EMERGING TECHNOLOGY, CYBERSECURITY
Zetron | March 15, 2023
On March 14, 2023, Zetron, one of the leading communications technology and service providers, announced it has received a contract from the North Central Regional Planning Commission (NCRPC) of Kansas (USA). The contract offers cyber resilience roadmaps and assessments for the Public Safety Answering Points (PSAPs) of 34 counties throughout the states. As the fiscal agent for six of the seven Homeland Security regions in Kansas, the Homeland Security/Emergency Operations unit of the Kansas Highway Patrol applies for and administers Homeland Security Grant Program (HSGP) funding to subrecipients such as the NCRPC.
State and local governments, including fire departments, police, and other public safety agencies, are increasingly susceptible to cyberattacks. As per the Verizon 2022 Data Breach Investigations Report (DBIR), the public sector had the second-most cybersecurity incidents and the fourth-most data breaches among major industries in 2018. In addition, a 2021 Fastly report found that of all cybersecurity alerts, 45 percent are false positives that can be frequently difficult to distinguish from genuine threats and malicious behavior. This results in getting valuable time wasted during an emergency.
Zetron, with SecuLore Solutions, a cybersecurity partner and local services partners, will finish cybersecurity assessments and roadmaps of selected thirty-four counties across Kansas, with its population from 600,000 to less than 1300 people. Each counties' assessment will identify threats and provide prioritized, actionable recommendations for remediating vulnerabilities and enhancing the county's cybersecurity risk posture. Following the contract terms, cybersecurity assessments and road maps for Kansas counties selected by NCRPC Regional Project Managers and the Planning Team will be completed in multiple phases through March 2024.
About Zetron
Zetron is one of the leaders in mission-critical communications technology worldwide. The company offers integrated solutions with exceptional reliability and support. It was founded in 1980 with decades of experience serving the public and private sectors and a sterling reputation for superior quality and dependability. Based in Redmond, Washington, it has customers across all seven continents and in a variety of industries such as transportation, public safety, utilities, the federal government, natural resources and more. In addition, it delivers purpose-built solutions to be always available wherever mission-critical communications must be uninterrupted.
Read More
CYBERSECURITY
Businesswire | May 30, 2023
Tidelift, a provider of solutions for improving the security and resilience of the open source software powering modern applications, today announced that it has been awarded three U.S. government contracts worth over $3.5 million, and is expanding its public sector organization in response to increased demand for innovative solutions that help the U.S. government improve its cybersecurity supply chain risk management (C-SCRM) capabilities.
High-profile software supply chain vulnerabilities including Log4Shell and SolarWinds have dramatically increased attention on the need for improved software security, both in the public sector and beyond. In the U.S., this effort began in May, 2021 with White House Executive Order 14028: Improving the Nation’s Cybersecurity, and since then a variety of policy and legislative initiatives around cybersecurity have gained traction.
In September, 2022, the U.S. government’s Office of Management and Budget released memorandum M-22-18 on Enhancing the Security of the Software Supply Chain through Secure Software Development Practices. M-22-18 formalizes the guidance provided in the NIST Secure Software Development Framework and NIST Software Supply Chain Security Guidance documents as the government requirements for developing secure software, and mandates federal government agencies comply with these guidelines.
This memorandum sets aggressive deadlines for compliance with specific dates for both government agencies and organizations selling software to the government to comply with NIST guidelines. Among other stipulations, it requires that any organization selling software to the government must self-attest that their software is compliant with the NIST SSDF by June 2023 for critical software or by September 2023 for all other software.
More recently, the National Cybersecurity Strategy sets a new precedent for software security liability, with the government intending to hold software producers liable for damages caused by preventable security vulnerabilities and offer liability protections to organizations that can show they follow secure software development practices.
Tidelift awarded three U.S. government contracts worth over $3.5 million
In addition to efforts like those mentioned above, the U.S. government is increasingly investing directly in improving open source software security. Tidelift was recently awarded three separate innovation research awards as part of the U.S. government SBIR program. The SBIR program is designed to help U.S.-based businesses invest in their technical potential, while stimulating technology innovation and meeting specific research and development needs.
Through these SBIR Phase II awards, Tidelift is working with the Department of the Air Force and the Defense Advanced Research Projects Agency (DARPA) to help spur innovation in the systems and processes the U.S. government uses to improve open source software security and cybersecurity supply chain risk management. This investment will help Tidelift expand its industry-leading open source software management solution, including increasing its ability to partner with even more open source maintainers to validate their components meet important security, maintenance, and licensing standards required by government and industry users, and pay these maintainers for this critical work.
It will also help the U.S. government better address the requirements and deadlines emerging from Executive Order 14028, memorandum M-22-18, and the NIST Secure Software Development Framework, especially when it comes to the open source components in use in government applications. Tidelift is also helping address new requirements around software bills of materials (SBOMs) that U.S. government agencies are beginning to understand, interpret, plan for, and deploy. Along with Tidelift producing an SBOM from every application build, the company is actively working upstream with open source maintainers to validate and improve security, maintenance, and licensing metadata for their projects and capture this data using the TACOS (Trusted Attestation and Compliance for Open Source) attestation framework.
"The United States Air Force, and the Government as a whole, are among the largest consumers of open source software. With the increasing requirements around Software Supply Chain Risk Management (SCRM) and Software Bills of Materials (SBOM) initiatives, we are excited to partner with Tidelift to enhance cybersecurity resilience outcomes for open source software dependencies that support our most critical work," said Robert "Devo" DeVincent, Chief Software Officer, Air Force 309th Software Engineering Group.
Tidelift expands public sector organization to meet growing demand
Tidelift has named Matthew Arnow, a long-time veteran of Tidelift, to lead the newly expanded public sector team. Matthew heads up the team with extensive experience working with government and public sector clients.
“Tidelift looks forward to working more closely with our government and public sector customers and prospects to improve the resilience of our mission-critical open source infrastructure,” said Matthew Arnow, head of public sector for Tidelift. “Our unique approach of working directly with the maintainers behind thousands of important open source projects will help public sector customers comply with U.S. government security directives and meet necessary government and industry standards.”
Tidelift partners with Carahsoft to support public sector expansion
Tidelift has also partnered with Carahsoft, the leading government reseller partner, to help more quickly and effectively address the number of large public sector opportunities.
“Over the past year, we’ve seen increased demand from our customers for solutions that help improve open source software security and supply chain resilience,” said Natalie Gregory, vice president, Carahsoft. “We look forward to working with Tidelift and our reseller partners to deliver open source software supply chain risk management solutions to our government customers.”
About Tidelift
Tidelift, a 2022 Gartner Cool Vendor, helps organizations effectively manage the open source behind modern applications. Through the Tidelift Subscription, the company delivers the tools, data, and strategies powering an inclusive and organization-wide approach to improving the health and security of the open source software supply chain. Tidelift enables organizations to move fast and stay safe when building applications with open source, so they can create more incredible software, even faster. https://tidelift.com/
Read More
EMERGING TECHNOLOGY, INFRASTRUCTURE
Businesswire | May 10, 2023
Nyriad®, provider of cutting edge GPU storage technology, and Carahsoft Technology Corp., The Trusted Government IT Solutions Provider®, today announced a partnership. Under the agreement, Carahsoft will serve as Nyriad’s Master Government Aggregator®, making the company’s UltraIO™ storage system available to the Public Sector through Carahsoft’s reseller partners, NASA Solutions for Enterprise-Wide Procurement (SEWP) V, Information Technology Enterprise Solutions – Software 2 (ITES-SW2), National Cooperative Purchasing Alliance (NCPA), and OMNIA Partners contracts.
In 2022, the global Government IT spending amounted to over 551 billion U.S. dollars, which is an increase of nine percent compared to 2021, and it is expected to increase even more in 2023 to 589 billion U.S. dollars worldwide. The increase in IT spending is driven by a variety of factors, including the need to modernize outdated systems, improve cybersecurity, and enhance digital services and capabilities for internal and external users. As IT spending in the government sector continues to grow, there is a critical need for modern and efficient storage solutions that can meet the demands of data-intensive applications, protect against cyber threats, and facilitate the digital transformation of government services. The Nyriad UltraIO storage system delivers the ideal solution to address these needs and enable government agencies to improve their operations and services.
The Nyriad UltraIO storage system will enable improved capabilities across several use cases, such as:
High-performance computing (HPC) - Government agencies and academic institutions rely on high-performance computing to perform complex simulations, modeling, and analysis. The UltraIO storage system enables performant, cost efficient storage access, and ingest for large capacity points of HPC results inside of a single array. Additionally, with block-level erasure codes, the storage system provides a high degree of system resiliency, ensuring data integrity and protection against potential data loss.
Backup and recovery - Government agencies and academic institutions must be prepared for unexpected events, such as natural disasters or cyberattacks, that can result in data loss. The UltraIO storage system’s combined GPU + CPU architecture enables parallel read and write capabilities to perform backup and restore operations with exceptional performance.
Active archive - Government agencies and academic institutions archive their data to preserve records for historical, legal, and regulatory purposes. This data may include records of legislative proceedings, court cases, financial transactions, and other important documents. As data sets grow, the value of the analytical insights the data provides has grown as well. We access the data, looking for trends and insights that can be advantageous for good decision making. Enhanced data access beyond normal archival capabilities is needed for this. With its high throughput, fast retrieval, and high data protection capabilities, the UltraIO storage solution is the next architectural step for implementing an active archive. This is cost efficient storage that allows performant access to warm tier archive data.
Video and imaging - Government agencies and academic institutions produce and store large amounts of media content, such as videos, images, and audio files. Because these agencies use video surveillance systems as a security measure to monitor public areas, protect critical infrastructure, and ensure public safety, a storage system with fast data ingest and playback capabilities or analytics processing is an essential enabler of quick incident response. In fact, the Nyriad UltraIO storage system can ingest video streams from as many as 90,000 cameras simultaneously, while providing highly resilient large-scale storage capacity. The UltraIO storage system’s modern, GPU-accelerated storage also facilitates video production tasks such as 8K resolution or higher video editing without the need to transcode, create proxies, or copy files across the network – enabling agencies to work more efficiently, saving time and money.
“Partnering with Nyriad supports our mission to simplify the technology procurement process and position our channel partners for success with the most innovative and disruptive technologies,” said Michael Adams, Director of Carahsoft's AI/ML Solutions Portfolio. “We look forward to delivering Nyriad’s UltraIO data storage system to joint customers through our reseller partners to accelerate and transform agencies’ IT, leading to faster and more powerful business outcomes.”
"The strategic partnership with Carahsoft is a key milestone for Nyriad's channel strategy, allowing us to extend our reach and deliver the exceptional performance, resilience, and efficiency benefits of our UltraIO solution to a wider range of government agencies and academic institutions," said Andrew Russell, CRO, Nyriad. "This partnership not only expands our market presence but also underscores our commitment to providing reliable and innovative storage solutions that can help accelerate digital transformation for our customers."
About Carahsoft
Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider®, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator® for our vendor partners, we deliver solutions for Cybersecurity, MultiCloud, DevSecOps, Big Data, Artificial Intelligence, Open Source, Customer Experience and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Visit us at www.carahsoft.com.
About Nyriad
Nyriad® has unleashed the power and speed of GPUs combined with CPUs to revolutionize how data is stored, accessed and managed. Nyriad’s UltraIO™ software-defined data storage system enables massive amounts of data to be safely and intelligently managed by a single storage platform with a low TCO, while delivering exceptional performance, resiliency and efficiency. With Nyriad, organizations can enhance agility, accelerate innovation and gain the competitive advantage necessary to drive business growth and success. To learn more, please visit: https://www.nyriad.io/.
Read More