Government at all levels is moving as quickly as possible to integrate new solutions and overhaul processes that need streamlining. At the same time, officials are keeping close watch on AI and other emerging technologies, wary of the law of unintended consequences. For instance, in early September California Gov. Gavin Newsom signed an executive order directing state agencies to study the development, use and risks of generative artificial in...

The cybersecurity slogan for zero trust is a simple one: Never trust, always verify. This slogan fits into the Department of Defense mindset, which is always focused on how to reduce risk, but it’s a challenge to apply it to the federal government’s largest agency. An important tool in pursuing zero trust is to implement microsegmentation – partitioning a network into small, isolated sections to reduce the attack surface in e...

Advances in telecommunications capabilities are a major driver in Department of Defense programs. From creating secure private networks that U.S. military forces and their partners can use in conflicts to integrating 5G capabilities to create “smart” warehouses to significant improvements in supply chain logistics, DoD has been committed to investing in rethinking the meaning and applications of communications. One of the next step...

Communications security is one of the foremost priorities in any battlespace. This is one reason the Department of Defense is keen on building out 5G capabilities, because of its ability to create secure private networks anywhere it is deployed. But 5G’s capabilities extend beyond creating private networks on the fly. Its ability to handle massive amounts of data makes it a crucial component in real-time data collection from all sources,...

The central premise of Office of Management and Budget Memo 22-09 laying out the Federal Zero Trust Strategy is that no actor, system, network, or service operating outside or within the security perimeter is trusted. Controlling access is everything. This makes defining identity crucial – not just for people, but for every device of any kind that tries to access an agency system. The strongest form of identity management is attribute-ba...

In 2022, the Department of Defense created a cross-functional team to accelerate the adoption of 5G and future-generation wireless networking technologies, laying the foundation for new opportunities to implement innovative solutions to military needs. The potential is there for 5G (and beyond) to remake the integration and interoperability of the different DoD domains – air, land, sea, space, and cyber – as envisioned in DoD...

One Cybersecurity and Infrastructure Security Agency (CISA) program that has been widely adopted throughout the federal government also is one of its longest-established – the Continuous Diagnostics and Mitigation (CDM) program. Introduced in 2012, the program provides a dynamic approach to strengthening the cybersecurity of government networks and systems. The program has evolved over the past decade to add new capabilities, including c...

One of the foundational tenets of zero trust architecture is Identity – providing credentials for every person and device – in order to manage access to government systems, whether entering from the outside or moving laterally from within. In other words, identity, credential and access management (ICAM) should be addressed as a whole, not as separate point solutions. This applies across all systems, all platforms, and all environm...

For government agencies, case management – delivering services to people and businesses – is the heart of their mission. In almost all cases, however, case management systems have gotten more complicated, more difficult to manage, and more expensive. Agencies today depend on legacy, siloed systems that have changed through kludges, “an ill-assorted collection of parts assembled to fulfill a particular purpose.” Rip-and-...

Federal agencies take seriously the cybersecurity of their IT systems. They must observe numerous federal policies and programs, from Executive Order 14028 on down. Many agencies are far less aware of the need to strengthen the security of their operations technology (OT), the equipment that runs many kinds of systems, including healthcare. Historically, that was less of an issue since most OT systems were closed and standalone. But the intern...