Government Needs to Shore Up Security Readiness – Before the Next Shutdown

Lloyd McCoy Jr.

By Lloyd McCoy, Market Intelligence Manager

Whether it’s through government shutdowns or cyber threats, the possibility of government having to unexpectedly operate at reduced capacity is greater than ever. While it appears that the recent partial shutdown had minimal impact on security readiness, we should count ourselves lucky instead of expecting such an outcome to be the norm.

With the resumption of full government operations, all agencies, not just those affected, should take stock and partner with industry to shore up their posture in two areas, risk management and AI.

Risk Management

Government agency risk management strategies have traditionally emphasized the threat landscape and vulnerability of attack surfaces. Expect agencies to take a hard look at their risk posture to determine whether they’ve adequately factored in the impact of government shutdowns. This is an area where industry can play a role – helping agencies adjust their security readiness in an environment where reduced operations may become more of a norm.

Work with your government customer or prospect to ensure that proper backup and recovery capabilities are in place, that their systems and networks have the right kind of resiliency and segmentation solutions in place, and that the security personnel are equipped with the right tools to “put out fires” when workforce and capacity levels are compromised.

Read more of this post

Changes to DHA Will Impact Cybersecurity Needs

Lloyd McCoy Jr.By Lloyd McCoy, Market Intelligence Manager

The mandates in the National Defense Authorization Acts of 2017 and 2019 called for greater centralization of the military health system. We are now seeing these initiatives being set in motion. One prime example is the migration of the Army, Navy and Air Force’s more than 400 military hospitals and clinics under the umbrella of the Defense Health Agency. I recently attended an AFCEA luncheon where Dr. Barclay Butler, the Component Acquisition Executive for DHA, and Pat Flanders, DHA CIO, spoke extensively on the ongoing consolidation, as well as other initiatives which promise to impact how those selling IT should approach defense health IT leaders.

Measurability and efficiency are driving the trend toward centralization and standardization across the Defense Health establishment. This is particularly applicable for security vendors since DHA wants to instill commonality in cybersecurity services and tools — from the largest military hospitals to the widely dispersed clinics. The two leaders urged industry that when engaging with Army, Navy and Air Force hospitals and clinics, think of the big picture. How can your solution work and be applicable across the entire military health enterprise?

Measurability

Butler and Flanders spoke at length about the need to measure outcomes. For security solutions, that means being able to better monitor threats and speed of remediation. Nothing new on the surface, but this requirement becomes more complicated as more and more military facilities get subsumed under DHA, with all the network architecture and migration challenges that come with the transition. Having a steady dialogue with DHA or one of the service medical commands is critical to ensure that safety and security aren’t negatively impacted by these changes – while ensuring that the hospitals and clinics have robust capabilities for measuring and auditing their security posture.

Read more of this post

Key Highlights From the FY19 Cybersecurity Budget

Lloyd McCoy Jr.

By Lloyd McCoy, Market Intelligence Manager

The newly minted FY19 budget stands out because the federal government passed it on time and for the first time in nine years, government agencies begin the new year equipped to fund new and ongoing IT investments. In what is welcome, albeit not surprising news for security providers, cybersecurity remains the highest priority in the IT budget.

When it comes to security-specific spending, all signs point to the recently passed budget largely aligning to the initial agency wish lists.

Below are some of the key takeaways to help you map out your targeting strategy. Note that these figures don’t wholly encompass security spending as a substantial (though unknown) level of security spending isn’t formally recognized as such.

Read more of this post

National Cyber Strategy – What Does It Mean for Those Selling Security Tools to the Government?

Lloyd McCoy Jr.

By Lloyd McCoy, Market Intelligence Manager

You’ve probably heard of the release last week of both the National Cyber Strategy and the Department of Defense (DOD) Cyber Strategy. Some of the priorities highlighted are robust information sharing, greater resilience, encryption, cyber scalability and hardening of IT systems. In fact, we’ve seen demand for these capabilities reflected in recent cyber budgets which have hovered between $13 and$15 billion over the last couple of years. While the documents bring together much of the cyber policies heard from the administration over the past year, there are some important key takeaways you should be aware of as we head into FY19.

Offensive Cyber
One of the most notable developments is a more overt embrace of offensive cyber operations. The DOD Cyber Strategy especially, hones in on this “defending forward” strategy, where the U.S. will confront threats before they reach U.S. networks.

By giving the government more latitude to conduct proactive and offensive cybersecurity, we could see more funding and resources allocated to these operations as early as next year. Expect more demand for network mapping and reconnaissance, data extraction, firewall tunneling and encryption/decryption tools, just to name a few. I expect most of the funding and demand for offensive cyber tools will be generally confined to U.S. Cyber Command and the intelligence agencies.

Read more of this post

5 Reasons Shutting Down DISA Would Be a Bad Idea

Lloyd McCoy Jr.

By Lloyd McCoy, Market Intelligence Manager

Not for the first or last time, Congress this year considered getting rid of some agencies as a cost-cutting move, and the Defense Information Systems Agency (DISA) may end up on that list. DISA provides networking and communications hardware and software for systems and services across all of the DOD. What might happen if the agency that handles military networking, computing and communications services gets the axe?

Senior leader communication support – DISA provides secure communication services to the White House and to other senior leaders. Keeping the infrastructure and its security under one roof creates operating efficiencies.

CYBERCOM could, theoretically, handle the role, but it would dilute that agency’s core mission of ensuring U.S. military cyber superiority – and force considerable reorganization to do so.

Spectrum management – Managing the electromagnetic spectrum is crucial to the security of communication, navigation and warfighting. That’s part of DISA’s job for the DOD, and it’s more important than ever with the networking of our ground, sea and aviation military assets. It would be a coordination nightmare to make service branches and military agencies share risk assessment and vulnerability information in their warfighting communications.

Read more of this post

Time to Start a New Conversation About AI in Government

Lloyd McCoy Jr.

By Lloyd McCoy, Marketing Intelligence Manager

Artificial Intelligence is becoming a topic of real interest to federal and SLED governments. Companies that sell storage solutions, automation, big data, security and data mining tools should be encouraged to start a new conversation with their clients and prospects. Here are some of the drivers behind AI in government.

Dramatic cost savings
According to Deloitte, low-investment AI could improve human task speeds up to 20 percent. That would save 96.7 million human hours annually in government. A high investment in AI could save well over one billion human hours per year.

Read more of this post

Security Is the Key to Growing Fed Blockchain Interest

Lloyd McCoy Jr.

By Lloyd McCoy, Market Intelligence Manager

Blockchain technology is gaining interest from the federal government. This secure, decentralized and interoperable solution can reduce IT security costs – and that checks all the boxes in federal procurement.

Things are moving pretty quickly with federal blockchain adoption, which is significant given how the government can drag its feet on new technologies. Back in July 2017, the GSA held the first U.S. Federal Blockchain Forum to pose uses for the technology from 100 federal managers.

Since then, blockchain requirements have shown up in more solicitations throughout the federal procurement process.

Read more of this post

%d bloggers like this: