DevSecOps incorporates security initiatives at every stage of the software development life cycle (SDLC). It is a set of practices combining software development, security, and IT operations with the goal of shortening a system’s development life cycle securely. From identifying patterns to uncovering new ways to support the mission, DevSecOps is playing an essential role in government’s digital transformation efforts. This virtual...

The Federal Risk and Authorization Management Program (FedRAMP) began in 2011 to ensure the security of cloud services used by the federal government. FedRAMP is a government-wide program providing a standardized approach to security assessment, authorization, and continuous monitoring for cloud products and services. FedRAMP uses NIST guidelines in its own framework to enable federal agencies to use cloud services securely and efficiently. Th...

One of the latest buzz terms being used is "Zero Trust" but what it is and why should anyone implement it. This webinar will go into the definition of what "Zero Trust" really is and why small to midsize businesses should consider some form of "Zero Trust" implementation. The "Zero Trust" framework is perfect for any organization that is working remotely or using a hybrid work model with employees working both in the office and/or remotely. If...

On May 4th, NARA released updated regulations on Digitization Standards for Permanent Records – AC 31.2023. The regulations established standards for digitizing permanent paper records and photographic prints. The regulations are in 36 CFR 1236, Subpart E and go into effect on June 5, 2023. NARA will be issuing a new GRS 4.5 that will cover digitizing records – the GRS and new regulations are related. These regulations have a signi...

On December 23, 2022, OMB released M-23-07, “Update to Transition to Electronic Records”. Item 1.2 states, “After June 30, 2024, all agencies must transfer permanent records to NARA in electronic formats and with appropriate metadata in accordance with NARA regulations and transfer guidance.” Previously, NARA Bulletin 2018-01 defined and updated the minimum set of meta elements that must accompany transfers of permanent...

A multi-cloud strategy is the utilization of two or more cloud services from any number of cloud providers that are compatible with and extend an organization’s hybrid cloud environments. It allows agencies to deploy applications on the public and private clouds that best suit agency business objectives and application needs. A multi-cloud platform provides multiple advantages including greater flexibility, more deployment options, secur...

The CDAO Procurement Forum will provide an opportunity for Business Development and Program Management executives better to understand CDAO’s ambition and procurement forecast for 2024. The Forum’s core objective is to expand and strengthen CDAO’s collaborative network with established and non-traditional partners in the continually evolving field of Artificial Intelligence. As CDAO’s ambition, objectives, and budget ha...

Zero Trust is a key component of every federal IT initiative and modernization effort. The Executive Order on Improving the Nation’s Cybersecurity, the CISA Zero Trust Maturity Model, the DISA Zero Trust Architecture, and various NIST guidance all include mission critical elements for zero trust implementation. Although the principals of Zero Trust are widely accepted, the implementation process is a detailed, time-consuming, and agency...

The federal government expends significant resources on manual data processing and entry, which is not only time-consuming but also error prone. Technological advancements now empower agencies to streamline data processing and extract valuable insights from their document repositories, enhancing efficiency and accuracy. Join Digital Government Institute (DGI), Hyland and Amazon Web Services for a webinar exploring the application, benefits, an...

The Continuous Diagnostics and Mitigation (CDM) program is the process government agencies use to move toward fortifying their cybersecurity networks and systems. It was developed in 2012 to support government-wide risk-based cybersecurity solutions to assist participating agencies improve their security posture consistently and cost-effectively. In this virtual workshop, government & industry experts will provide the following: a status u...