their IT systems. They must observe numerous federal policies and programs, from Executive Order 14028 on down. Many agencies are far less aware of the need to strengthen the security of their operations technology (OT), the equipment that runs many kinds of systems, including healthcare. Historically, that was less of an issue since most OT systems were closed and standalone. But the intern...

When the Cybersecurity and Infrastructure Security Agency (CISA) released its Zero Trust Maturity Model Version 2.0 in April, it identified access management as a core function within the Identity Pillar. Identity is the very first of five such pillars, and brings the need for privileged access management into clear focus. Identity is defined by CISA as “an attribute or set of attributes that uniquely describes an agency user or entity,...