Public sector organizations continue to face a constant barrage of sophisticated cyber threats. And with new cybersecurity mandates and guidance — from recent executive orders to the release of the 2023 National Cyber Strategy — public sector leaders must make considerable decisions about their cyber enterprise that will have lasting impacts for years to come. On top of this, the emergence of novel security capabilities built on ma...

Advances in AI-assisted technologies and the growing sophistication of international threat actors are increasing the stakes for federal agencies to implement new and more effective safeguards to protect the nation’s strategic data. Much of that effort revolves around the Biden administration’s Executive Orders on National Cybersecurity and related mandates coming due in 2024 to adopt zero-trust architectures across their enterpris...

State and local governments had to adapt quickly to the effects of the pandemic, as workers and residents alike were encouraged to shelter in their homes. This created major challenges for agencies’ IT systems and technical support staff. Rather than using a “hub-and-spoke” method of connecting employees to servers, data, applications, and each other – where cybersecurity focused on firewalls around the perimeter ...

Cybersecurity has always contended with evolving threats. As the internet has become more embedded into social and economic life and smart phones, tablets and other handheld devices become ubiquitous, bad actors have devised new attacks to capitalize on new vulnerabilities. And just as agencies are implementing zero trust architecture to help with this wave, other IT developments are threatening to upend cybersecurity even more. For instance,...

A decade ago, the Continuous Diagnostics and Mitigation (CDM) Program put agencies on the right path with critical investments in identity and access automation, but technology hasn’t stood still. Today, the Federal Zero Trust Strategy aims to accelerate cyber maturity throughout the government and secure our nation’s future. At the same time, relentless innovation in Artificial Intelligence is changing the game for attackers and d...

The cat-and-mouse game between threat actors and cybersecurity professionals continued unabated in 2023, with new threats designed to avoid detection. Many of these threats are new takes on old ones, such as “leveling up” invoice fraud. And ransomware attacks are evolving; rather than encrypting victims’ data, they are straightforwardly stealing the information and extorting payment by threatening to post the info online or t...

Networking, Security, and Zero Trust: A Federal & Enterprise Evolution The modern IT landscape is complex, characterized by the intricate interplay of Federal and commercial sectors, each with unique challenges and requirements. Join us to discuss how Netskope SASE framework provides an environment of enhanced security, efficiency, and innovation, by offering tailored solutions adept at meeting the nuanced demands of both sectors. We will...

Ransomware, malware, phishing, DDoS, social engineering, zero-day exploit, botnets – the list of types of attacks out there is long enough to keep even the most seasoned cybersecurity expert awake at night. And with the increased use of remote computing, the cyber attack surface grows as more edge devices are added to networks. Creating a zero trust environment holds a lot of promise to provide significantly improved cybersecurity. In th...

The cybersecurity slogan for zero trust is a simple one: Never trust, always verify. This slogan fits into the Department of Defense mindset, which is always focused on how to reduce risk, but it’s a challenge to apply it to the federal government’s largest agency. An important tool in pursuing zero trust is to implement microsegmentation – partitioning a network into small, isolated sections to reduce the attack surface in e...

The central premise of Office of Management and Budget Memo 22-09 laying out the Federal Zero Trust Strategy is that no actor, system, network, or service operating outside or within the security perimeter is trusted. Controlling access is everything. This makes defining identity crucial – not just for people, but for every device of any kind that tries to access an agency system. The strongest form of identity management is attribute-ba...