U.S. Air Force and Microsoft partner to empower airmen with modern IT

LEIGH MADDEN | February 11, 2020 | 149 views

The U.S. Air Force is breaking the glass as a leader in harnessing the power of cloud, rapidly rolling out modern services to enable airmen to advance the mission through more effective collaboration. As part of their digital transformation journey to achieve global access, persistence, and awareness for the 21st century, the U.S. Air Force is deploying targeted workloads that allow airmen to focus on their missions rather than spending time managing IT infrastructure.

Spotlight

MicroAge

MicroAge has expanded from being a Value-Added Reseller (VAR) and consulting group to a true managed services provider (MSP) and digital transformation company. With a vast array of subject matter experts and technology experts, MicroAge offers a complete mix of end-to-end and managed services and technology solutions so you can innovate faster with one trusted point of contact.

OTHER ARTICLES
GOVERNMENT BUSINESS, GOVERNMENT FINANCE

Securing the Government Cloud

Article | July 12, 2022

Federal agencies have been migrating data and workloads to the cloud for over a decade now, but the ever-changing technology landscape can make it difficult to keep up with cybersecurity needs. Several government agencies have a role in ensuring federal cloud architectures are secure, including the Federal Risk and Authorization Management Program, or FedRAMP, the central office for certifying commercial cloud products have a baseline of cybersecurity. The FedRAMP program—and any program that grants an authority to operate, or ATO—has long been a roadblock to agile IT deployments, as the process is often time- and resource-intensive. The program office is trying to change that, and recently asked stakeholders from government and industry for feedback on what needs fixing.

Read More

How Can State and Local Agencies Better Collaborate on Cybersecurity?

Article | May 26, 2021

Some state governments, such as Massachusetts, have established formal plans to work with localities within their states on cybersecurity. However, as ransomware attacks proliferate across the country and strike big cities and small towns alike, state-level organizations say there needs to be greater IT security coordination between states and municipalities. Last month, the National Governors Association and the National Association of State Chief Information Officers released a report, “Stronger Together: State and Local Cybersecurity Collaboration,” designed to showcase best practices for such collaboration.

Read More
CYBERSECURITY

Bill Offers $400M for State, Local Government Cybersecurity

Article | March 23, 2022

With state and local governments beset by a precipitous rise in cyberattacks, new federal legislation might provide some necessary cover where needed. The State and Local Cybersecurity Improvement Act would create a grant program worth $400 million to finance cybersecurity efforts in communities across the country, according to a release. Eligible communities would be able to apply for funds, provided through the Department of Homeland Security, which would be allocated to assist in areas like vulnerability scanning and testing, cyberworkforce development and intelligence sharing, according to the bill text.

Read More

How 3 U.S. government agencies use Smartsheet to achieve their missions

Article | February 10, 2020

Federal government agencies use Smartsheet Gov, a work execution platform designed especially for government agencies, to make work processes more speedy and effective, empower their workers to have higher visibility into information and metrics, and ultimately achieve more. Federal agencies are looking for ways to drive efficiencies, break down silos, reduce costs, and ultimately to achieve their missions. Read on to learn from three organizations about how the Smartsheet Gov platform helps them manage information, projects, programs, and processes.

Read More

Spotlight

MicroAge

MicroAge has expanded from being a Value-Added Reseller (VAR) and consulting group to a true managed services provider (MSP) and digital transformation company. With a vast array of subject matter experts and technology experts, MicroAge offers a complete mix of end-to-end and managed services and technology solutions so you can innovate faster with one trusted point of contact.

Related News

EMERGING TECHNOLOGY

New Iridium Certus Service Providers to Support U.S. Government Customers

Iridium Communications | October 13, 2022

Iridium Communications Inc. (Nasdaq: IRDM) announced today that Iridium partners MetOcean Telematics, NAL Research, and Trace Systems are now Iridium Certus® service providers for U.S. government customers, joining Satcom Direct, in this capacity. These unique, long-term deals will allow these companies to provide Iridium's secure global satellite broadband and midband connectivity for mobile voice and data services to the U.S. government through a dedicated gateway. By leveraging the inherent advantages of the Iridium® network, including truly global, on-the-move L-band connectivity, MetOcean Telematics, NAL Research, and Trace Systems are now able to deliver enhanced capabilities that meet Communications Security (ComSec) requirements for the Department of Defense (DoD) and warfighter. These capabilities include global and resilient voice, data and 1080 HD live-action video over satcom across all domains (land, maritime and air) on the move. The service also serves as the "ACE in PACE" – alternate, contingent or emergency communications link, supports early entry communications packages and command and control for autonomous or uncrewed systems and data backhaul. Whether in high-risk combat zones or during inclement weather events, the Iridium network provides uncompromising satellite communications that keeps users connected when it's needed most. Iridium Certus™ terminals enable U.S. government users to securely connect remote assets to respective command and control centers in the U.S. in a cost-effective and secure manner, from anywhere in the world. "Iridium Certus continues to provide mission-critical broadband and midband capabilities to the modern warfighter and we're excited to add new service providers to expand the distribution of these offerings, With the addition of Iridium Certus for the government, these partners will play a critical role in supporting DoD personnel as they utilize this value-added service." -Scott Scheimreif, Executive Vice President of Government Programs, Iridium. Unique in the satellite industry, Iridium Certus is the only broadband service that provides highly reliable, truly global, weather-resilient connectivity for on-the-move internet and high-quality voice access. Iridium Certus terminals are low-profile, compared to the competition, and capable of maintaining broadband connectivity in fast-paced, unpredictable environments on land, at sea, in the air — and can do it without landing in or passing through non-U.S. territories. Iridium Communications Inc: Iridium® is the only mobile voice and data satellite communications network that spans the entire globe. Iridium enables connections between people, organizations and assets to and from anywhere, in real time. Together with its ecosystem of partner companies, Iridium delivers an innovative and rich portfolio of reliable solutions for markets that require truly global communications. In 2019, the company completed a generational upgrade of its satellite network and launched its new specialty broadband service, Iridium Certus®. Iridium Communications Inc. is headquartered in McLean, Va., U.S.A., and its common stock trades on the Nasdaq Global Select Market under the ticker symbol IRDM.

Read More

CYBERSECURITY

One Year In, Cyber Executive Order Progress is Under Way, But Early Stage

MeriTalk | May 06, 2022

Ninety-one percent of Federal cybersecurity decision-makers say the 2021 Executive Order (EO) on Improving the Nation’s Cybersecurity has made U.S. data and critical infrastructure safer, but just 28 percent say significantly safer, according to Impact Assessment: Cyber EO Year One, a new study from MeriTalk, a public-private partnership focused on improving the outcomes of government information technology (IT). The report explores perspectives on progress against Cyber EO goals, identifies what successful agencies do differently, and finds the fault lines where agency cyber leaders say they need more help to succeed. Most Federal cyber decision-makers (78 percent) agree the steps outlined in the Cyber EO are necessary to protect our nation. Implementing software supply chain security and migrating to a zero-trust architecture are the two most important factors for national cybersecurity, the research highlights. And, while just 15 percent have seen tangible improvements because of EO efforts to date, a significant portion expects to see an impact within the next year. Federal cyber leaders confirm initial progress in areas including vulnerability detection, software supply chain security, vulnerability response, and investigative and remediation capabilities. Just over half confirm IT management and staff are placing increased priority on cybersecurity, and just over half are collecting more cyber data than in the past. But, across the board, progress against EO goals is still in the early stages. Fewer than half rate their agencies’ progress against key EO goals as “excellent.” For example, 36 percent rate progress toward creating a formal strategy as excellent; 34 percent rate progress toward investing in endpoint detection and response (EDR) as excellent; and, 33 percent rate progress migrating to secure cloud solutions, as excellent. When asked about the importance of zero trust, 82 percent agree that allocating staff and budget resources to zero trust is vital to national security and almost all, 96 percent, agree the Federal zero trust strategy is somewhat or very helpful. Despite the high priority, just 30 percent of Federal cyber decision-makers rate their zero trust progress as “excellent” and many, 67 percent, say the EO’s three-year window for implementing a zero trust architecture is not realistic. Zero Trust is the gold standard for cybersecurity, so we're encouraged to see the EO is prioritizing that approach. In addition, cloud-native endpoint detection and response capabilities can significantly strengthen the cybersecurity posture for the federal government, especially when integrated with other security capabilities including identity security, threat intelligence, and managed threat hunting. These concepts have become cybersecurity best practices for the private sector’s most technologically advanced businesses, and we encourage the public sector to continue to embrace these technologies and strategies.” Drew Bagley, vice president and counsel for Privacy and Cyber Policy, CrowdStrike “Getting to zero trust is not easy. The detail provided in the multi-step guidance from OMB provides a path, but there is no single box you can buy to meet the varied needs of the five zero trust pillars,” says Stephen Kovac, Chief Compliance Officer and Head of Global Government Affairs, Zscaler. “You need multiple solutions from varying vendors that work together with seamless integration to achieve true zero trust – it is a team sport. OMB has done a good job in helping to define those rules, with rule one being to keep users off the network. If they can’t reach you, they can’t breach you.” Funding is another roadblock. Just 14 percent report they have all funding needed to meet Cyber EO requirements. One-third say they have half, or less than half, of the funding needed. “The sea change is the focus on comprehensive cyber resiliency,” says Nicole Burdette, principal, MeriTalk. “The EO provided direction, and Federal cyber leaders are now doing the hard work. But progress requires sustained funding and resource commitment. The research shows the gaps.” “The U.S. federal government is taking important steps to improve the nation’s cybersecurity posture,” said Dave Levy, Vice President of U.S. Government, Nonprofit, and Healthcare at Amazon Web Services (AWS). “In the Cyber EO, the White House directs federal agencies to adopt security best practices, implement zero trust architectures, and accelerate migration to secure cloud services. Organizations of all sizes should consider similar principles and practices to enhance their cybersecurity and protect employees and sensitive data against cyberattack.” What are the leaders doing differently? Cyber EO champions (leaders who give their agency’s EO progress an A) are predictably more likely than their peers to say they have all the funding they need. They are also more likely to have their chief information officer (CIO) leading their zero-trust implementation (67 percent to 28 percent). When asked for perspectives on what’s needed to achieve cyber progress, the research identified the Federal wish list: Workforce training and expertise Stronger executive buy-in Detailed direction from agency IT leadership Centers of Excellence (COEs) in the government to lend expertise Three-fourths of Federal cyber decision-makers also say the EO should have been more authoritative with private-sector directives. The Impact Assessment: Cyber EO Year One report is based on an online survey of more than 150 Federal cybersecurity decision-makers familiar with their agencies’ cybersecurity initiatives, including zero trust strategies, in March 2022 and is underwritten by Amazon Web Services (AWS), CrowdStrike, and Zscaler. The report has a margin of error of ±7.7 percent at a 95 percent confidence level. About MeriTalk The voice of tomorrow’s government today, MeriTalk is a public-private partnership focused on improving the outcomes of government IT. Our award-winning editorial team and world-class events and research staff produces unmatched news, analysis, and insight. The goal: a more efficient, responsive, and citizen-centric government. MeriTalk connects with an audience of 160,000 Federal community contacts.

Read More

CYBERSECURITY

Acalvio Autonomous Deception Technology Provides Advanced Cyber Security to The Department of Homeland Security

Acalvio Technologies | April 21, 2022

Acalvio Technologies, the leader in cyber deception, announced that the FedRamp Ready ShadowPlex platform has been added to the Department of Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) Continuous Diagnostics and Mitigation (CDM) Approved Products List (APL). ShadowPlex enables government organizations to execute the three key aspects of adversarial engagement with operational efficiency: Detection: Rapidly detect adversary presence both on-premises and in cloud infrastructure Disruption: Derail and delay attacks Intelligence: Easily gather granular forensics of tactics, techniques, and procedures ShadowPlex leverages novel AI capabilities for both ease of use, by making deception autonomous, and effectiveness, by blending and customizing deception for every subnet and endpoint. Because it doesn’t require agents on production systems, ShadowPlex is low-risk to deploy but also produces high fidelity alerts. The solution was named a finalist in the RSAC Innovation Sandbox. The CISA Continuous Diagnostics and Mitigation (CDM) Program is a dynamic approach to fortifying the cybersecurity of government networks and systems. The CDM Program provides cybersecurity tools, integration services, and dashboards to participating agencies to help them improve their respective security postures by delivering better visibility and awareness of their networks and defending against cyber adversaries. US Federal Agencies are under increased cyber threats, including state-sponsored cyber-attacks. Advanced Deception Technology is best suited to defeat these attacks. National Security Agency (NSA) article (The Next Wave, 2021) shows that about 78 percent of the attackers are detected by deception technology within 20 minutes of breaching the network. CISA, in the 2022 – 2026 Strategic Technology Roadmap, has specifically recommended deploying deception technologies within the next two years by all Federal and critical infrastructure (CI) stakeholders for Network Security management. Acalvio ShadowPlex provides a powerful new capability to detect and respond to advanced threats, even zero-day attacks. The addition of ShadowPlex to CDM APL makes it easier for Federal agencies to procure and deploy modern deception technology to combat sophisticated adversaries.” Ram Varadarajan, co-founder and CEO of Acalvio Technologies The inclusion in CDM APL adds to the FedRamp Ready status, SOC 2, and NIST 800-171 compliances achieved by Acalvio Technologies. About Acalvio Technologies Acalvio is the global leader in Active Defense solutions to combat cyberattacks. Its breakthrough Autonomous Deception technology is based on over 25 issued patents in Distributed Deception and advanced AI, to enable deployment of Active Defense that is effective, easy to use, and enterprise scale. Acalvio’s Autonomous Deception reduces attacker dwell time through early detection of advanced threats and increases Security Operations Center efficiency by utilizing sophisticated investigation and active threat-hunting capabilities. The Silicon Valley-based company’s solution serves Fortune 500 enterprises, U.S. government agencies, and marquee MSSPs.

Read More

EMERGING TECHNOLOGY

New Iridium Certus Service Providers to Support U.S. Government Customers

Iridium Communications | October 13, 2022

Iridium Communications Inc. (Nasdaq: IRDM) announced today that Iridium partners MetOcean Telematics, NAL Research, and Trace Systems are now Iridium Certus® service providers for U.S. government customers, joining Satcom Direct, in this capacity. These unique, long-term deals will allow these companies to provide Iridium's secure global satellite broadband and midband connectivity for mobile voice and data services to the U.S. government through a dedicated gateway. By leveraging the inherent advantages of the Iridium® network, including truly global, on-the-move L-band connectivity, MetOcean Telematics, NAL Research, and Trace Systems are now able to deliver enhanced capabilities that meet Communications Security (ComSec) requirements for the Department of Defense (DoD) and warfighter. These capabilities include global and resilient voice, data and 1080 HD live-action video over satcom across all domains (land, maritime and air) on the move. The service also serves as the "ACE in PACE" – alternate, contingent or emergency communications link, supports early entry communications packages and command and control for autonomous or uncrewed systems and data backhaul. Whether in high-risk combat zones or during inclement weather events, the Iridium network provides uncompromising satellite communications that keeps users connected when it's needed most. Iridium Certus™ terminals enable U.S. government users to securely connect remote assets to respective command and control centers in the U.S. in a cost-effective and secure manner, from anywhere in the world. "Iridium Certus continues to provide mission-critical broadband and midband capabilities to the modern warfighter and we're excited to add new service providers to expand the distribution of these offerings, With the addition of Iridium Certus for the government, these partners will play a critical role in supporting DoD personnel as they utilize this value-added service." -Scott Scheimreif, Executive Vice President of Government Programs, Iridium. Unique in the satellite industry, Iridium Certus is the only broadband service that provides highly reliable, truly global, weather-resilient connectivity for on-the-move internet and high-quality voice access. Iridium Certus terminals are low-profile, compared to the competition, and capable of maintaining broadband connectivity in fast-paced, unpredictable environments on land, at sea, in the air — and can do it without landing in or passing through non-U.S. territories. Iridium Communications Inc: Iridium® is the only mobile voice and data satellite communications network that spans the entire globe. Iridium enables connections between people, organizations and assets to and from anywhere, in real time. Together with its ecosystem of partner companies, Iridium delivers an innovative and rich portfolio of reliable solutions for markets that require truly global communications. In 2019, the company completed a generational upgrade of its satellite network and launched its new specialty broadband service, Iridium Certus®. Iridium Communications Inc. is headquartered in McLean, Va., U.S.A., and its common stock trades on the Nasdaq Global Select Market under the ticker symbol IRDM.

Read More

CYBERSECURITY

One Year In, Cyber Executive Order Progress is Under Way, But Early Stage

MeriTalk | May 06, 2022

Ninety-one percent of Federal cybersecurity decision-makers say the 2021 Executive Order (EO) on Improving the Nation’s Cybersecurity has made U.S. data and critical infrastructure safer, but just 28 percent say significantly safer, according to Impact Assessment: Cyber EO Year One, a new study from MeriTalk, a public-private partnership focused on improving the outcomes of government information technology (IT). The report explores perspectives on progress against Cyber EO goals, identifies what successful agencies do differently, and finds the fault lines where agency cyber leaders say they need more help to succeed. Most Federal cyber decision-makers (78 percent) agree the steps outlined in the Cyber EO are necessary to protect our nation. Implementing software supply chain security and migrating to a zero-trust architecture are the two most important factors for national cybersecurity, the research highlights. And, while just 15 percent have seen tangible improvements because of EO efforts to date, a significant portion expects to see an impact within the next year. Federal cyber leaders confirm initial progress in areas including vulnerability detection, software supply chain security, vulnerability response, and investigative and remediation capabilities. Just over half confirm IT management and staff are placing increased priority on cybersecurity, and just over half are collecting more cyber data than in the past. But, across the board, progress against EO goals is still in the early stages. Fewer than half rate their agencies’ progress against key EO goals as “excellent.” For example, 36 percent rate progress toward creating a formal strategy as excellent; 34 percent rate progress toward investing in endpoint detection and response (EDR) as excellent; and, 33 percent rate progress migrating to secure cloud solutions, as excellent. When asked about the importance of zero trust, 82 percent agree that allocating staff and budget resources to zero trust is vital to national security and almost all, 96 percent, agree the Federal zero trust strategy is somewhat or very helpful. Despite the high priority, just 30 percent of Federal cyber decision-makers rate their zero trust progress as “excellent” and many, 67 percent, say the EO’s three-year window for implementing a zero trust architecture is not realistic. Zero Trust is the gold standard for cybersecurity, so we're encouraged to see the EO is prioritizing that approach. In addition, cloud-native endpoint detection and response capabilities can significantly strengthen the cybersecurity posture for the federal government, especially when integrated with other security capabilities including identity security, threat intelligence, and managed threat hunting. These concepts have become cybersecurity best practices for the private sector’s most technologically advanced businesses, and we encourage the public sector to continue to embrace these technologies and strategies.” Drew Bagley, vice president and counsel for Privacy and Cyber Policy, CrowdStrike “Getting to zero trust is not easy. The detail provided in the multi-step guidance from OMB provides a path, but there is no single box you can buy to meet the varied needs of the five zero trust pillars,” says Stephen Kovac, Chief Compliance Officer and Head of Global Government Affairs, Zscaler. “You need multiple solutions from varying vendors that work together with seamless integration to achieve true zero trust – it is a team sport. OMB has done a good job in helping to define those rules, with rule one being to keep users off the network. If they can’t reach you, they can’t breach you.” Funding is another roadblock. Just 14 percent report they have all funding needed to meet Cyber EO requirements. One-third say they have half, or less than half, of the funding needed. “The sea change is the focus on comprehensive cyber resiliency,” says Nicole Burdette, principal, MeriTalk. “The EO provided direction, and Federal cyber leaders are now doing the hard work. But progress requires sustained funding and resource commitment. The research shows the gaps.” “The U.S. federal government is taking important steps to improve the nation’s cybersecurity posture,” said Dave Levy, Vice President of U.S. Government, Nonprofit, and Healthcare at Amazon Web Services (AWS). “In the Cyber EO, the White House directs federal agencies to adopt security best practices, implement zero trust architectures, and accelerate migration to secure cloud services. Organizations of all sizes should consider similar principles and practices to enhance their cybersecurity and protect employees and sensitive data against cyberattack.” What are the leaders doing differently? Cyber EO champions (leaders who give their agency’s EO progress an A) are predictably more likely than their peers to say they have all the funding they need. They are also more likely to have their chief information officer (CIO) leading their zero-trust implementation (67 percent to 28 percent). When asked for perspectives on what’s needed to achieve cyber progress, the research identified the Federal wish list: Workforce training and expertise Stronger executive buy-in Detailed direction from agency IT leadership Centers of Excellence (COEs) in the government to lend expertise Three-fourths of Federal cyber decision-makers also say the EO should have been more authoritative with private-sector directives. The Impact Assessment: Cyber EO Year One report is based on an online survey of more than 150 Federal cybersecurity decision-makers familiar with their agencies’ cybersecurity initiatives, including zero trust strategies, in March 2022 and is underwritten by Amazon Web Services (AWS), CrowdStrike, and Zscaler. The report has a margin of error of ±7.7 percent at a 95 percent confidence level. About MeriTalk The voice of tomorrow’s government today, MeriTalk is a public-private partnership focused on improving the outcomes of government IT. Our award-winning editorial team and world-class events and research staff produces unmatched news, analysis, and insight. The goal: a more efficient, responsive, and citizen-centric government. MeriTalk connects with an audience of 160,000 Federal community contacts.

Read More

CYBERSECURITY

Acalvio Autonomous Deception Technology Provides Advanced Cyber Security to The Department of Homeland Security

Acalvio Technologies | April 21, 2022

Acalvio Technologies, the leader in cyber deception, announced that the FedRamp Ready ShadowPlex platform has been added to the Department of Homeland Security Cybersecurity & Infrastructure Security Agency (CISA) Continuous Diagnostics and Mitigation (CDM) Approved Products List (APL). ShadowPlex enables government organizations to execute the three key aspects of adversarial engagement with operational efficiency: Detection: Rapidly detect adversary presence both on-premises and in cloud infrastructure Disruption: Derail and delay attacks Intelligence: Easily gather granular forensics of tactics, techniques, and procedures ShadowPlex leverages novel AI capabilities for both ease of use, by making deception autonomous, and effectiveness, by blending and customizing deception for every subnet and endpoint. Because it doesn’t require agents on production systems, ShadowPlex is low-risk to deploy but also produces high fidelity alerts. The solution was named a finalist in the RSAC Innovation Sandbox. The CISA Continuous Diagnostics and Mitigation (CDM) Program is a dynamic approach to fortifying the cybersecurity of government networks and systems. The CDM Program provides cybersecurity tools, integration services, and dashboards to participating agencies to help them improve their respective security postures by delivering better visibility and awareness of their networks and defending against cyber adversaries. US Federal Agencies are under increased cyber threats, including state-sponsored cyber-attacks. Advanced Deception Technology is best suited to defeat these attacks. National Security Agency (NSA) article (The Next Wave, 2021) shows that about 78 percent of the attackers are detected by deception technology within 20 minutes of breaching the network. CISA, in the 2022 – 2026 Strategic Technology Roadmap, has specifically recommended deploying deception technologies within the next two years by all Federal and critical infrastructure (CI) stakeholders for Network Security management. Acalvio ShadowPlex provides a powerful new capability to detect and respond to advanced threats, even zero-day attacks. The addition of ShadowPlex to CDM APL makes it easier for Federal agencies to procure and deploy modern deception technology to combat sophisticated adversaries.” Ram Varadarajan, co-founder and CEO of Acalvio Technologies The inclusion in CDM APL adds to the FedRamp Ready status, SOC 2, and NIST 800-171 compliances achieved by Acalvio Technologies. About Acalvio Technologies Acalvio is the global leader in Active Defense solutions to combat cyberattacks. Its breakthrough Autonomous Deception technology is based on over 25 issued patents in Distributed Deception and advanced AI, to enable deployment of Active Defense that is effective, easy to use, and enterprise scale. Acalvio’s Autonomous Deception reduces attacker dwell time through early detection of advanced threats and increases Security Operations Center efficiency by utilizing sophisticated investigation and active threat-hunting capabilities. The Silicon Valley-based company’s solution serves Fortune 500 enterprises, U.S. government agencies, and marquee MSSPs.

Read More

Events