OMB: Agencies Need Help With Old Problems

Chris WiedemannBy Chris Wiedemann, consultant

The cybersecurity challenges facing the government are well understood. Combine a highly federated environment, huge volumes of sensitive, classified or legally-protected data, all running on outdated legacy technology, and you get the government’s current situation: struggling to stay ahead of the latest threats in an increasingly dangerous digital environment.

Federal networks are very popular targets. The government deals with thousands of attacks each year – 35,277 in FY17, according to the most recent FISMA report. Moreover, the consequences of a successful attack are significant. Perhaps no data breach better exemplifies the dangers of lax security than the OPM attack in 2015, which exposed the personally identifiable information of millions of individuals to malicious actors and prompted a round of reports, recommendations and recriminations on the security posture of agency networks – as well as a renewed sense of urgency around security at the agency leadership level.

Read more of this post

New IoT Opportunities to be Found at DoD Facilities

Mark Wisinger_100x135Internet of Things

By Mark Wisinger, senior analyst

Facilities management continues to be the strongest use case for IoT solution sales, especially at the Department of Defense, which maintains thousands of facilities both within and outside the continental U.S. Each individual building contains a wide variety of sensors and devices that need to be actively monitored.

A single building may have systems for fire alarm reporting, closed-circuit TV, HVAC, lighting control, smart grid and physical access control and may include water management and power management devices. The massive amounts of data collected by these systems could help drive better decision making to help the DOD operate more efficiently, protect its assets and personnel, and save money.

Access to HVAC, utility and security system data can provide enormous benefits, but there is inevitable risk too. The DOD is trying to get beyond just worrying about data security compliance and instead wants to focus on managing an acceptable amount of risk.

Read more of this post

%d bloggers like this: