OMB’s Risk Report raised the cyber flag again – 71 of 96 Federal agencies are missing “fundamental cybersecurity policies” or have “significant gaps” in their cybersecurity programs. There is no silver bullet, but the Continuous Diagnostics and Mitigation (CDM) program provides an opportunity to continually improve cybersecurity risk postures across the federal government. During CDM’s […] […]

The most recent FITARA scorecard – Scorecard 6.0 – is in, and the results aren’t pretty. Since the last scorecard in November 2017, 11 agencies’ grades have declined while only six showed improvement. The Department of Defense received its third straight “F,” while eight other agencies were perilously close to failing, with “D” grades. But […] […]

FITARA, MGT, the latest IT Executive Order: all of these mandates underscore the same theme – our current approach to government IT isn’t working. Agencies are spending 80% of their IT budgets maintaining legacy systems. As data volumes skyrocket, cyber security threats proliferate, and employees and constituents demand near real-time access to information, this model […] […]

The Modernizing Government Technology Act (MGT) is moving forward. Signed into law in December as part of the National Defense Authorization Act, the White House just published guidelines for agencies who want to access MGT’s $500 million central revolving capital fund. Agencies will submit proposals to a board of experts who will evaluate the proposals […] […]

In May 2017, the President issued an Executive Order on Cybersecurity. Among other requirements, the order holds agency heads accountable for appropriate cyber defenses: “Agency heads will be held accountable by the President for implementing risk management measures commensurate with the risk and magnitude of the harm that would result from unauthorized access, use, disclosure, […] […]

The federal government has started to embrace the positive impact of cloud on cybersecurity efforts. We first saw this in the May Cybersecurity Executive Order, which outlined a shift to cloud as a key part of cyber security strategy. During a briefing, Tom Bossert, Homeland Security Advisor, said, “We’ve got to move to the cloud […] […]

Gartner forecasts that by 2020, 20.4 billion devices will be connected across the Internet of Things (IoT). The IoT brings the promise of new possibilities, but to unlock them, agencies must change how they think about data and how to keep it secure. There are four primary ways IoT can provide value to agencies and […] […]

Federal agencies face a continual struggle to attract top talent in the cyber workforce. Why? Because it is difficult for agencies to find qualified personnel, hard to retain security workers, and there is often an insufficient understanding of job requirements. This impacts us all – as it makes it more difficult for agencies to make […] […]

With the release of the fourth FITARA scorecard, we saw agencies stall on progress – more agency grades declined than improved, and 15 agencies’ grades remained neutral. One shining star was the United States Agency for International Development (USAID) – the first agency to ever receive an overall A. How did they do it? According […] […]

While the Cybersecurity Sprint focused attention on how to generate improvements quickly, one of our most important cyber efforts – the Department of Homeland Security (DHS) Continuous Diagnostics and Mitigation (CDM) program – is unquestionably a marathon. Now in its fourth year, the program is maturing agencies’ abilities to identify cyber risks and adopt a […] […]

We are starting to hear very different language when federal IT leaders talk about modernization. At the recent Federal Focus: The Cloud Generation event, Small Business Administration (SBA) Deputy CIO Guy Cavallo and CTO Sanjay Gupta talked about their migration from data center to cloud, noting that the key was to “burn the bridge back […] […]

According to a Gartner study, there will be 26 billion internet-connected devices by 2020 – more than four devices for every human on earth. This hyper-connected world presents opportunities and challenges for federal agencies, particularly given data security and privacy considerations, and the enormous variety of IoT devices (many of which, unlike a laptop, are […] […]

The latest FITARA scorecard revealed the first overall “A,” issued to USAID, which managed a significant improvement following a string of D’s on the last three scorecards. Unfortunately, more agency grades declined than improved. The trend is frustrating, particularly as the December 2016 scorecard showed improvements. The Chief Information Officer (CIO) is supposed to drive […] […]

The forecast is looking brighter for FedRAMP. The FedRAMP Project Management Office (PMO) has worked to make the cloud procurement more transparent and more efficient. At June’s Cloud Brainstorm event, Congressmen Will Hurd (R-Texas), Gerry Connelly (D-Va.), and FedRAMP leadership from the General Services Administration (GSA) shared perspectives on progress to date and what’s ahead. […] […]

How fitting that Cloud Computing (the horse) beat favorite Always Dreaming to the finish line at the Preakness this year, particularly for those of us working in Federal IT. Just three days earlier, the Modernizing Government Technology (MGT) Act passed the House, signaling continued momentum for agencies working to reduce reliance on outdated systems and […] […]

The Federal Data Center Consolidation Initiative (FDCCI) was intended to, in part, “reduce the cost of data center hardware, software, and operations […] and shift IT investments to more efficient computing platforms and technologies.” But it didn’t work – new data center construction continued. Six years after the FDCCI, the Data Center Optimization Initiative (DCOI) […] […]

As more and more Federal agencies turn towards cloud as the most viable modernization method – in a recent MeriTalk study, 76 percent of Federal IT cloud decision-makers said they are evaluating cloud solutions as an integral part of their overall IT strategy – agencies have to develop a clear plan on how to consolidate […] […]

The December 2016 FITARA scorecard  revealed a number of agencies continue to rely on legacy IT systems, wasting billions each year and making it increasingly difficult to secure sensitive government information. Many received Ds and Cs, and not one agency scored an overall A. Additionally, despite significant focus during the past several years, nearly 65% […] […]

The June 2015 breach of the Office of Personnel Management’s (OPM) employee records demonstrated a real vulnerability in Federal IT. With legacy systems dominating the Federal landscape, securing sensitive government data has become very nearly impossible. Fortunately, Congress and the Trump Administration seem to be coalescing around a straightforward crisis response plan: IT systems modernization. […] […]