Ghostwritten Thought Leadership

Filters & Sorting

4 pillars of high performing federal agencies

Positioning employees for success is inextricably linked to providing them with the right tools and technologies to enable their work. As with operational activities like technology or infrastructure planning, building successful,... The federal government is facing the same talent crunch as private sector organizations. Particularly with pending government retirements, it is more important than ever for agencies to build effective team environments that empower employees and offer career roadm

3 steps to help new CISOs to hit the ground running

Today’s chief information security officers face rampant cyber threats, an expanded attack surface and the pandemic-related explosion of remote workers connecting to agency networks from everywhere. As the purview of CISOs has grown in recent years, these committed individuals shoulder the responsibility for managing new and increased risks to keep their governments secure. New CISOs have no time to waste. Whether they are just starting with their organization or promoted from within, focusing

Securing Critical Infrastructure to the Cloud: Why Federal Operators Need Hardware-Enforced Cyber Defense - HS Today

There is a large and growing volume of data generated within critical infrastructure operational technology (OT) environments. While OT networks are traditionally air-gapped for the highest level of security, that network separation prevents the exchange of mission-critical data with untrusted external networks like the cloud. Every connected asset, after all, represents a potential point of compromise for cyber adversaries, including nation-state attackers. But this OT separation prevents gover

3 Steps to Tackling Cybersecurity in Manufacturing

The increasing convergence of Operational Technology (OT) and Information Technology (IT) in modern manufacturing environments enables big gains in productivity, efficiency and innovation. Until just a few years ago, every plant was a silo unto itself. Now, data from geographically disbursed plants can be easily shared through the cloud; detailed information about production inputs and output yields can be accurately measured across the entire enterprise; automated machine learning models can a

The Imperative to Integrate Security and Privacy on Modern Campuses

The Imperative to Integrate Security and Privacy on Modern Campuses Imagine it is homecoming weekend, and visiting alumni have flooded a college campus for the big football game. From the moment they park in the campus garage to when they leave the grounds, the visitors enter a new digital world that current students encounter every day. They use an app to pay for lunch in the student union, another app to buy a sweatshirt in the bookstore, and still another that holds their game tickets. The

Plugging Cyber Holes in Federal Acquisition

Government agencies are under siege from ransomware and incredibly sophisticated cybersecurity threats, such as the 2020 SolarWinds supply chain attack. To help fight back, lawmakers are introducing steps to broaden defenses through non-traditional approaches. The Supply Chain Security Training Act (SCSTA) bill, recently passed in the U.S. Senate, would extend cyber responsibilities to federal employees with supply chain risk management responsibilities, like program managers and procurement pro

How Critical Infrastructure Providers Can Securely Connect OT to the Cloud

Cloud connectivity offers tremendous benefits for critical infrastructure operators. Sending data from operational technology (OT) devices to the cloud opens the door for asset owners to use remote diagnostic and analysis tools, improve supply chain management, adopt predictive maintenance and schedule planned downtime—improving the efficiency and resilience of operations in ways not possible before. While beneficial, new cloud connections also introduce new risks. Every additional connected as

Partnerships, Proactive Approach Needed to Close Port Cybersecurity Gaps - HS Today

The current global backlog of container ships waiting to be unloaded showcases the criticality of large ports to world commerce and national economies. This logjam will eventually be broken and things will go back to a relative normal. But what if a port becomes a conduit to a far more serious threat? The safety and security of port operations is critical to both a nation’s economy and its sovereignty. Consider the impacts of the immense August 2020 explosion at the Port of Beirut, Lebanon. Tra

Data Diodes Offer Practical Way To Improve Pipeline Cybersecurity

In response to the growing number of cyberattacks on critical infrastructure entities, the Department of Homeland Security (DHS) issued security directives in May 2021 and July 2021 for critical pipeline owners and operators. The first directive requires owners and operators to report confirmed and potential cybersecurity incidents to the Cybersecurity and Infrastructure Security Agency (CISA), designate a cybersecurity coordinator, and prepare reports on cybersecurity risks and mitigation proc

An Energy Company’s Approach to Proactive Critical Infrastructure Security

Recent headlines show that threats to critical infrastructure are accelerating. Adversaries’ offensive capabilities currently exceed industry’s traditional defenses, creating a need to increase plant security while keeping pace with modern business demands. When computers were first used to run Operational Technology (OT), systems like valves, pumps, and actuators were analog and isolated. Since they couldn’t be remotely reached, operators saw no need to put security infrastructure in place. A

Bridging the Air Gap: How to Harness Your Data and Protect Your OT Network

Original equipment manufacturers (OEMs) serving the Critical Infrastructure sector have a new opportunity to bundle advanced data analytics with their products. Innovative services like predictive maintenance and automatic ordering of supplies and spare parts are driven by data that must be delivered from an operating machine back to the OEM. But Critical Infrastructure operators have long been concerned about introducing potential threats from opening their operational networks for OEMs to

JEDI cancellation offers multiple benefits for DOD, industry --

As DOD moves on from JEDI, the department embraces a multi-cloud future The cancellation of the single-source $10B Joint Enterprise Defense Infrastructure (JEDI) project came as surprising, but perhaps not fully unexpected news. From its beginnings in 2017, the proposition of awarding such a massive program to a single vendor caused controversy. Protests and litigation led to significant programmatic delays that would likely have stretched on. So, after four long years, everybody lost – or did

Simplifying Security in Multi-Cloud Environments

Federal agencies are moving from Cloud First to Cloud Smart policies. In doing so, they have adopted one of the top Cloud Service Providers (CSPs). Most agencies already use more than one of the major cloud providers – like AWS and Microsoft – with others set to join the landscape. With this in mind, Palo Alto Networks launched their FedRAMP-authorized Prisma Cloud Solution, offering a comprehensive security platform covering cloud-native and multi-cloud environments. Multi-cloud environments a

Amping Data Security Can Boost Your Privacy Strategy

When large technology companies take out full page newspaper ads to talk about their commitment to privacy, and they proactively ask for government privacy legislation, you know we’ve crossed a threshold. Data Privacy is a hot topic. Consumers are ever more concerned about how their data is being used. In response, governments around the world are issuing new regulations to rein-in aggressive data collection and usage practices that so many vendors have adopted throughout the digital era. New

Beyond Data: Function Is the New Cyber Attack Surface

• With this subscription you will receive unlimited access to high quality, online, on-demand premium content from well-respected faculty in the legal industry. This is perfect for attorneys licensed in multiple jurisdictions or for attorneys that have fulfilled their CLE requirement but need to access resourceful information for their practice areas. • Our Team Account subscription service is for legal teams of four or more attorneys. Each attorney is granted unlimited access to high quality,
Load More Articles