Adapting Federal IT: Insights from 2023, Roadmap for 2024

The holiday season is officially over and the New Year has been ushered in, which means government IT departments are preparing their networks for a slew of federal cybersecurity mandates that must be met in 2024. But as they do…

CIS controls and automation—Why they are better together

For federal government agencies, it is not only a priority but a mandated requirement that the contractors and vendors they do business with have hardened cybersecurity compliance controls that secure their networks and protect the data and information they house.…

Strengthening federal software supply chains through the power of automation

This article originally appeared on SteelCloud’s official blog, HERE. When you mix all the Executive Orders, NIST standards, SBOMs, CUI, and critical software together, your organization will have a more secure supply chain. But it’s all just a mishmash of…

SteelCloud’s Brian Hajost on how federal agencies can effectively secure their software supply chains

As federal government agencies and the military continue to build upon the modernization efforts they’ve made across their workflows and services, it is critical that they carefully consider the cyber risks that each newly acquired application and piece of software…

Quest’s Chris Roberts on the current state of federal zero trust

It has been more than two years since President Biden released his Executive Order (EO) on Improving the Nation’s Cybersecurity. Paramount to this EO was the directive for federal agencies to move towards adopting and implementing zero trust cybersecurity architectures.…

A CMMC 2.0 rule release is around the corner—What DIB and FSI organizations need to know about Level 2

It seems that any day now the U.S. Department of Defense (DoD) will announce its rulemaking on the Cybersecurity Maturity Model Certification (CMMC) 2.0. According to the CMMC policy Director for the Office of the Undersecretary of Defense for Acquisition…

How the NIST Framework sets out to protect federal agencies’ AD environments

February 2021 was a moment in time where federal agencies were knee deep in modernizing their IT infrastructures to accommodate the digitized new normal of their processes, workflows, and services. But while the federal government was busy digitally transforming their…

Time to get ready for CMMC 2.0

Cybersecurity Maturity Model Certification (CMMC) 2.0 is here. If your company is not prepared, the time to get ready is now, or your company may risk losing business with the Department of Defense (DoD). The CMMC program requires cyber protection…

WVDEP CIO explains how digital transformation enhanced the state agency’s cybersecurity and boosted productivity

When COVID-19 reached American shores, state and local government agencies and educational organizations (SLED) had to abruptly and suddenly find a way to operate in a world with no face-to-face, in-person interaction. This forced many of them to turn to…

What federal government security architects need to know about zero trust

For the federal government, a zero trust architecture assumes that all traffic on an agency’s internal network is potentially malicious. Consequently, it requires taking measures to: Authenticate all connections Identify all devices, users, applications, and services Ensure that traffic goes…