Federal agencies have to undergo independent audits to demonstrate compliance with Federal IT audit controls from guidelines such as Federal Information System Controls Audit Manual (FISCAM), Federal Information Security Modernization Act (FISMA), Statement on Standards for Attestation Engagements (SSAE), Financial Improvement and Readiness Guidance (FIAR), National Institute of Standards and Technology (NIST) guidance, as well as other Federa...

As federal agencies tackle the demands of integrating cybersecurity, cloud security, artificial intelligence, and digital services, they face the complex and evolving challenge of IT modernization. This process is critical and necessary across the Federal Government, with each agency undergoing its unique transformation journey. Cloud security, in particular, plays a pivotal role in this modernization, ensuring that sensitive data is protected...

While the Personal Identity Verification (PIV) and Common Access Card (CAC) represent a high assurance, technically interoperable, and a highly regulated method of authentication, they suffer from factors such as ease of use, ability to work with mobile devices and across devices. Office of Management and Budget (OMB) memorandum M-19-17, Enabling Mission Delivery Through Improved Identity, Credential, and Access Management, opened the door for...

The Technology Modernization Fund (TMF) invests in the most promising cybersecurity, data protection, interoperability, legacy system upgrades, and digital experience projects. The TMF helps implement information technology (IT) solutions across the government that improve agency processes and systems; use taxpayer dollars more efficiently; and deliver simple, seamless, and secure experiences to the American public.

Federal agencies need more support to implement modern monitoring tools that help improve their threat detection and response. But how can agencies achieve the resilience required for today’s cyber threats? It starts with prioritizing an observability strategy. In this webinar, experts will discuss the importance of an observability strategy to improve SIEM performance and costs, optimize security information and event management, and ho...

Mobile devices are an integral part of an efficient workplace and securing them has become a prevailing concern for individuals and organizations, given their widespread use and the sensitive data they contain. To address these concerns and to provide guidance on how mobile devices can be protected, the National Institute of Standards and Technology (NIST) has developed a set of guidelines for managing the security of mobile devices throughout...

Office of Management and Budget (OMB) Memorandum M-22-09 requires “agencies to achieve specific zero trust security goals” and designates “Identity” as the first of five pillars from CISA’s zero trust maturity model. Additionally, M-22-09 provides specific actions for the Identity pillar that include, employing centralized identity management systems that integrate with agency applications and platforms; leveragin...

Join us for a captivating webinar where esteemed Federal officials share insights into government cloud migration and security risks. Explore the role of community software in enhancing government operations and services, while understanding the criteria that make vendors valued partners. Gain insights into optimal areas for vendor support within government functions. As cloud adoption accelerates, we’ll discuss potential concerns relate...

Participate in an insightful panel discussion as we delve into the crucial topic of federal software supply chain modernization and compliance standards for Software Bill of Materials (SBOMs) in line with The President’s Executive Order 14028. This webinar aims to address the challenges faced by federal agencies, share best practices, explore avenues for improving efficiencies, and establish a compliance standard for SBOMs in the softwar...

Federal agencies across government have started the shift in mindset from just patching and remediation to truly transformative cybersecurity modernization. There is no better example than the move to developing zero trust architecture governmentwide. While every agency is in a different stage of its ZT implementation journey, there are key guideposts and best practices that every federal IT and security team should be following to optimize th...