GOVERNMENT BUSINESS

Google Cloud Launches Zero-Trust Offerings for the Government

Google Cloud | July 21, 2021

Google Cloud today announced new Zero Trust offerings for government, a set of services designed to assist US federal, state, and local government organizations in implementing Zero Trust architecture by the Biden Administration's Executive Order on Improving the Nation's Cybersecurity and National Institute of Standards and Technology (NIST) standards.

Google Cloud is introducing three new service options to assist departments and agencies in meeting Zero Trust requirements:

Offerings for Zero Trust Assessment and Planning: The Zero Trust Assessment and Planning solution, provided by Google Cloud's professional services organization (PSO), is intended to assist the government in meeting security objectives via Zero Trust architecture planning for key applications and data. The PSO team at Google Cloud will assist government organizations on the culture change, policies, and technology required to create a Zero Trust framework, which will be provided in phases to ensure success inside the customer's infrastructure. In addition, this new service will assist government agencies in using Google Cloud tools to support existing assets and infrastructure in the cloud, on-premises, or hybrid settings.

Secure Application Access Anywhere offering: Google Cloud is also introducing Secure Application Access Anywhere, a new container-based solution for secure application access and monitoring. Secure Application Access Anywhere may be a scalable, highly responsive alternative for government network border systems. This solution, developed in collaboration with Palo Alto Networks and Google Cloud's PSO team, uses Google Cloud's Anthos to deploy and manage containers that enable secure access and monitoring for applications in the cloud or on-premises environments. A recent successful prototype of this solution with the Defense Innovation Unit (DIU)—an entity inside the Defense Department in accelerating DIU's Zero Trust journey by allowing users to access software-as-a-service (SaaS) apps directly over the internet.

Active Cyber Threat Detection offering: Google Cloud's new Active Cyber Threat Detection offering may assist government organizations in rapidly determining whether they have been compromised by cyberattacks that they have not yet identified. Active Cyber Threat Detection is provided by Google Cloud partners Deloitte and Fishtech CYDERES and builds on the proven capabilities of Google Cloud's Chronicle threat hunting, detection, and investigation platform. This service will enable government organizations of all sizes to easily analyze their historical and current log data to detect risks with confidence and quickness.

In addition to these new offerings, Google Cloud provides several existing solutions that assist government organizations in accelerating their journey to Zero Trust as well as protecting against and recovering from cyberattacks:

BeyondCorp Enterprise: Google's Zero Trust access solution secures access to internal web apps, SaaS applications, and cloud resources using access rules based on identity and device contextual data. It also provides customers with integrated threat and data security, such as malware and data leakage prevention and credential protection.

Google Workspace also uses Google's Zero Trust technologies to provide a secure email, communication, and collaboration solution.

Actifio GO can help organizations better respond to ransomware attacks by offering scalable and efficient incremental data protection and a unique near-instant data recovery capability.

When combined, these Google Cloud services can accelerate the US government's Zero Trust efforts to defend against cyberattacks while also enhancing detection, response, and recovery from cyberattacks that do occur.

About Google Cloud
With the finest infrastructure, platform, industry solutions, and expertise, Google Cloud accelerates companies' ability to change their businesses digitally. We provide enterprise-grade solutions that utilize Google's cutting-edge technology – all on the industry's cleanest cloud. As a result, customers in over 200 countries and territories rely on Google Cloud as a reliable partner to help them grow and solve their most pressing business problems.

Spotlight

The Form FHWA-1273 includes federal requirements applicable to all contractors and subcontractors (hereinafter referred to as “contractor”) that hold federal or federal-aid contracts of $10,000 or more. Pursuant to Form FHWA-1273, contractors must not discriminate and must take affirmative action to assure equal opportunity. Form FHWA-1273 must be physically incorporated in each construction contract federally funded under United States Code, Title 23. To ensure compliance with Form FHWA-1273, the Texas Department of Transportation’s (TxDOT) Office of Civil Rights – Contract Compliance Section (OCR-CCS) conducts contract compliance reviews of contractors in accordance with 23 CFR 230 Subpart D. The OCR-CCS also provides contractors technical assistance on federal equal opportunity (EO) requirements and the contractor compliance review process.

Spotlight

The Form FHWA-1273 includes federal requirements applicable to all contractors and subcontractors (hereinafter referred to as “contractor”) that hold federal or federal-aid contracts of $10,000 or more. Pursuant to Form FHWA-1273, contractors must not discriminate and must take affirmative action to assure equal opportunity. Form FHWA-1273 must be physically incorporated in each construction contract federally funded under United States Code, Title 23. To ensure compliance with Form FHWA-1273, the Texas Department of Transportation’s (TxDOT) Office of Civil Rights – Contract Compliance Section (OCR-CCS) conducts contract compliance reviews of contractors in accordance with 23 CFR 230 Subpart D. The OCR-CCS also provides contractors technical assistance on federal equal opportunity (EO) requirements and the contractor compliance review process.

Related News

GOVERNMENT BUSINESS,CYBERSECURITY

U.S. Government and QuSecure Orchestrate First-Ever Post-Quantum Encryption Communication over a Government Network

QuSecure | July 13, 2022

QuSecure™, Inc., a leader in post-quantum cybersecurity (PQC), today announced the U.S. Federal Government is currently orchestrating the world’s first-ever post-quantum encryption communication over a Government network by utilizing its QuProtect™ PQC solution. QuProtect is the industry’s first end-to-end PQC software-based solution uniquely designed to protect encrypted communications and data with quantum-resilience using quantum secure channels. The Government is leveraging QuSecure’s unique post-quantum cryptographic algorithm on its legacy systems at a combined Air Force, Space Force and NORAD location. The quantum-resilient deployment has 100-percent uptime protecting data that previously used standard encryption, with no increased bandwidth or latency issues through QuProtect’s quantum tunnel. Data currently being transmitted cannot be decrypted by others unless they have the QuProtect system, and any adversary collecting the protected data to store will be unlikely to decrypt it in the future, even with a quantum computer. “This is extremely significant because the U.S. Government has not employed a post-quantum communications channel on premises before, The QuProtect platform is performing exceptionally well with uninterrupted, continuous quantum channel uptime protecting formerly classically encrypted and quantum vulnerable asymmetric keys, With the current speed of business, commerce, warfare and everyday communications, QuProtect protects all data on existing systems and devices and does not slow the systems down, We have proven this in our successful pilot, which will lead to the large-scale deployments as a result of our SBIR Phase III contract with the Government. This historic moment places QuSecure one step closer to fulfilling our vision of ensuring an exceptionally secure quantum future.” -Pete Ford, QuSecure Head of Federal Operations. This historic event was possible due to activities around QuSecure’s evaluation for, and eventually winning, the Small Business Innovation Research (SBIR) Phase III Federal Government procurement contract for PQC solutions. Announced last month, QuSecure has been established as the Government’s leading provider of PQC solutions, setting the standard for Government’s PQC requirements. This is the Government’s first and only Phase III designation aimed at addressing end-to-end comprehensive solutions to the post-quantum threat, and further emphasizes today’s need to deploy PQC for classical and future quantum attacks. Federal agencies participating in SBIR include the following agencies and departments: Small Business Administration, Agriculture, Commerce, Defense, Education, Energy, Health and Human Services, Homeland Security, Transportation, Environmental Protection, the National Aeronautics and Space Administration (NASA), and the National Science Foundation. The Government’s deployment of QuSecure is being operated over an open Internet network on legacy equipment and systems. QuSecure has proven it works on Government systems by using cryptographic agility that supports all National Institute of Standards and Technology (NIST) finalist algorithms in the post-quantum cryptography standardization competition. The winners of the NIST competition were announced on July 5. QuProtect enables organizations for the first time to leverage quantum resilient technology to help prevent today’s cyberattacks, while future-proofing networks and preparing for post-quantum cyberthreats. It provides quantum-resilient cryptography, anytime, anywhere and on any device. QuProtect uses an end-to-end quantum-security-as-a-service (QSaaS) architecture that addresses the digital ecosystem’s most vulnerable aspects, uniquely combining zero-trust, next-generation post-quantum-cryptography, quantum-strength keys, high availability, easy deployment, and active defense into a comprehensive and interoperable cybersecurity suite. The end-to-end approach is designed around the entire data lifecycle as data is stored, communicated, and used. About QuSecure- QuSecure is a leader in post-quantum cybersecurity with a mission to protect enterprise and Government data from quantum and classical cybersecurity threats. Its patent-pending, quantum-safe solutions provide an easy transition path to quantum resiliency across any organization. The company’s QuProtect solution is the industry’s first PQC software-based platform uniquely designed to protect encrypted communications and data with quantum-resilience using a quantum secure channel. QuSecure has current customer deployments in banking/finance, healthcare, space/satellite, IT/data enterprises, datacenters, and various Department of Defense agencies. QuSecure is investor backed and has offices in Silicon Valley.

Read More

EMERGING TECHNOLOGY,CYBERSECURITY

Carahsoft Partners with Celonis to Accelerate Government Transformation with Process Mining and Execution Management

Carahsoft | July 05, 2022

Carahsoft Technology Corp., the Trusted Government IT Solutions Provider® and Celonis, the global leader in Execution Management, today announced a partnership. Under the agreement, Carahsoft will serve as Celonis’ US Government Distributor making the company’s industry-leading Process Mining and Execution Management Platform available to the Public Sector through Carahsoft’s reseller partner network and NASA Solutions for Enterprise-Wide Procurement (SEWP) V, Information Technology Enterprise Solutions – Software 2 (ITES-SW2), National Association of State Procurement Officials (NASPO) ValuePoint, National Cooperative Purchasing Alliance (NCPA), and OMNIA Partners contracts. Celonis’ process mining technology creates a real-time, continuously updated “X-ray” of how an organization runs at the process level. This “X-ray” reveals the hidden inefficiencies that silently kill organizational performance. Celonis combines this with their Execution Management System (EMS), which acts as the surgeon to the process mining “X-ray” to suggest and implement fixes for the issues found. These discoveries allow agencies to perform at levels never thought possible while also increasing their sustainability. Celonis’ platform is usable across a wide variety of use cases within Government agencies and departments, from finance, procurement, and administrations’ transformation, to mission-focused employee and citizen service transformations. System transformation, process excellence, shared service, and financial agility initiatives are all core themes across use cases and where the power of Celonis’ process mining and execution management capabilities quickly deliver the most value. “We are thrilled to partner with Carahsoft and their reseller partners to accelerate the time to value for government departments and agencies across the Public Sector, The focus on digital transformation will only continue to increase given everything we’ve learned pre and post pandemic. This partnership ensures we can support every Government customer on their transformation journey as they support businesses and citizens around the world in response to inflation, supply chain and sustainability issues. We are proud to partner with Carahsoft in our joint pursuit of reducing the cost, the risk and dramatically increasing the success, sustainability and scale rate of all transformations.” -Mike Daniels, Senior Vice President of Public Sector at Celonis. The addition of Celonis’ process mining and Execution Management System to our offerings likely represents one of the largest opportunities for government services transformation since the cloud was introduced in 2010, said Craig P. Abod, Carahsoft President. Celonis technologies quickly find and fix process inefficiencies hidden in large, complex public systems to deliver improved services and operations as well as to maximize existing investments About Carahsoft- Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider®, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator® for our vendor partners, we deliver solutions for Cybersecurity, MultiCloud, DevSecOps, Big Data, Artificial Intelligence, Open Source, Customer Experience and Engagement, and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Visit us at www.carahsoft.com. About Celonis- Celonis reveals and fixes inefficiencies businesses can’t see, enabling them to perform at levels they never thought possible. Powered by its market-leading process mining core, the Celonis Execution Management System provides a full set of platform capabilities for business executives and users to eliminate billions in corporate inefficiencies, provide better customer experience and reduce carbon emissions. Celonis has thousands of implementations with global customers and is headquartered in Munich, Germany and New York City, USA with more than 20 offices worldwide.

Read More

CYBERSECURITY

CyberSheath Partner Program Delivers CMMC Compliance Across the Defense Industrial Base

CyberSheath Services International | May 20, 2022

Security, compliance, and IT roadblocks slow down federal contractors working to achieve compliance with Cybersecurity Maturity Model Certification (CMMC). The Defense Industrial Base (DIB) includes more than 220,000 companies, many of which have existing vendor relationships across the security, compliance, and IT CMMC requirements, but no single vendor solves every compliance challenge. CyberSheath, the largest CMMC managed service provider supporting the DIB, has launched a partner program designed to empower vendors to expand their core capabilities and achieve CMMC compliance faster. The CyberSheath Partner Program allows managed security service providers (MSSPs) and managed service providers (MSPs) to easily identify opportunities to speed their end customers’ cybersecurity compliance journeys. Every customer has gaps when it comes to CMMC compliance, and they want to fill them efficiently. Our one-of-a-kind partner program allows IT providers to step into cybersecurity and vice versa. Defense contractors want to manage one provider, not three or more, and now you can be that provider. CMMC compliance is a matter of national security, and we recognize that anything we can do to speed up a contractor’s journey to full compliance literally makes this country more secure. Our partner program represents a significant milestone in delivering on our promise to our clients and partners to expand our previously in-house capabilities across a partner ecosystem. We worked extremely closely with our partners on program development to ensure their interests are aligned with the new framework.” Eric Noonan, CEO of CyberSheath To facilitate the program, CyberSheath created new centralized resources, including a new partner portal and enhanced website to ensure CyberSheath and its partners are in lockstep to quickly and efficiently deliver solutions that drive impactful client outcomes. The program delivers an improved experience for clients through benefits such as: Accelerated time to value through enhanced delivery capabilities and increased capacity Private label, joint co-marketing, and sales lead demand generation via CyberSheath’s comprehensive library of DFARS compliance subject matter and collateral Flexible DFARS partner pricing with models designed to align cost structure with client’s service and capacity consumption Enhanced customer care from a dedicated engineering staff that can assist in advanced project deployments and defend against premeditated, persistent cyberattacks CyberSheath MSSP SOC Service staffed by experienced security professionals that have accumulated vast knowledge of network threats, detection and mitigation, and an in-depth understanding of CyberSheath’s DFARS compliance and security capabilities Admission to CMMC Con 2022, the nation’s largest CMMC conference that helps contractors navigate their course through the evolving compliance landscape “Our relationship with CyberSheath allows us to provide best-in-class, secure, cloud-based solutions to address our customers’ complicated compliance needs like CMMC and NIST 800-171, ensuring that their cybersecurity posture is appropriate for protecting their critical and sensitive business data, whether it’s defense or commercial,” said Jeff Roberts, co-founder of principia/RAID. “With the strength of our CyberSheath partnership, we can empower more businesses to drive further innovation and more effectively manage their IT spend, positively impacting their business outcomes and meeting stringent U.S. DoD needs.” About CyberSheath Services International, LLC Established in 2012, CyberSheath is one of the most experienced and trusted IT security services partners for the U.S. defense industrial base. From CMMC compliance to strategic security planning to managed security services, CyberSheath offers a comprehensive suite of offerings tailored to clients’ information security and regulatory compliance needs.

Read More