Today’s Federal technology teams are faced with a perilous balancing act. On one side are bad actors trying to break through network security to wreak havoc on Federal systems and steal critical and sensitive data – or worse. On the other side is a growing remote or hybrid Federal workforce that increasingly requires seamless, secure access to government networks and assets from points located outside of the traditional physical security perimeter. […]

NIST Special Publication 800-207 provides a clear and distinct definition of a Zero Trust Architecture that can be used to transform an enterprise to a Zero Trust model. The iboss Zero Trust Edge is a direct implementation against the NIST 800-207 Zero Trust Architecture principles and guidelines to ensure the service can be used to implement Zero Trust according to the NIST 800-207 publication. This guide will specifically walk through each section of the publication providing guidance on the principles described and the method by which to implement those principles using the iboss Zero Trust Edge service. […]

Does your organization want to lower compliance costs, reduce the risk of audit failure, and deliver audit-ready compliance documentation on demand? With the right strategy and technology, you can automate, transform and scale your compliance program to shift compliance left – and achieve continuous compliance. […]

MeriTalk recently spoke with Juliana Vida, chief technical advisor, public sector at Splunk, and former Navy deputy CIO, to discuss the new event logging mandates, how Splunk is helping agencies meet them, and the growing clout of agency cybersecurity teams. Download the report to discover the most critical things agencies can do to improve their logging capabilities. […]

Is the FITARA Scorecard – the semi-annual congressional exercise that aims to hasten Federal agency IT modernization – now ready for a set of fresh objectives and renewed focus on leading-edge indicators of IT health in government? Download and read our FITARA 13.0 Special Report to see plans to push the FITARA Scorecard into its next big chapter. […]

Increasingly sophisticated adversaries have gained a significant advantage over traditional approaches to threat detection and response. Cyber defenders struggle with a skills shortage, lack of visibility into an ever-expanding attack surface, and too many siloed security tools that overwhelm analysts with alerts and false positives. With eXtended detection and response (XDR), security analysts will be able to act more quickly, across multiple security layers. […]

MeriTalk recently spoke with Craig Mueller, vice president of Federal sales at cloud security firm iBoss, to discuss how SASE and zero trust can help agencies modernize and meet mission requirements supporting the hybrid government workforce. […]

On the latest FITARA Scorecard, seven agencies earned higher overall scores, four saw their grades decline, and 13 remained steady with gradings from the previous scorecard issued in July 2021. No agency received a failing overall grade – 22 of them got marks in the “B” and “C” range. With our FITARA Dashboard, get the same great content as the House Oversight and Government Reform (OGR)’s IT Scorecard, but a bit easier on the eyes. […]

Against the backdrop of a significant rise in cyberattacks against the Federal government and private sector organizations, President Biden has made cybersecurity a critical focus of his administration. His Executive Order on Improving the Nation’s Cybersecurity (EO 14028) gives technology teams marching orders with aggressive deadlines for securing Federal networks, systems, and endpoints. […]

The Federal government’s IT systems continue to provide an enticing target for bad actors in the cyber space. With 94% of breaches beginning with attacks targeting individual people, it begs the question: what can we do to secure ourselves from these constantly evolving attackers? […]

With the U.S. Federal Government largely moving to a hybrid or work-from-home environment, this workforce
presents a series of new concerns for IT Security professionals. […]

Agencies can’t secure what they can’t see. CISA’s Sean Connelly and Gigamon’s Michael Dickman examine how to achieve persistent visibility. […]

Watch the “Future of Federal Remote Access” session to hear from Yasir Aziz, AT&T Public Sector Account Manager, Palo Alto Networks and Brandon Pearce, Assistant Vice President, AT&T Cybersecurity discuss CISA’s TIC 3.0 Remote User use case, how Prisma Access and AT&T government-trusted internet is assisting agencies in meeting their security goals and deadlines, and what lies ahead for remote access. […]

As organizations look to the post-pandemic future, they’re now thinking about how to evolve their networking and security architectures to maintain the productivity benefits of hybrid work, while continuing to reduce the risk of significant security breaches. […]

The Biden administration’s Cybersecurity Executive Order issued in May 2021 marks the Federal government’s most determined effort yet to propose and enforce fundamental changes needed to advance civilian agency cybersecurity, defeat sophisticated attacks on government networks, and push forward IT modernization. […]

To support the work-from-anywhere environment, Federal IT teams are working hard to protect data from breaches, secure networks and endpoint devices, and create high-quality experiences. Many have digitized the front end of IT operations, but the back end largely remained the same. […]

Traditionally, developers for government systems will wait until the end of a project to ensure security, retrofitting where needed and accepting certain risks. But why not build security in at every step of the process? Better yet, why not automate that process? […]

Failure to achieve fundamental awareness capabilities substantially weakens other cyber security investments. The capabilities of tomorrow and the visionary features described in this paper are advanced capabilities that Ciena is working on for future releases. […]

Substantial work is required to meet the mandates laid out in the EO. OMB, for example, said it expects that “moving to a zero trust architecture will be a multiyear journey for agencies, and the Federal government will learn and adjust as new technologies and practices emerge.” […]

To better protect critical operations against attacks, President Biden issued the Executive Order (EO) on
Improving the Nation’s Cybersecurity, which outlines actions that Federal agencies must take to fortify our
nation’s digital infrastructure. A central element of the EO is a mandate to adopt a Zero Trust architecture. […]

Bryan Rosensteel has spent more than a decade working with identity in the Federal government. As a Federal solutions architect at identity services provider Ping Identity, he advises government agencies on best practices for deploying zero trust security architecture. When President Biden issued the Executive Order on Improving the Nation’s Cybersecurity (EO), Rosensteel was positively […]

Security teams find themselves in perpetual cybersecurity crisis mode, trying to catch a breach quickly, limit the spread within the network, and remediate. Is there another way? […]

A new cybersecurity paradigm is emerging, and a Zero Trust Architecture is at its core. President Biden’s Cybersecurity Executive Order affirmed the importance of moving to zero trust to protect government’s most sensitive assets. But how can agencies achieve zero trust security, alongside similar mandates to move to cloud infrastructure? This video from DLT and AWS explores the latest advances in cloud security for Federal agencies. […]

Federal agencies face increasingly skillful and potent cyberthreats from state-sponsored attackers, supply chain infiltration, insidious ransomware, and silent network lurkers, but a trio of actions can protect against those assaults. […]

With the U.S. Federal Government largely moving to a hybrid or work-from-home environment, this workforce
presents a series of new concerns for IT Security professionals. […]

A comprehensive approach to network visibility and security requires a new way of thinking. As networks continue to rapidly grow in capacity, complexity, and flexibility, the historical approach of bolting on sensors for visibility does not scale in terms of cost or labor. And bolted-on equipment does not always evolve with the network. […]

Public sector agencies face a daunting set of challenges as society adjusts to the post-COVID-19 environment. Whether it is federal, state and local government, military, law enforcement, or blue light responders, all disciplines that previously depended on in-person processes have been forced to pivot to digital alternatives at an
uncomfortable speed. […]

Cybersecurity in the federal government today is reactive and tactical. It’s filled with activities such as reviewing and closing out alerts in a security information and event management (SIEM) system, searching for indicators of compromise from a breach, or conducting incident response investigations. But a seismic shift is occurring as agencies move toward a proactive approach in which they trust nothing and verify everything. […]

Widespread breaches by hostile actors, the rising number of remote employees and bring-your-own-device (BYOD), the
growth of software as a service (SaaS), and cloud migration have rendered perimeter-based security obsolete. The Zero
Trust approach to cybersecurity — now mandated by a Presidential Executive Order — is growing rapidly in the public
sector. Zero Trust shifts security away from the perimeter, and closer to an organization’s most valuable assets. […]

IT and security teams have certainly risen to the occasion to keep organizations and their employees productive through one of the wildest years in history. Humans are resilient creatures, and those in the technology world certainly did not disappoint. But as the world begins to recover from it all, technology has evolved with some notable changes, requiring organizations to rethink many of their operational fundamentals. […]