Grants Support Cybersecurity Education

Government Business

Article | July 11, 2022

Cities, counties, and states are being forced to upgrade or purchase new technology. The old legacy systems are now inadequate, inefficient, and somewhat dangerous because of their vulnerability to hacking. Many of the old systems are almost completely obsolete. They are unable to accommodate new applications. In today’s data driven world, technology modernization leads to less cost, increases in efficiency, fewer requirements for human resources, and huge increases in convenience for citizens. Research on numerous capital improvement plans for cities, counties, and states reveals that funding is being allocated for major technology purchases and upgrades throughout the country. Massachusetts In a bill just signed by the governor, the Act Financing the General Governmental Infrastructure of the Commonwealth, $660 million has been allocated for information technology (IT) needs. Community colleges are scheduled to receive $140 million for cybersecurity, software, hardware, and infrastructure upgrades. Public schools will be eligible for competitive matching grants from a program that received $50 million. Much of the education funding will be used for access to broadband and other digital learning curricula. The IT funding includes $10 million for a statewide data sharing system for all criminal justice agencies and $10 million for the state’s Department of Health. Cities and counties in Massachusetts also will receive funding. Sommerville’s need to acquire modern backup IT appliances and disaster and cybersecurity projects will get funding. The county of Berkshire is granted funding for a study to determine the cost of constructing a municipal broadband network. Avon will receive funding to move the township’s financial software to the cloud for increased security, and Easton will get funding for an e-permitting geographic information system and some technology-based service delivery software. Texas City leaders in Houston plan to spend millions to upgrade some outdated technology. The current computer-aided dispatch (CAD) system is more than 13 years old and has limited functionalities. The city's public safety department is in need of a new system to efficiently respond to police, fire, and medical calls for services. Funding allocations are outlined in the city’s 2021-2025 Capital Improvement Plan. The public safety CAD replacement is scheduled to receive $1 million, and the city has allocated $2.2 million for new budgeting software. Nevada The Las Vegas Public Works Department plans to procure a software solution for the city’s capital improvement project program management system (CPMS). The department is challenged with aging IT infrastructure, reduced resources, and currently, each phase of the CPMS uses separate software applications. This is labor intensive and ineffective. The plan is to have one software solution that tracks and manages all phases of the CPMS, including concept, planning, design, permitting, construction, and closeout. The city has budgeted $350,000 each year from 2021-2025 to complete this project. Virginia The city of Norfolk plans to upgrade its Department of Utilities’ billing system at a cost of $2 million. Over two years, city leaders plan to spend $4 million per year to purchase IT infrastructure. Purchases will include public safety radios, courthouse equipment, an electronic health record system, security appliances, a cybersecurity assessment, and upgrades to e-services platform. The city of Portsmouth will upgrade its financial software beginning in 2021 with full implementation by 2024. The project will include software and hardware upgrades and the streamlining of third-party software. Beginning in 2022, the city will purchase record retention software to house permanent, and eventually all, citywide digital records. Plans also call for updating the city’s public safety records management/computer aided dispatch system at a cost of $900,000. New software will improve mobile computing and analysis tools, management dashboards, and multijurisdictional expandable capabilities for future potential collaborations with surrounding communities. Pennsylvania The city of Philadelphia’s Office of Innovation and Technology has a total of $153.6 million in city tax-supported funding programmed over its six-year FY21-FY26 capital program. Of the $22.5 million recommended, $8.67 million is for major upgrades for network infrastructure stabilization and enhancement. Another $13.83 million will support citywide departmental applications. This funding will be used for replacement of an old tax legacy system, a new personnel accountability system for the fire department, an integrated jail management system, and an enterprise resource platform modernization effort for procurement, accounting, and logistics. In 2021, the city also will design and implement a new fare collection system at a cost of $1.54 million to replace or enhance the current revenue collection equipment. North Carolina The Forsyth County Board of County Commissioners has approved a 2020-2021 annual budget which includes a $6.2 million enterprise resource planning system. The county’s budget, finance, and human resources software programs are in critical need of replacement. In Chatham County, there are plans to replace the current tax office software at a cost of $1 million, and the current software is being evaluated for new purchases. Oregon The city of Salem’s Information Technology Department has announced plans to update its financial system at a cost of $650,000. This upgrade is needed to maintain support of the application and increase functionality. The city also plans to update its enterprise storage array at a cost of $250,000. This equipment is primarily used for enterprise applications including financial services, cash handling, parking, utility billing, police records, and other city records flagged for retention purchases. There is absolutely no doubt – 2021 will be a good year for companies that have new technology to sell to public officials. Mary Scott Nabers is president and CEO of Strategic Partnerships Inc., a business development company specializing in government contracting and procurement consulting throughout the U.S. Her recently released book, Inside the Infrastructure Revolution: A Roadmap for Building America, is a handbook for contractors, investors and the public at large seeking to explore how public-private partnerships or joint ventures can help finance their infrastructure projects.

Government Business

Article | July 14, 2022

As federal agencies continue to support large numbers of remote workers, IT leaders have started to evolve their thinking on zero-trust security architectures. Increasingly, they are becoming more comfortable with the concept and are seeking to lay the foundation for deployments. Zero trust represents a mindset shift in cybersecurity in which every transaction is verified before access is granted to users and devices. In the federal government, it is still a relatively nascent approach, with some pilot programs here and there. However, IT leaders seem to recognize that cybersecurity models are increasingly going to be defined by a zero-trust architecture.

Emerging Technology

Article | July 16, 2022

“Belonging to the essential nature of a thing; originating and included wholly within an organ or part.” That is the definition of “Intrinsic.” When we were developing the “IT Manhattan Project” framework, we were doing so in direct response to some of the most significant hacks in U.S. Federal history, which piled on to the already unprecedented push to expedite the modernizing of federal IT because of the COVID-19 response. The COVID-19 response shifted the way that the U.S. federal government operated, where our workforce worked from, the immediate need for mobile ‘available from anywhere’ workloads, and how to both secure and support that new way of doing federal business. A new, vigorous push towards rapidly modernizing federal IT environments was underway. Ultimately, it laid the groundwork for producing transformational federal memos and oversight by way of some of the following: Executive Order 14028: “Improving The Nation’s Cybersecurity” M-22-09: OMB’s Zero Trust Strategy M-22-09 NIST 800-53rev5: Fulfilling an expedited realization of the overall intent of NIST 800-53r5 through the emphasis on things like conditional access, TIC 3.0 frameworks, Secure Orchestration/Automation/Remediation, and modernized, agile approaches to secure micro-segmentation from Hybrid Environments up to Federal Cloud instances Overall mandates like these carry with them a consistent anthem driving at rapid IT modernization with rigorous proof of performance schedules attached. Piling on top of those Herculean efforts, the urgency was drastically increased by several of the highest profile cyber compromises in U.S. federal history. Rapid modernization had to happen right away. The time for IT transformation was here, backed by promises of significant funding and a high level of political visibility. The Shift to Zero Trust At their core intent, Zero Trust architectures are expected to provide a centralized policy structure that dictates how every individual flow in our IT environments are permitted to talk. No user, host, or flow is permitted without being subjected to rigorous authentication and authorization policy. This shifts our previous understanding of North-South, East-West traffic and how we police it. The foundational intent of Zero Trust architectures centers around applying unified policy to every transaction that occurs between enterprise resources, and doing so in ways that are agnostic to the IT Silo that they reside in. Zero Trust assumes there is no implicit trust granted to assets or user accounts based solely on their physical or network location.” NIST 800-207 aptly They go on to explain that the scope of this posture includes all assets, workflows, network accounts, and the like. In summary, police everything, abstract production traffic intent from the underlying infrastructure that supports it, and institute a unified security posture to execute the policing at every network entry point. Regardless of the domain. We all know that this is a tectonic but much-needed shift in our industry. I’d go so far as to say that the successful instantiation of this approach across Federal IT environments is critical to our national security going forward. Management Complexities Enterprise IT domains contain varied mixtures of OEM solutions, home-grown tools, and utilize a wide variety of protocols to intercommunicate that aren’t necessarily standardize. Each of these domains is normally managed by separate IT teams who specialize in maintaining those environments. In the federal landscape, each of these domains aren’t just managed by separate enterprise IT teams, but are commonly managed by different contractors. Therefore, IT security organizations have a difficult time achieving and maintaining the necessary operational awareness required to enforce centralized policy. These cultural complexities exacerbated by budgeting concerns have created a fatalistic mentality when it comes to far-reaching mandates. This is where the tectonic shift in architectural and administrative approach is so necessary. This is where multidomain architectures shine. Let’s define a common baseline of enterprise domains seen across traditional IT environments: Cloud Data Center Enterprise Networking Extended Enterprise (IoT, OT/ICS) Remote Access But to deliver a successful Zero Trust across the enterprise, it is first necessary to understand some foundational building blocks on which to construct our architectural approach: We can’t have MULTIDOMAIN POLICY without first achieving fuller We can’t deliver macro and micro-segmentation without first having robust MULTIDOMAIN We can’t have multi-vendor MULTIDOMAIN Zero Trust POLICY without sensical INTEGRATIONS to stitch each enterprise domain together. Let’s face it, enterprise IT environments don’t simply include infrastructure from a single manufacturer, or even a few key manufacturers. Rather, our Enterprise IT environments are represented by a plethora of IT manufacturers specializing in different niches of IT and the domains they are commonly found in. These environments are managed by different Federal IT organizations, different contractors who support these Federal IT organizations, and many different teams that support each common IT silo. Different teams that support oft-compartmentalized areas like Network Security Operations, Network Operations, Data Center Operations, Institutional Services, Wide Area Networking contracts, Operational Technologies, and dotted lines to different leadership oversight like CIO Programs, CTO Architecture, the Cyber Security Office, and the audit oversight bodies that they are subjected to. Each of these make up a complex support structure that isn’t necessarily streamlined for efficiency. Summary and Overarching Goals In articles to follow, you’ll see us referencing the IT Manhattan Project framework several times. Though many details of the framework can’t be discussed due to their sensitivity, the foundational principles are relevant across the board when pursuing intrinsic multidomain Zero Trust. Establish Visibility (Administration, Telemetry, Assurance) Define Straightforward Policy Structure and Hierarchy (Auth Chains) Perform Multidomain Integrations (API Integrations) Deploy Software-Defined Framework (Day-0, Programmable Fabrics, Multi-OEM Fabric Integrations) Establish Sensical Automation Runbooks (Day-2 Operations) We will also explore some areas that deliver unexpected value to the agency business in immediate ways. All of this will help create a cohesive story that helps CIOs, CISOs, and enterprise architects alike communicate the criticality of this multidomain Zero Trust approach to agency leaders across the federal spectrum.

Article | August 26, 2020

In spite of a decline in contracting opportunities in state and local government, public officials are announcing dozens of new, large projects each week. The announcements usually include upcoming solicitations for new construction projects as well as renovation and upgrade projects. Because of population growth, many of the most recent announcements have expansion projects. Educational facilities need more classrooms, cities and counties need more office facilities, and economic development organizations have plans to develop more revenue-generating venues. Overall, it appears that contracting opportunities will not suffer much as a result of fewer solicitation documents that are anticipated over the near term. Here’s a sampling of what to anticipate in 2021. New York Broome County is planning a two-phase $180 million renovation project for the Floyd L. Maines Veterans Memorial Arena. The project will be a rather large one, and the first phase work has a projected cost of $58 million. That work will involve improvements and upgrades to the arena's current space. Phase two of the project carries an estimated cost of approximately $125 million. It will include construction of a second ice rink and a convention center, both of which will be linked to the current arena. The objective is to increase the number and type of activities that can be accommodated in this downtown. Accommodations will be made for e-sports, various types of tournaments and space for practice sessions by the American Hockey League Binghampton Devils. Phase two will also include another downtown hotel and a new park alongside the Susquehanna River. Formal solicitations for the project may be delayed until 2022, but interested contractors and/or partners will find no better time than now for positioning and pre-sales activities. Mississippi The Mississippi Legislature ended its yearly session with the approval of a bond bill in the amount of $291 million. This funding will be allocated for various types of projects. The sum of $13.5 million is earmarked for Mississippi Valley State University. The school will expand its student union building and upgrade other facilities. Another $13.5 million has been set aside for repairs to the state capitol building, grounds, and War Memorial building. Funding also will be provided to the city of Tupelo for repair, renovation, and expansion of the BancorpSouth Arena and Conference Center. Greene County will receive funding for the renovation and expansion of the county’s rural events center in Leakesville. Georgia The Georgia General Assembly’s final version of a $25.9 billion fiscal budget was adopted in June and it calls for making $70 million available for an expansion project related to the Savannah Convention Center. Another $10.24 million is allocated for infrastructure improvements to the Georgia World Congress Center in downtown Atlanta. The budget also will finance universities, colleges, and technical colleges. Specifically, $5 million is designated for renovations at the Driftmier Engineering Center at the University of Georgia’s main campus in Athens, $4.8 million for renovations to the Dublin Center and Library on the Dublin campus of Middle Georgia State University, and $4.5 million for renovations to the Memorial College Center on the Armstrong campus of Georgia Southern University in Savannah. Massachusetts An architecture firm will be selected to conduct a fast-tracked assessment of the Holyoke Soldier’s Home for an upcoming renovation and expansion project. The state of Massachusetts has designated 12 weeks for a firm to complete a needs assessment that will provide three scenarios for improvements that focus on infection control and needs of the residents. Planning for this project which is projected to cost approximately $116 million plan began years ago. The objective is to expand the facility with a five-story addition that provides 120 new private rooms. Oregon The Portland Public School Board plans to move forward with a $1.2 billion November bond election. If voters approve the bond package, there will be funding available for the modernization of Jefferson High School. Planning documents outline plans to fund design work and additional master planning. Initial implementation will include investments in the neighborhood schools surrounding Jefferson High School, pre-construction planning for the modernization of Cleveland and Wilson high schools, and final modernization of Benson Polytechnic High School. Indiana The Seymour ISD has announced plans to convert the Seymour Middle School Sixth Grade Center into an intermediate school for fifth- and sixth-grade students and also upgrade Seymour High School. Construction should begin in 2022 on this $52.45 million project. Objectives include the provision of additional classroom space, enhanced security, upgraded accessibility, and expansion opportunities for career and athletic programming. Enhancements and upgrades also will be made at the intermediate school. These include the construction of a new kitchen and cafeteria, administrative office, gymnasium, library, and band and choir rooms. The number of classrooms will be increased from 15 to 38. At the high school, a minimum of 25 new classrooms will be added and a corridor will be constructed to relieve congestion and create space for additional lockers. West Virginia The Greenbrier County Courthouse, built in 1837, is slated for an expansion project that will add approximately 22,000 square feet. The new annex, which will have an elevator, will be attached to the northern end of the current courthouse. The solicitation for construction is likely to begin in December. The construction project will include code upgrades and the upgrading of air conditioning equipment, sprinkler systems, and heating units. A secure elevator will be added in the existing courthouse to move prisoners. These projects are indicative of what can be found by researching upcoming contracting opportunities. Each new project also will require additional purchases related to technology, security, upgraded equipment, furniture, office supplies, landscaping, and numerous professional services. The government marketplace is still one of the hottest places to find abundant opportunities for private sector firms. Mary Scott Nabers is president and CEO of Strategic Partnerships Inc., a business development company specializing in government contracting and procurement consulting throughout the U.S. Her recently released book, Inside the Infrastructure Revolution: A Roadmap for Building America, is a handbook for contractors, investors and the public at large seeking to explore how public-private partnerships or joint ventures can help finance their infrastructure projects.