OMB: Agencies Need Help With Old Problems

Chris WiedemannBy Chris Wiedemann, consultant

The cybersecurity challenges facing the government are well understood. Combine a highly federated environment, huge volumes of sensitive, classified or legally-protected data, all running on outdated legacy technology, and you get the government’s current situation: struggling to stay ahead of the latest threats in an increasingly dangerous digital environment.

Federal networks are very popular targets. The government deals with thousands of attacks each year – 35,277 in FY17, according to the most recent FISMA report. Moreover, the consequences of a successful attack are significant. Perhaps no data breach better exemplifies the dangers of lax security than the OPM attack in 2015, which exposed the personally identifiable information of millions of individuals to malicious actors and prompted a round of reports, recommendations and recriminations on the security posture of agency networks – as well as a renewed sense of urgency around security at the agency leadership level.

Read more of this post

What are FISMA and FedRAMP?

By Chris Wiedemann, consultant

Whether you’re a veteran of federal IT sales or a complete newcomer to the space, there’s one recurring theme you’ve probably noticed in the way our customers talk to industry: regardless of their mission or program, they all mention cybersecurity as a critical part of their job.

Given the sheer number of incidents and the size and scope of federal networks, not to mention the often sensitive information they contain, the focus on security makes business sense. However, as is often the case with government, there’s an extra factor to their behavior – they’re required by law to secure federal networks. One law in particular – the Federal Information Security Management Act (FISMA) – plays a critical role in determining how agencies need to secure their environments.

Read more of this post

DHS’s Lessons Learned from Heartbleed

Tomas OKeefe_65x85

by Tomas O’Keefe, Senior Analyst

Virus DetectedAt a recent Washington Post event on cybersecurity recognizing National Cybersecurity Awareness Month, Deputy Secretary of Homeland Security, Alejandro Mayorkas, spoke of DHS’s “dire need” for cybersecurity legislation that better enables cyber threat information sharing and helps recruit top cybersecurity talent. While the sky isn’t falling in on Deputy Secretary Mayorkas and DHS, the failure of Congress to pass updated cybersecurity legislation has hindered the department’s ability to meet the rapidly shifting landscape of cyber threats.

Read more of this post

%d bloggers like this: