MeriTalk sat down with Justin Wilkins, director of sales engineering, public sector, Varonis, to understand how agencies can implement a data-first approach to zero trust.

[…]

MeriTalk sat down with Joe Kehoe, vice president of the Department of Defense (DoD) practice at Maximus, to learn how his company approaches agency engagements and leverages emerging technologies to modernize agency systems – with the goal of providing the best experience for his customers’ customers: American citizens.

[…]

As the nature of warfighting evolves, the need for technology solutions that put the right information in the right hands, at the right time, has never been greater.

[…]

As agencies come to grips with the understanding that their previous approach to mainframe security was lacking, the next step is pivoting multiple points in their strategy to remedy the issue.

[…]

In 2021, MeriTalk, in partnership with MFGS, Inc., surveyed 150 Federal cybersecurity leaders to explore security automation efforts and opportunities to improve cyber defense. 98% of which see gaps in their agency’s cybersecurity strategy. A large majority of these leaders say their agency is not using security automation with a significant impact. Learn about the gaps in agency’s current cybersecurity strategy currently and the priorities over the next three years.

[…]

In 2021, Meritalk, in partnership with MFGS, Inc., surveyed 153 Federal cybersecurity leaders to explore how agencies are employing application security (AppSec). A large majority of leaders have implemented some form of application security and have already seen significant benefits. However, most of these leaders also still see gaps in their organization’s security. Take a look at implementation now and over the next three years to learn what’s most important to agencies.

[…]

This guide will describe the path to zero trust in more detail, following the lead of the Office of Management and Budget (OMB)’s Moving the U.S. Government Towards Zero Trust Cybersecurity Principles memorandum. We all need to remember that zero trust, like any best practice cybersecurity, is not a destination but a continuous journey. That journey starts here.

[…]

With the government’s increased use of unmanned National Security Systems (NSS) in recent years, the Committee of National Security Systems (CNSS) has established a set of minimum criteria necessary to operate unmanned NSS which have been outlined in the CNSS Policy No. 28. Over the next 10 years, the global unmanned aerial vehicle military market is expected to grow exponentially from $9.5B to $17.4B by 2030.

[…]

Federal agencies are emerging from a tough season of security vulnerabilities – SolarWinds and Log4j among them – knowing that bad actors are changing their game plans. At the same time, agencies are improving their cyber playbooks with zero trust guidance from the White House, the Office of Management and Budget (OMB), the Cybersecurity and Infrastructure Security Agency (CISA), and others.

[…]

Application security is a concern that touches everyone, whether you are developing, deploying, or using software. Personal and government data, as well as agency and critical infrastructure operations, are at an increased risk of compromise due to proliferating and increasingly sophisticated cyberattacks. Software flaws, in particular, have been the gateways to recent cyberattacks and breaches that targeted government agencies and businesses worldwide.

[…]

By providing employees with an easy-to-use, zero-trust solution, organizations can ensure all employees and contractors support the five pillars of ZTA when accessing mission-critical data. Learn more about simple, effective measures that can be taken to limit vulnerabilities and the risks inherent in the human element of cybersecurity.

[…]

The defining moments of Federal IT in 2021 will have profound effects on the government moving forward. In this segment of “Defining Moments” on MeriTV, we examine zero trust with Hanna Wong of Keeper Security.

[…]

Learn how Synack365 gives organizations on-demand access to the most trusted worldwide network of security researchers. Backed by a vetted community of ethical researchers for continuous penetration testing and vulnerability management, Synack protects more than 30 government organizations with application security testing capabilities that deliver better results at scale than traditional methods.

[…]

In this guide, learn four ways an agency’s chosen cybersecurity solution should be protecting and serving the entire organization. Use it to evaluate your current cybersecurity solution or as a tool to interview potential security partners.

[…]

The possibilities created by edge computing range to near space and beyond, but the building blocks of successful edge deployments are decidedly down-to-earth. Red Hat’s John Dvorak, an emerging tech expert, shares practical steps to gaining the greatest value from edge.

[…]

In the past year, there has been a drastic increase in civil unrest and domestic terrorism. Simultaneously, natural disasters are becoming more common and increasingly devastating. As these types of emergencies become more prevalent and intense, the Federal Government must be able to quickly detect and identify critical events, as well as communicate about these events as they unfold with government facilities, staff, satellite offices and other stakeholders.

[…]

More than ever, risk and security professionals must be prepared to confront a bewildering array of challenges. An agency’s ability to proactively manage and respond to growing risk can mean the difference between a successful recovery and disaster. Not only has the risk landscape become more uncertain and chaotic, the COVID-19 pandemic redefined the workplace with unnerving speed.

[…]

The defining moments of Federal IT in 2021 will have profound effects on the government moving forward. In this segment of “Defining Moments” on MeriTV, we examine how the global pandemic inspired action, agility, and fostered a new working world. With the Federal government pivoting to remote and hybrid work, we’ll explore the new challenges – and opportunities – with Dana Barnes of Palo Alto Networks.

[…]

The Department of Veterans Affairs’ (VA) service desk receives an average of 55,000 calls per week from VA personnel and contractors seeking IT support. Making sure those calls are appropriately routed and resolved quickly and efficiently is key.

[…]

An integrated workplace management system allows Federal agencies to integrate their mission, budget, and security needs, while managing a variety of their systems all in one place.

[…]

Today’s Federal technology teams are faced with a perilous balancing act. On one side are bad actors trying to break through network security to wreak havoc on Federal systems and steal critical and sensitive data – or worse. On the other side is a growing remote or hybrid Federal workforce that increasingly requires seamless, secure access to government networks and assets from points located outside of the traditional physical security perimeter.

[…]

NIST Special Publication 800-207 provides a clear and distinct definition of a Zero Trust Architecture that can be used to transform an enterprise to a Zero Trust model. The iboss Zero Trust Edge is a direct implementation against the NIST 800-207 Zero Trust Architecture principles and guidelines to ensure the service can be used to implement Zero Trust according to the NIST 800-207 publication. This guide will specifically walk through each section of the publication providing guidance on the principles described and the method by which to implement those principles using the iboss Zero Trust Edge service.

[…]

Does your organization want to lower compliance costs, reduce the risk of audit failure, and deliver audit-ready compliance documentation on demand? With the right strategy and technology, you can automate, transform and scale your compliance program to shift compliance left – and achieve continuous compliance.

[…]

MeriTalk recently spoke with Juliana Vida, chief technical advisor, public sector at Splunk, and former Navy deputy CIO, to discuss the new event logging mandates, how Splunk is helping agencies meet them, and the growing clout of agency cybersecurity teams. Download the report to discover the most critical things agencies can do to improve their logging capabilities.

[…]

Is the FITARA Scorecard – the semi-annual congressional exercise that aims to hasten Federal agency IT modernization – now ready for a set of fresh objectives and renewed focus on leading-edge indicators of IT health in government? Download and read our FITARA 13.0 Special Report to see plans to push the FITARA Scorecard into its next big chapter.

[…]

Increasingly sophisticated adversaries have gained a significant advantage over traditional approaches to threat detection and response. Cyber defenders struggle with a skills shortage, lack of visibility into an ever-expanding attack surface, and too many siloed security tools that overwhelm analysts with alerts and false positives. With eXtended detection and response (XDR), security analysts will be able to act more quickly, across multiple security layers.

[…]

MeriTalk recently spoke with Craig Mueller, vice president of Federal sales at cloud security firm iBoss, to discuss how SASE and zero trust can help agencies modernize and meet mission requirements supporting the hybrid government workforce.

[…]

On the latest FITARA Scorecard, seven agencies earned higher overall scores, four saw their grades decline, and 13 remained steady with gradings from the previous scorecard issued in July 2021. No agency received a failing overall grade – 22 of them got marks in the “B” and “C” range. With our FITARA Dashboard, get the same great content as the House Oversight and Government Reform (OGR)’s IT Scorecard, but a bit easier on the eyes.

[…]

Against the backdrop of a significant rise in cyberattacks against the Federal government and private sector organizations, President Biden has made cybersecurity a critical focus of his administration. His Executive Order on Improving the Nation’s Cybersecurity (EO 14028) gives technology teams marching orders with aggressive deadlines for securing Federal networks, systems, and endpoints.

[…]

The Federal government’s IT systems continue to provide an enticing target for bad actors in the cyber space. With 94% of breaches beginning with attacks targeting individual people, it begs the question: what can we do to secure ourselves from these constantly evolving attackers?

[…]