A decade ago, the Continuous Diagnostics and Mitigation (CDM) Program put agencies on the right path with critical investments in identity and access automation, but technology hasn’t stood still. Today, the Federal Zero Trust Strategy aims to accelerate cyber maturity throughout the government and secure our nation’s future. At the same time, relentless innovation in Artificial Intelligence is changing the game for attackers and d...

The Centers for Medicare and Medicaid Services (CMS) is on a multi-year IT modernization journey – harnessing the power of new and emerging technologies to achieve mission-driven innovations, enhanced security, and delivery of improved access and care for millions of beneficiaries. CMS has done extensive work to date in cloud enabling applications and creating user friendly tools and enhancing security. The agency is now embarking on its...

The cat-and-mouse game between threat actors and cybersecurity professionals continued unabated in 2023, with new threats designed to avoid detection. Many of these threats are new takes on old ones, such as “leveling up” invoice fraud. And ransomware attacks are evolving; rather than encrypting victims’ data, they are straightforwardly stealing the information and extorting payment by threatening to post the info online or t...

Zero trust revolutionizes network security architecture because it is data-centric and designed to stop data breaches. While that is its primary purpose for government, it also increases agility for modern networks that traditional network designs can’t emulate. It has been almost two years since the Office of Management and Budget issued its federal zero trust architecture strategy, which set out specific goals for agencies to achieve b...

The Technology Modernization Fund (TMF) invests in the most promising cybersecurity, data protection, interoperability, legacy system upgrades, and digital experience projects. The TMF helps implement information technology (IT) solutions across the government that improve agency processes and systems; use taxpayer dollars more efficiently; and deliver simple, seamless, and secure experiences to the American public.

Federal agencies need more support to implement modern monitoring tools that help improve their threat detection and response. But how can agencies achieve the resilience required for today’s cyber threats? It starts with prioritizing an observability strategy. In this webinar, experts will discuss the importance of an observability strategy to improve SIEM performance and costs, optimize security information and event management, and ho...

Cybersecurity professionals working for state and local agencies and educational systems are likely already aware that cyber attacks targeting their organizations are increasing sharply – the second quarter of 2023 saw a 40% increase over the first quarter of the year. System defenders face the ongoing challenges of resource constraints, increasingly complex networks, and data overload. Add in emerging cyber threats from the accelerating...

Ransomware, malware, phishing, DDoS, social engineering, zero-day exploit, botnets – the list of types of attacks out there is long enough to keep even the most seasoned cybersecurity expert awake at night. And with the increased use of remote computing, the cyber attack surface grows as more edge devices are added to networks. Creating a zero trust environment holds a lot of promise to provide significantly improved cybersecurity. In th...

The cybersecurity slogan for zero trust is a simple one: Never trust, always verify. This slogan fits into the Department of Defense mindset, which is always focused on how to reduce risk, but it’s a challenge to apply it to the federal government’s largest agency. An important tool in pursuing zero trust is to implement microsegmentation – partitioning a network into small, isolated sections to reduce the attack surface in e...

Office of Management and Budget (OMB) Memorandum M-22-09 requires “agencies to achieve specific zero trust security goals” and designates “Identity” as the first of five pillars from CISA’s zero trust maturity model. Additionally, M-22-09 provides specific actions for the Identity pillar that include, employing centralized identity management systems that integrate with agency applications and platforms; leveragin...