Category Archives: Cybersecurity

How Public Sector Agencies Can Operationalize CISA’s SIEM and SOAR Guidance

Posted on by
Reply

In May 2025, the Cybersecurity and Infrastructure Security Agency (CISA), in collaboration with the Australian Cyber Security Centre (ACSC), released new executive guidance to help Public Sector leaders effectively leverage Security Information and Event Management (SIEM) and Security Orchestration, Automation and Response (SOAR) platforms. This guidance aims to strengthen agencies’ cybersecurity by enhancing threat detection, response times and operational efficiencies.

Key Challenges in SIEM and SOAR Implementation

SIEM platforms aggregate and analyze telemetry data from multiple sources, including: endpoints, applications, network devices and cloud environments.

SOAR platforms complement SIEM by automating security workflows, significantly speeding up incident response and reducing alert fatigue. When effectively integrated, these tools enable agencies to centralize security monitoring, automate routine response tasks and improve compliance with cybersecurity mandates.

For all organizations, especially Public Sector organizations, SIEM and SOAR are not just technical tools; they are foundational to building a proactive and time-sensitive cybersecurity posture. These platforms can help agencies increase operational efficiency, reduce alert fatigue and drive compliance with Federal and State cybersecurity mandates.

CISA guidance highlights several common challenges that agencies often encounter when implementing SIEM and SOAR platforms. These include the difficulty of normalizing diverse log data across multiple systems, minimizing false positives that overwhelm analysts and managing the high costs associated with implementation. Agencies also struggle to ensure effective executive oversight of security operations and face ongoing challenges in attracting and retaining qualified cybersecurity talent.

Addressing Challenges with Torq Hyperautomation

Torq Hyperautomation™ directly addresses the implementation challenges faced by Public Sector cybersecurity teams by delivering strategic advantages that legacy SOAR platforms cannot. Unlike traditional solutions, Torq integrates seamlessly with existing SIEM tools to normalize and enrich log data, reduce alert noise and improve the clarity of actionable insights. It leverages AI-driven decision-making to automate dynamic incident response workflows, allowing security teams to respond faster and more precisely.

By combining AI-powered decision logic with adaptive response runbooks, Torq enables organizations to overcome the limitations of legacy SOAR, dramatically improving Mean Time to Detect (MTTD) and Mean Time to Respond (MTTR). This empowers analysts to focus on critical, high-impact threats rather than getting bogged down by repetitive, routine tasks.

Cost-Effective Automation for Resource-Constrained Agencies

Public Sector agencies struggle with resource constraints, and Torq also delivers cost-effective automation. Instead of requiring deep engineering expertise or lengthy integration cycles, Torq offers:

  • Intuitive, no-code and low-code automation capabilities
  • Seamless integrations with existing Federal, State and Local cybersecurity toolsets (endpoint, identity, cloud, firewall)
  • Rapid implementation timelines, ensuring immediate value and reduced costs

Enhanced Executive Visibility and Compliance

From an executive perspective, Torq addresses a crucial component of the CISA guidance: visibility and oversight. Executive dashboards within the platform provide real-time insights into SOC effectiveness, incident trends and automation impact. This visibility enables better budgeting decisions, more effective KPIs and compliance reporting aligned with key security and compliance frameworks.

Real-World Impact

Torq is already delivering substantial results within Public Sector environments.  Torq has enabled SOC teams to automate ransomware response, consolidate multi-environment telemetry and auto-generate compliance artifacts. Whether an agency is modernizing its cybersecurity stack, preparing for audits or trying to do more with fewer analysts, Torq is built to support their journey.

Agencies leveraging Torq have achieved the following:

  • Up to 90% reduction in investigation time
  • 3-5x increase in alert handling capacity with no added headcount
  • 95% of Tier-1 security cases auto-remediated

Taking the Next Step

CISA’s SIEM and SOAR guidance represents a critical shift from reactive cybersecurity practices toward proactive, integrated and automated security operations. As a trusted partner of Carahsoft, Torq is uniquely positioned to help Public Sector agencies rapidly operationalize this guidance. Torq’s scalable, secure and measurable automation platform ensures agencies not only comply with evolving standards but also stay ahead of modern threats.

To learn how Torq can empower your agency’s cybersecurity strategy, request a demo or explore a tailored pilot use case today.

Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, including Torq we deliver solutions for Geospatial, Cybersecurity, MultiCloud, DevSecOps, Artificial Intelligence, Customer Experience and Engagement, Open Source and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Explore the Carahsoft Blog to learn more about the latest trends in Government technology markets and solutions, as well as Carahsoft’s ecosystem of partner thought-leaders.

Federation Needs a Backbone

Posted on by
Reply

Identity Security has become the engine behind seamless access. It connects users from different domains, agencies or organizations and lets them move between systems with a single set of credentials. That’s powerful—but it’s also risky when left ungoverned.

Let’s get one thing straight: federation is about access. It answers the question, “Can this person log in?” But it stops short of answering what really matters: “Should they still have access?” “To what?” “For how long?” That’s where governance steps in—and why it must be the foundation under every federated architecture.

The Upside of Federation

Federation simplifies identity. It creates a trust bridge between Identity Providers (IdPs) and Service Providers (SPs). Users authenticate once—via their home IdP like Azure AD or Okta—and access multiple applications without managing new credentials for each.

Benefits include:

  • Single Sign-On (SSO) across domains
  • Centralized control of user authentication
  • Protocol interoperability via standards like SAML, OIDC and WS-Fed

And federation hubs—broker trust between many IdPs and SPs—make it scalable. Instead of dozens of custom integrations, each system plugs into the hub. Clean, efficient and fast. But fast access can become fast failure if you don’t govern it!

Access Governance: The Difference Between Access and Control

Federation gets someone in the door. Governance makes sure they belong there—and ensures they leave when they’re supposed to.

Identity Governance manages the full identity lifecycle: onboarding, role changes, access reviews and deprovisioning. It enforces least privilege, flags risky combinations of access (SoD conflicts) and supports audits and compliance frameworks like NIST, SOX or RMF.

Federation can tell you who authenticated. Governance can tell you:

  • Whether that person should have access
  • What access they have across systems
  • Whether that access aligns with policy
  • How that access changes over time

Together, federation and governance form a complete identity security model. Separately, one is fast—and one is safe.

What Happens Without Governance?

An ungoverned federation hub is a highway with no speed limits, no offramps and no cameras. You’re enabling access at scale without oversight.

Here are the risks:

  • Overprovisioned access – Federation alone doesn’t enforce least privilege.
  • Access creep – Users retain access after job changes or departures.
  • Orphaned accounts – No lifecycle hooks to clean up stale identities.
  • Lack of visibility – No way to see what users can do after logging in.
  • No audit trail – Makes compliance reporting a nightmare.
  • Increased insider threat – Privileged access can persist unchecked.
  • Policy misalignment – SAML or OIDC assertions may carry outdated or unverified attributes.

These risks aren’t theoretical. In Federal and defense sectors, unmanaged federation could mean exposing sensitive systems to users who are no longer cleared, or who’ve quietly shifted roles without access being reviewed.

Governance in Action: SailPoint’s Role

SailPoint is not a federation provider. It’s a governance platform that sits on top of your federation layer, giving you full control over identity lifecycles, policies and risk.

SailPoint integrates with both upstream IdPs and downstream apps accessed via the federation hub. It handles:

  • Identity aggregation and normalization
  • Automated provisioning/deprovisioning
  • Policy enforcement (least privilege, SoD, etc.)
  • Access reviews and certifications
  • Risk scoring and contextual enforcement
  • Audit trails and compliance reporting

This governance layer makes sure your federated access is secure, justified and auditable. It aligns your identity strategy with Zero Trust principles—not just who gets in, but why, how and for how long.

Why Governance Must Come First

It’s tempting to view governance as a bolt-on. Something to “get to later” once federation is up and running. That’s dangerous thinking.

Governance is not optional. It’s the foundation.

Without it, every benefit of federation can turn into a vulnerability. That seamless access? Now it’s frictionless exposure. That fast onboarding? Now it’s risky overreach. And every shortcut you take early on becomes technical debt—if not a breach—down the road.

Real-World Example: Federation in Federal Environments

Take the U.S. Department of Defense. Their Enterprise Federation Hub allows identity brokering across agencies, contractors and civilian orgs. It’s fast and powerful—but governance is what makes it secure.

SailPoint is used alongside this hub to:

  • Enforce ABAC using enriched attributes
  • Automate provisioning to systems like ServiceNow and SAP
  • Conduct quarterly access certifications
  • Supply audit logs for compliance frameworks like FIAR and RMF

Without this layer, the Federation Hub would be a sprawling access point with no brakes, no logs and no cleanup.

Bottom Line

Federation gives you the scale. Governance gives you the safety.

One gets people in. The other makes sure they belong.

If you’re building a federated identity ecosystem—whether in the enterprise or in a multi-agency Government context—start with governance. Don’t wait for audit findings or security incidents to add it later. By then, it’s already too late.

Federation needs a backbone. Governance is it.

Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, including SailPoint we deliver solutions for Geospatial, Cybersecurity, MultiCloud, DevSecOps, Artificial Intelligence, Customer Experience and Engagement, Open Source and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Explore the Carahsoft Blog to learn more about the latest trends in Government technology markets and solutions, as well as Carahsoft’s ecosystem of partner thought-leaders.

Identity is The Backbone of Secure, Agile DoW Missions

Posted on by
Reply

I had the opportunity to present to the DoW community at AFCEA TechNet Cyber where where stakes are high and operational tempo is relentless, embedding security into every layer of the digital environment is no longer optional. Identity governance and administration (IGA) has emerged as a cornerstone of cyber resilience, enabling secure modernization, supporting Zero Trust mandates, and accelerating mission impact.

Identity as a Strategic Force Multiplier

Modern warfare and defense readiness extend far beyond kinetic capabilities. Cyber is now a primary domain of operation, and within that domain, identity is the new perimeter. Identity security is not simply about access control; it is about governing who has access to what, when, and under what conditions—across all users, environments, and applications.

A well-implemented IGA program transforms complexity into control. It provides the visibility and automation needed to reduce risk, enforce policy, and enable agility. From onboarding mission partners to ensuring continuous compliance with audit and risk frameworks, identity governance acts as the connective tissue between policy, people, and mission success.

Governance is the Gateway to Zero Trust

The DoW’s Zero Trust Architecture (ZTA) is predicated on one central truth: never trust, always verify. At the core of this paradigm is the concept of least privilege—granting users only the access they need, nothing more.

IGA platforms like SailPoint do more than facilitate access. They enforce policy and establish what access should look like, continuously verifying access needs, and tie the identity to activity. Instead of relying on static credentials or infrequent certifications, identity governance brings continuous verification to life—ensuring users, devices, and applications are validated and flagged in the policy information point before access is granted.

This proactive stance aligns IGA with foundational guidance such as the Risk Management Framework (RMF), and the NIST SP 800-53 controls. Governance is not just a checkbox; it is operational security in action.

FIAR, Compliance, and Continuous Audit Readiness

Passing audits like FIAR (Financial Improvement and Audit Readiness) is more than a bureaucratic exercise. It’s a demonstration of operational integrity and mission readiness. Identity governance simplifies this process by embedding compliance into everyday operations.

IGA platforms automate access certifications, enforce separation of duties (SoD), and maintain immutable audit trails. Instead of scrambling for documentation during audit season, organizations can prove—at any time—that they were always in compliance. This shift from reactive to continuous audit readiness is a game-changer for large DoW organizations.

Mission Agility Through Automation

In the DoW, time is not a luxury. Missions shift quickly, mission partners rotate often, and new technologies are deployed at speed. Manual processes simply cannot keep up.

IGA enables automation across the entire identity lifecycle. From onboarding new coalition partners to deprovisioning departing contractors, governance tools streamline access requests, approvals, and revocations. This not only enhances security but also reduces administrative overhead, freeing resources for mission-critical tasks.

Moreover, by integrating with technologies like the DoW Federation Hub, identity governance extends its reach to federated and cross-domain environments—supporting secure joint and coalition operations at scale.

Real ROI: Security that Pays for Itself

The value of IGA goes beyond risk mitigation. It delivers measurable return on investment (ROI) through operational and financial gains. These include:

  • Audit cost reductions through automated evidence collection and fewer control failures
  • License savings by rationalizing unused or redundant entitlements
  • Operational efficiency through faster onboarding/offboarding and reduced manual workloads
  • Risk reduction by limiting the window of exposure for insider threats or privilege misuse

This is ROI by design—security investments that drive cost savings while advancing strategic goals.

A Maturity Model for Sustainable Progress

Identity governance is not a one-time deployment—it’s a journey. I have created a maturity model for the DoW that provides a structured path from basic CAC availability to advanced, AI-driven, risk-adaptive governance. Each step builds capabilities that align with Zero Trust pillars, from policy enforcement to real-time threat response.

As organizations mature, they can integrate IGA with other strategic technologies such as Comply-to-Connect, SASE, and XDR, multiplying both security effectiveness and mission agility.

Conclusion: Govern Everyone, Prove Every Access

To secure the mission, you must govern identity with the same rigor used to defend the network. Identity security is no longer a backend control; it is the control plane for modern defense operations.

Govern everyone. Prove every access. This is the blueprint for a Zero Trust future—one where audit readiness is continuous, access is justified, and the mission moves at the speed of trust.

Learn more about how ICAM solutions empower agencies to manage digital identities with precision.

Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, including SailPoint we deliver solutions for Geospatial, Cybersecurity, MultiCloud, DevSecOps, Artificial Intelligence, Customer Experience and Engagement, Open Source and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Explore the Carahsoft Blog to learn more about the latest trends in Government technology markets and solutions, as well as Carahsoft’s ecosystem of partner thought-leaders.

Ghost Students, Real Damage: How Colleges Can Fight Back Against Financial Aid Fraud

Posted on by
Reply

Higher education is facing a quiet but costly crisis: the rise of the ghost student.

“Ghost students” are not just overwhelmed freshmen who give up on attending classes. They refer to fraudulent enrollments that exploit financial aid. These individuals use fake or stolen identities to exploit the college admissions and funding process. Although they appear on class rosters, they never actually attend any classes, ultimately vanishing with thousands of dollars in public aid. This leaves a trail of deception and exposes the institution to financial loss, academic disruption and significant risk.

According to ABC News,

  • In California in 2024, community colleges reported 1.2 million fraudulent Free Application for Federal Student Aid (FAFSA) applications, resulting in 223,000 confirmed fake enrollments, and at least $11.1 million in aid lost that could not be recovered.
  • Across the country, scams are evolving: AI-driven chatbots are now enrolling in online courses, submitting assignments and collecting Federal aid checks before disappearing.

This isn’t an isolated glitch. It’s a systemic problem that’s already impacted colleges across the country. A recent Fortune investigation revealed the extent of the issue, particularly within State-funded and community colleges. 

Let’s take a closer look at what’s happening—and how schools can take action.

What Ghost Students Are Really Costing Colleges

Draining Financial Aid Funds

Ghost students are exploiting the very programs designed to make education more accessible. By submitting fake applications and filing for FAFSA, they’re securing grants and loans that should go to real students.

  • Millions of taxpayer dollars are being misappropriated.

  • Real students face delays or reductions in funding.

  • Colleges could be subject to additional Federal review related to institutional oversight.

Blocking Real Students from Classes

When ghost students enroll in courses, they take up space in classes with limited capacity.  Real students are waitlisted or forced to delay required coursework causing. 

  • Retention and graduation timelines to be negatively affected.

  • Institutions appear to have higher demand than they do, skewing planning and resourcing.

Creating Chaos for Faculty

Faculty are on the front lines but often lack the tools to act.  Professors see names on rosters that never attend class or engage online.  They waste time managing attendance and grading systems for non-existent students.  In some systems, participation verification ties directly to financial aid distribution, making instructors unwilling fraud gatekeepers.

Undermining Academic Integrity

Some ghost students now use AI tools to simulate engagement, submitting auto-generated assignments or quizzes just enough to avoid detection.  This adds new complexity to academic fraud detection systems.  It creates a misleading sense of engagement and learning outcomes.  It diminishes the credibility of online and hybrid learning models.

Eroding Institutional Trust

When ghost student scams become public, institutions face:

  • Loss of public trust from taxpayers and lawmakers.

  • Stricter audits and compliance measures from Federal and State agencies.

  • Damage to brand reputation, especially for open-access colleges already facing enrollment challenges.

Best Practices to Combat Ghost Student Fraud

The good news? Colleges and universities can take clear, effective steps to combat ghost student fraud—without disrupting the experience of legitimate applicants and learners.

1. Strengthen Identity Verification at Enrollment

  • Require secure identity checks—such as photo ID uploads, Government document validation or third-party identity verification services.

  • Consider real-time methods (e.g., liveness checks or short video interviews) for applicants flagged as high-risk.

  • Cross-reference application data with trusted third-party sources (address, SSN, IP) to verify legitimacy.

2. Monitor for Behavioral and Digital Red Flags

  • Track enrollment behaviors across systems—such as IP location, email reuse or batch submissions.

  • Use device fingerprinting and geolocation to detect patterns consistent with coordinated fraud.

  • Flag applications originating from anonymized networks (e.g., VPNs, Tor) or unusual time patterns.

3. Audit Student Engagement After Enrollment

  • Regularly review course engagement data: login frequency, assignment submissions and participation metrics.

  • Identify students who never log in, submit the same content as others, or only “check in” once to trigger aid distribution.

  • Coordinate across departments to investigate anomalies in LMS usage and academic records.

4. Empower Faculty and Staff with Reporting Tools

  • Provide professors with simple tools to flag suspicious student behavior or attendance issues.

  • Create workflows to escalate these reports to IT, compliance or enrollment services.

  • Incorporate faculty feedback into larger fraud detection strategies and data models.

5. Automate Risk-Based Escalation

  • Apply more scrutiny to applications that show unusual patterns, while keeping onboarding smooth for verified students.

  • Avoid unnecessary friction by using layered security that adapts to the level of risk.

  • Balance access and security, especially critical for open-access institutions serving vulnerable populations.

A Trusted Partner in the Fight Against Ghost Students

Addressing the issue of ghost students requires more than just technological solutions. It necessitates effective coordination among admissions, IT, financial aid and academic departments, along with the right combination of data, policies and personnel.

At HUMAN Security, we have assisted organizations across various industries in defending against sophisticated fraud campaigns, including fake account creation, credential abuse and automated bot attacks. Our team possesses extensive expertise in fraud detection, protecting student identity and behavioral intelligence, and we are prepared to assist higher education institutions in tackling these challenges as well.

We’re not here to sell a one-size-fits-all product—we’re here to have a conversation.

If you’re a university administrator, faculty member or IT leader concerned about ghost students, HUMAN can provide a free consultation to discuss:

  • Best practices for protecting your institution

  • Tailored risk assessment strategies

  • How to align fraud defenses with student equity and access

Let’s work together to protect financial aid, support faculty and create a safer learning environment for real students.

Ready to talk? Contact HUMAN to start a conversation about how your institution can detect and prevent ghost student fraud before it costs your school and your students.

Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, including HUMAN Security we deliver solutions for Geospatial, Cybersecurity, MultiCloud, DevSecOps, Artificial Intelligence, Customer Experience and Engagement, Open Source and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Explore the Carahsoft Blog to learn more about the latest trends in Government technology markets and solutions, as well as Carahsoft’s ecosystem of partner thought-leaders.

HUMAN, FBI, and Partners Take Action Against BADBOX 2.0

Posted on by
Reply

On June 5th, 2025, the Federal Bureau of Investigation issued Public Service Announcement I-060525, detailing how cybercriminals are exploiting compromised Internet-of-Things devices to expand the BADBOX 2.0 botnet and residential-proxy infrastructure.

The goal of this announcement is consumer education: if you buy one of these bargain devices, you may be handing criminals the keys to your home network. You wouldn’t help someone rob a store—are you willing to let bad actors steal bandwidth, launder traffic, and commit fraud in your name?

HUMAN is honored to have contributed intelligence to this alert alongside Google, Trend Micro, and the Shadowserver Foundation, further validating the findings our Satori Threat Intelligence & Research Team published in March 2025.

Human Embed CarasoftFBI-1

Collaboration is the decisive advantage in modern cyber defense. From the first indicators uncovered in our labs, we worked shoulder-to-shoulder with platform operators, cloud providers, and law enforcement partners, sharing data in real time and coordinating disruption actions. Google’s enforcement across Google Play Protect has already blocked malicious apps and cut off monetization avenues for the actors behind BADBOX 2.0.

I also want to extend a special thank you to The Shadowserver Foundation for sinkholing key BADBOX 2.0 command-and-control domains. As a result of their swift action, over a million infected devices now beacon to Shadowserver-managed infrastructure instead of criminal servers, stripping the threat actor of a substantial portion of its botnet. A live view of that global neutralization is available on Shadowserver’s public dashboard.

This investigation is very much ongoing. The adversaries responsible for BADBOX 2.0 have shown they will iterate quickly, shifting infrastructure and re-seeding supply chains when pressured. HUMAN researchers will continue to hunt for new variants, share indicators with the FBI and our industry peers, and deploy fresh detections across the Human Defense Platform to protect customers worldwide.

In the meantime, we urge manufacturers, retailers, and consumers to follow the mitigation guidance in the FBI PSA: purchase devices from reputable vendors, keep firmware up to date, monitor network traffic for anomalies, and avoid unofficial app stores. If you suspect a device on your network is compromised, disconnect it immediately and file a report at ic3.gov.

I want to personally thank every partner who leaned in—especially our colleagues at Google—for the openness, speed, and determination that made this collective defense possible. Together we are raising the cost of fraud and making the internet safer for everyone.

To learn more about securing your network and data against bad actors and malware strategies like BADBOX 2.0, visit HUMAN Security’s brief on human defense in the Public Sector. 

Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, including HUMAN Security, we deliver solutions for Geospatial, Cybersecurity, MultiCloud, DevSecOps, Artificial Intelligence, Customer Experience and Engagement, Open Source and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Explore the Carahsoft Blog to learn more about the latest trends in Government technology markets and solutions, as well as Carahsoft’s ecosystem of partner thought-leaders.

Comprehensive Identity Security: 1Kosmos Achieves FedRAMP High Authorization and Kantara Certification

Posted on by
Reply

As cybersecurity demands increase across all levels of Government, 1Kosmos’s credential service provider (CSP) platform represents a shift in how agencies approach identity verification and authentication. Rather than forcing agencies into rigid, one-size-fits-all solutions, the platform offers unprecedented flexibility through its modular architecture. Organizations can deploy everything from simple document capture for in-person verification to comprehensive digital identity wallets that put end-users in complete control of their personal information.

This adaptability proves crucial for Government agencies with diverse operational requirements. Some organizations need only Identity Assurance Level 2 (IL2) workflow integration with existing identity providers like Okta or Microsoft, while others require the full spectrum of identity verification, digital wallet creation and Authenticator Assurance Level 2 (AL2) authentication capabilities. The platform’s ability to scale from basic document verification to complete identity lifecycle management ensures agencies can start with their immediate needs and expand functionality as requirements evolve.

The Power of Dual Certification

As the only CSP to achieve both FedRAMP High authorization and Kantara certification, 1Kosmos has established itself as the definitive solution for Government agencies seeking uncompromising identity security. This dual certification creates a security foundation unmatched in the identity verification space and works in concert to address both the “what” and “how” of secure digital identity management. Kantara certification, based on National Institute of Standards and Technology (NIST) 800-63-3 digital identity guidelines, validates that the platform operates according to the gold standard for identity verification processes and procedures.

FedRAMP High authorization takes security to the next level, implementing over 400 security controls based on NIST 800-53 standards. This represents the most stringent civilian agency security requirements available, with only 20 additional controls separating High from IL4 defense-level certification. The comprehensive nature of these controls means agencies receive verified, not just claimed, security hardening that has undergone rigorous third-party assessment.

This dual certification approach provides Government buyers with unprecedented assurance. While other solutions may meet basic compliance requirements, 1Kosmos offers the most verified hardening available in the market. For agencies navigating complex procurement requirements across Federal, State and Local levels, this certification combination simplifies vendor evaluation and reduces compliance risk. The FedRAMP High baseline ensures smooth flow-down compliance for State and Local implementations, eliminating the complexity of multiple security assessments.

Security and Privacy by Design

True security extends far beyond meeting regulatory checkboxes, and 1Kosmos has embedded privacy and security principles into every aspect of the platform’s architecture. The decision to pursue FedRAMP High from the outset reflects a commitment to protecting what 1Kosmos considers the highest-value data in existence: end-user personally identifiable information (PII).

1Kosmos, 1Kosmos Achieves FedRAMP High Authorization and Kantara Certification, blog, embedded image, 2025

Every piece of data within the 1Kosmos environment undergoes Federal Information Processing Standards (FIPS) 140-3 encryption both in transit and at rest. This is not merely a compliance requirement—it is a recognition that Government agencies entrust identity platforms with irreplaceable citizen information. The platform employs a unique double-encryption approach for digital wallets, where identity evidence receives initial encryption before being secured again within the user’s wallet, with encryption keys remaining under end-user control exclusively.

The platform operates on a privacy-first data retention philosophy. By default, the system processes identity data, stores only what is necessary for wallet creation and immediately deletes excess information. This approach ensures that data remains in the system only as long as operationally required, with automatic deletion on specified retention dates. The platform’s architecture makes it impossible for 1Kosmos or their customers to access end-user wallet data without explicit user consent, creating true user sovereignty over personal information.

What is More Valuable Than Identity?

The question of data value reveals why identity security demands such rigorous protection. In commercial contexts, student records command higher dark web prices than credit card or healthcare information due to the extended window before detection—students typically do not monitor credit for years after graduation. This extended vulnerability period makes educational identity data particularly attractive to cybercriminals and highlights why robust identity verification is essential across all Government sectors.

Government agencies face even higher stakes. Beyond financial fraud, identity compromise can affect national security, citizen services and public trust. The 1Kosmos platform addresses these concerns through continuous security monitoring and automated threat detection capabilities that immediately alert administrators to potential security issues. This proactive approach, combined with comprehensive logging and audit capabilities, ensures agencies maintain complete visibility into their identity security posture.

The platform’s global deployment success stories demonstrate scalability and reliability under real-world conditions. One global business process outsourcing company successfully transitioned half their worldwide user base to 1Kosmos authentication within just two months, showcasing the platform’s ability to handle massive-scale implementations without compromising security or performance.

Building the Future of Government Identity Security

As Government agencies accelerate digital transformation initiatives, the need for trustworthy, scalable identity solutions becomes increasingly critical. The 1Kosmos platform provides the security foundation necessary for agencies to confidently expand digital services while maintaining the highest protection standards for citizen data. With plans to extend certification to IL4 levels for defense customers, 1Kosmos continues pushing the boundaries of what is possible in Government identity security.

Learn more about how 1Kosmos can transform your agency’s identity security posture by exploring their comprehensive platform capabilities and certification achievements.

Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, including 1Kosmos we deliver solutions for Geospatial, Cybersecurity, MultiCloud, DevSecOps, Artificial Intelligence, Customer Experience and Engagement, Open Source and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Explore the Carahsoft Blog to learn more about the latest trends in Government technology markets and solutions, as well as Carahsoft’s ecosystem of partner thought-leaders.

7 Reasons Why Trustwave’s FedRAMP Status is Key for U.S. Vendors

Posted on by
Reply

While selling technology or services to the U.S. Federal Government offers a tremendous opportunity, it also involves navigating complex requirements—especially in the area of cybersecurity.

Federal agencies handle sensitive data and demand the highest levels of security assurance.

This is where the Federal Risk and Authorization Management Program (FedRAMP) comes in, acting as the crucial gatekeeper for cloud services used by the Government.

For vendors looking to succeed in the Federal marketplace, partnering with or building upon services from a FedRAMP-authorized provider isn’t just helpful—it’s often essential.

Trustwave has achieved FedRAMP Authorization for its Government Fusion platform (delivering Managed Detection and Response (MDR) and Co-Managed SIEM/SOC services) which makes Trustwave an ideal partner for any U.S. Government vendor, and here’s why:

1. Instant Credibility: The FedRAMP Stamp of Approval

FedRAMP is the standardized, rigorous security framework mandatory for Federal agency cloud deployments. Achieving FedRAMP Authorization is a lengthy, complex and resource-intensive process, demonstrating an exceptional commitment to security.

  • Leveraging Trustwave’s FedRAMP-authorized platform instantly elevates your offering’s credibility. It signals to agencies that the underlying security meets the Government’s stringent standards and is vetted through an exhaustive process. Trustwave is notably the first pure-play MDR provider to achieve this status, adding further weight to its credentials.

2. Enhanced Trust and Credibility

Achieving FedRAMP authorization is no small feat. It involves a rigorous evaluation process that includes detailed security assessments and continuous monitoring. Trustwave’s compliance with these standards enhances its credibility and trustworthiness, making it a reliable partner for Government vendors who must adhere to strict security protocols.

Trustwave, 7 Reasons Why Trustwave's FedRAMP Status is Key for US Vendors, blog, embedded image, 2025

3. Meeting Rigorous Federal Security Mandates

FedRAMP isn’t just a checkbox; it ensures robust, ongoing security. Authorization requires continuous monitoring, regular assessments and adherence to strict controls based on NIST standards.

  • Partnering with Trustwave assures agencies that your solution’s security components adhere to these high standards. Furthermore, Trustwave’s authorization, operating within AWS GovCloud and meeting “U.S. eyes only” requirements, directly supports vendors needing to comply with other critical mandates like the Cybersecurity Maturity Model Certification (CMMC) required for the Defense Industrial Base (DIB).

4. Access to a Wider Government Market

Simply put, FedRAMP authorization is often a non-negotiable requirement for Federal cloud contracts. Without it, market access is severely limited.

  • By partnering with Trustwave, you align your solution with a provider that has already unlocked the door to Federal agencies requiring FedRAMP compliance. This accomplishment expands your potential customer base significantly. Trustwave also holds GovRAMP authorization, potentially easing access to State and Local Government markets as well.

5. Leveraging Proven Cybersecurity Expertise

Trustwave’s FedRAMP authorization covers its Government Fusion platform, delivering critical Managed Detection and Response and Co-Managed SOC services operated by cleared U.S. personnel.

  • This means you’re not just getting compliance; you’re gaining the backing of a recognized leader in threat detection, response and managed security. Access to Trustwave’s expertise, including insights from their elite SpiderLabs team, strengthens your overall security posture and value proposition.

6. Continuous Monitoring and Improvement

FedRAMP requires continuous monitoring of security controls and regular updates to address emerging threats. Trustwave’s commitment to ongoing security improvements ensures that Government vendors benefit from the latest advancements in cybersecurity. This proactive approach helps mitigate risks and enhances the overall security posture of Government operations.

7. Support for Cloud Adoption

As Government agencies increasingly adopt cloud technologies, having a FedRAMP-authorized partner like Trustwave is invaluable. Trustwave’s expertise in cloud security helps Government vendors transition to the cloud securely, ensuring compliance with Federal regulations while leveraging the benefits of cloud computing.

In the competitive and security-conscious Federal marketplace, alignment with FedRAMP is critical. Trustwave’s FedRAMP Authorization achievement provides U.S. Government vendors with a powerful advantage.

Partnering with Trustwave offers enhanced credibility, accelerates procurement cycles, ensures compliance with stringent security mandates like FedRAMP and CMMC, broadens market access and leverages world-class cybersecurity services.

For vendors serious about succeeding in the U.S. Public Sector, Trustwave’s FedRAMP status makes them a perfect fit.

To learn more about why partnering with a FedRAMP authorized vendor like Trustwave Government Solutions can help your organization succeed in the Federal marketplace, please visit TGS.

Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, including Trustwave we deliver solutions for Geospatial, Cybersecurity, MultiCloud, DevSecOps, Artificial Intelligence, Customer Experience and Engagement, Open Source and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Explore the Carahsoft Blog to learn more about the latest trends in Government technology markets and solutions, as well as Carahsoft’s ecosystem of partner thought-leaders.

The Hidden Threat: Why Ignoring Non-Human and Third-Party Identities is a Risk You Cannot Afford

Posted on by
Reply

I had the opportunity to present and discuss the threat of Non-Human and Third-party Identities at AFCEA TechNet Cyber with the Department of Defense (DoD) community. It is obvious that the maturity of Identity, Credential and Access Management (ICAM) and all identities is top of mind. The Industry, the National Institute of Standards and Technology (NIST), Department of Homeland Security – Cybersecurity and Infrastructure Security Agency (DHS CISA) and the DoD are all starting to focus on the problem, as it is recognized that identity is no longer just an IT problem—it is the front line of defense. We have been deep in digital transformation and the adoption of Zero Trust frameworks and have discovered an inconvenient truth: most organizations are flying blind when it comes to managing the very identities that power their operations—non-human and third-party users.

And that is a problem.

The New Cyber Perimeter: Identity

The old perimeter—firewalls and virtual private networks (VPNs)—is dead. What stands between you and the next breach is your ability to govern who or what has access to your systems. Yet many agencies remain fixated on credentials and authentication, while ignoring vast swaths of non-human actors (bots, robotic process automations (RPAs), service accounts) and external partners (vendors, contractors, mission partners).

This is not just a gap. It is a canyon.

According to Deloitte, 63% of organizations lack visibility into third-party access. Even more troubling, most have no way to list or audit all machine identities operating in the background. These invisible accounts often have persistent, high-level access and no formal governance, making them prime targets for threat actors.

Real-World Breaches, Real-World Consequences

Look no further than the SolarWinds and Okta breaches. In both cases, attackers exploited unmanaged service accounts or contractor credentials to move laterally and escalate privileges. These were not arcane zero-days—they were lapses in identity governance. And they cost credibility, customer trust and in some cases, national security.

The lesson? You cannot protect what you cannot see. And you definitely cannot secure what you do not control.

Why Automation and Governance Are Non-Negotiable

In a Zero Trust architecture, access is no longer assumed—it is continuously verified. But that verification breaks down when service accounts are created ad hoc, with no expiration dates, no ownership and no audit trail. The same goes for third-party users who are onboarded through spreadsheets or informal emails, then forgotten once their project ends—yet their access lives on.

This is how breaches happen.

Governance gaps like these leave organizations exposed to avoidable risks: policy drift, compliance violations, excessive access rights and a lack of accountability. Without automation and lifecycle management, identities multiply faster than security teams can manage them—leading to sprawl, privilege creep and ultimately attack surface expansion.

The Case for Identity-Centric Security

Modern enterprises need identity security platforms that extend beyond the traditional workforce. That means treating machine and third-party identities with the same level of scrutiny, controls and lifecycle management as full-time employees.

SailPoint’s approach offers a compelling blueprint:

  • Non-Employee Risk Management (NERM): Centralized, auditable workflows for third-party access, including onboarding, offboarding and access reviews.
  • Machine Identity Security (MIS): AI-driven discovery, classification, ownership assignment and access certification for bots, RPAs and service accounts.

Together, these capabilities provide visibility and governance across all identities, regardless of origin. They also support Zero Trust mandates like least privilege, just-in-time access and continuous verification.

Business Benefits Beyond Security

This is not just about reducing risk. It is about enabling speed and scale without sacrificing control.

With strong identity governance:

  • Mission partners and contractors get the access they need faster—without creating long-term exposure.
  • Audit preparation becomes easier, with clear logs of who had access to what, when and why.
  • Compliance improves, especially in regulated industries, based on NIST and other frameworks.
  • Security teams can shift from reactive firefighting to proactive risk management.

And perhaps most importantly: organizations become more resilient in the face of evolving threats.

The Bottom Line

Cybersecurity is no longer just about protecting data—it is about protecting trust. And trust starts with visibility and control over every identity that touches your systems.

If your organization is still relying on outdated processes to manage non-human and third-party users, now is the time to act. Inaction is not neutral—it is a strategic liability. As attack surfaces expand and adversaries grow more sophisticated, unmanaged identities will remain the soft underbelly of your defenses.

Zero Trust is not just a framework—it is a mindset. And in that mindset, every identity matters.

It is time to see what has been hiding in plain sight.

Ready to reinforce your identity perimeter? Discover how SailPoint’s ICAM solutions empower organizations to manage digital identities with precision. Explore Now.

Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, including SailPoint we deliver solutions for Geospatial, Cybersecurity, MultiCloud, DevSecOps, Artificial Intelligence, Customer Experience and Engagement, Open Source and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Explore the Carahsoft Blog to learn more about the latest trends in Government technology markets and solutions, as well as Carahsoft’s ecosystem of partner thought-leaders.

The Top Zero Trust Events for Government in 2025 

Posted on by
Reply

Zero Trust stands out within the cybersecurity market because of its transformative approach to the immensely secure framework of “never trust, always verify.” Zero Trust cybersecurity technology industry experts are driven to safeguard Government networks and offer solutions that align with protecting critical information and reducing risk to national security. Carahsoft supports vendors that help Government organizations understand Zero Trust frameworks, develop a Zero Trust strategy and implement a Zero Trust Architecture (ZTA). Throughout this year, Carahsoft and our partners are participating in several events focused on strengthening Zero Trust throughout the Public Sector. Join us to learn how the industry and Government can collaborate to stay ahead of cybersecurity challenges and build a strong foundation for proactive security. 

Public Sector Network Government Cybersecurity Showcase Series 

Multiple Dates | In-Person Events 

Join PSN’s Government Cybersecurity Showcases, a series of events making multiple stops where attendees can explore how Public Sector leaders can embrace innovation while strengthening cybersecurity. As agencies adopt AI, data analytics and smart technologies, the need for resilient Zero Trust frameworks has never been greater. This event will highlight strategies for securing digital transformation, protecting critical infrastructure and fostering cross-sector collaboration—ensuring that innovation enhances, rather than compromises, security and trust. Don’t miss the teaser for our upcoming cybersecurity series to get a sneak peek at the experts, insights and innovations shaping the future of cyber defense. 

Events to look out for: 

  • Tallahassee, FL – August 27: Agenda 
  • Columbus, OH – September 2025: Agenda Coming Soon! 
  • Austin, TX – November 12: Agenda coming soon! 

Carahsoft has partnered with Public Sector Network to host the 2025 Government Cybersecurity Showcase Series, a multi-city event series focused on the evolving landscape of cybersecurity in the Public Sector. These in-person events will bring together Government decision-makers and industry leaders to explore how innovative technologies—from AI to Zero Trust—are reshaping agency security strategies. Carahsoft is offering sponsorship opportunities to our partners. If you are a partner interested in further details on how to participate, please contact your Carahsoft Team. 

SANS Government Security Solutions Forum 

July 22 | Virtual Event 

The SANS Institute stands on a mission of empowering cybersecurity professionals and honoring the highest standard in cybersecurity education to make the world a safer place. The Government Security Solutions Forum will delve into the latest trends in network protection, AI and cyber defense, supply chain, workforce development and more to help attendees understand how to combat modern threats effectively. In previous years, participants engaged with technology experts and listened to unique panel discussions with audience Q&As surrounding invaluable security initiatives across the Public Sector in areas such as Zero Trust implementation, achieving CMMC compliance and harnessing AI. Join us at this year’s event for all this and more! 

Stay tuned for the official 2025 agenda. Here are some of the topics you can expect at this year’s event: 

  • AI-Augmented Cyber Defense 
  • Zero Trust Architecture 
  • Cyber Defense Best Practices 
  • Securing Government’s Expanding Attack Surface 
  • Navigating Compliance Challenges 
  • Emerging Cyber Threats and Future Trends 

Carahsoft looks forward to partnering with the SANS Institute for the 5th year in a row to bring this event to life. Carahsoft has over 800 employees focused on cybersecurity and partnerships with over 150 vendors. To learn more about the topics discussed at the forum and what to expect in July, read our highlights from last year’s event. 

930gov Conference 

 July 31 | Washington, D.C. | In-Person Event 

The 930gov Conference is the annual multi-track conference that brings together Government IT professionals, thought leaders and solution providers for a full day of education and networking. Hosted by the Digital Government Institute, this one-day event covers a range of critical topics including Cybersecurity/Zero Trust, AI, Cloud, Data and Records Management and Enterprise Architecture. With its turnkey format, 930gov offers Government attendees and sponsors alike a streamlined, high-impact experience—making it one of the most accessible and valuable events of the year. 

Sessions to look out for:  

  • Cyber/Zero Trust Track: Intersection of Cyber, AI and Privacy – This track will feature Zero Trust implementation lessons learned, advancements in continuous monitoring and the evolving threat landscape, including the rise of AI-driven phishing. 

Carahsoft is partnering with DGI to support this event. 2025 sponsors included Carahsoft partners such as Microsoft and Armis. Carahsoft and DGI are offering Turn-key Booth sponsorships that feature premium exhibitor booth space, lead retrieval and overall access to the event. If you would like to get involved, please contact your Carahsoft Team. 

Billington Cybersecurity Summit 

September 9-12 | Washington, D.C. | In-Person Event 

A long standing and experienced event, the Billington Cybersecurity Summit features an extensive array of cyber topics, speakers, sessions and interactive breakouts for attendees to truly immerse in the world of today’s emerging cybersecurity solutions and trends. In its 16th year running, this leading Government cybersecurity summit promises an exceptional lineup of Government presenters, an invaluable leadership luncheon, an all-attendee networking reception and over 100 vendor booths featuring strategy development and technology demos. 

For a sneak peek into what you can expect at the summit, topics covered during last year’s event included:   

  • Zero Trust 
  • Ransomware 
  • Advancing cyber diplomacy 
  • Protecting critical infrastructure 
  • Learning how to use proactive defenses 
  • Engineering AI into cybersecurity platforms 
  • Implementing an effective risk management approach 

Carahsoft is looking forward to sponsoring this year’s event and will feature a booth to engage with attendees throughout the week. We will also be hosting a large partner pavilion and encourage attendees to stop by and learn more about our partners and their technology solutions. Check out the events tab on our website for more details closer to the event!  

Carahsoft Cyber Leaders Exchange 

October 1-2 | Virtual Event 

Presented by Carahsoft in collaboration with Federal News Network, The Cyber Leaders Exchange will dive into how the Government is building cyber resilience, including showcasing tips, tactics and tools to support your organization’s mission-critical cybersecurity efforts. Look forward to sessions about cybersecurity strategy-building, workforce challenges, AI within cybersecurity, Zero Trust and informative speakers from trusted technology vendors as well as Government experts. 

Join Federal News Network for Carahsoft’s 4th Annual Cyber Leaders Exchange, taking place virtually on October 1st and 2nd. This dynamic two-day event will spotlight top voices in Government and industry talking about Cybersecurity. Additional details coming soon. Carahsoft is offering sponsorship opportunities to our partners. If you are a partner interested in further details on how to participate, please contact your Carahsoft Team. 

ATARC Public Sector Zero Trust Summit 

October 23 | Reston, VA – Carahsoft Conference and Collaboration Center | In-Person Event 

This in-person event will feature expert discussions, networking opportunities and insights into the strategies and technologies driving secure, resilient Government operations. 

Sessions to look out for: 

  • Building and Measuring Success in Public Sector Security – This session explores practical approaches to adopting ZTA aligned with current Executive Orders focusing on challenges such as identity management, secure access and legacy system integration. 
  • Zero Trust Beyond Compliance – This session will explore how to leverage modern tools, enhance data protection and integrate Zero Trust into existing infrastructures without disrupting mission-critical operations. 
  • Zero Trust and the Cloud: Strategies for Federal Hybrid Environments – This session will focus on strategies for implementing Zero Trust in federal operations that span both cloud and on-premises systems. 
  • Enhancing Efficiency: Trends, Innovations and the Future of Zero Trust – Explore emerging trends and innovations shaping the future of cybersecurity, including advancements in automation, AI-enhanced threat detection and quantum-resilient encryption. 

Carahsoft is proud to serve as the event partner and host for the ATARC Public Sector Zero Trust Summit for the 7th year. Carahsoft is offering sponsorship opportunities to our partners. If you are a partner interested in further details on how to participate, please contact your Carahsoft Team. Attendees will also have the opportunity to earn up to 6 CPE Credits. 

RSA Public Sector Day 2026 

March 23-26 | San Francisco, CA | In-Person Event 

 The 13th Annual RSA Public Sector Day at the RSA Conference examines key areas such as developing a strong cybersecurity workforce, understanding the impact of artificial intelligence (AI) on both offensive and defensive cyber operations and improving the exchange of information among Government entities.  

Attendees will hear directly from top Government leaders and industry professionals as they discuss their perspectives and strategies for enhancing cybersecurity across all levels of Government and healthcare. Check out our website for more information about our involvement in 2026. 

AFCEA TechNet Cyber  

June 2-4 | Baltimore, MD | In-Person Event 

This flagship event serves as the center of gravity for a whole-of-government effort to bring together the policy, strategic architecture, operations and Command and Control (C2) leaders—along with the joint capabilities—needed to meet the global security challenges and successfully operate in a digital environment. 

Carahsoft’s and more than 50 partners will attend to showcase a full range of cybersecurity, AI, DevSecOps and cloud solutions.  

As Government agencies are implementing Zero Trust strategies to meet sophisticated threats, it is imperative that the tech industry provides the most up-to-date information and solutions surrounding cybersecurity. Join Carahsoft and our partners at this year’s events to be a part of the innovative path forward. 

To learn more or get involved in any of the above events please contact us at ZeroTrustMarketing@Carahsoft.com. For more information on Carahsoft and our industry leading OSINT technology partners’ events, visit our Zero Trust solutions portfolio. 

Key Insights from Global Cyber Innovation Forum 2025 

Posted on by
Reply

The 2025 Global Cyber Innovation Forum served as a premier gathering where cybersecurity’s most pressing challenges meet collaborative solutions.  

Hosted by  Forgepoint Capital, Snowflake, Forescout, Google Cloud and Carahsoft at the Embassy of Canada in Washington, D.C., the Forum brought together a curated audience of influential cyber leaders from across the globe, including industry executives, Government officials, policy leaders, venture capitalists and thought leaders from academia and the non-profit sector.  

This annual event provided a platform for critical discussions on emerging threats, technological innovation and strategic partnerships essential for securing our digital infrastructure. Five key themes stood out throughout the sessions: 

  • National Security Threats with Supply Chain Vulnerabilities 
  • The Rise and Race to AI Dominance 
  • The Edge of Quantum Transformation 
  • Typhoon of Attacks on Critical Infrastructure 
  • Streamlining Cybersecurity Compliance 

National Security Threats with Supply Chain Vulnerabilities 

The digital supply chain, specifically software and applications civilians use, have increasingly become a source of critical national security vulnerabilities. Government officials and industry leaders warn that software and digital platforms sourced from foreign adversaries have reshaped the threat landscape by implanting foreign influence in the U.S. technology ecosystem.  

Technology serves as a funding mechanism for adversaries and comes with a hidden price of mass data collection, making it easier for threat actors to access sensitive information and transform traditional cyberattacks. The lack of transparency in certain nation-states raises concerns on regulatory consequences, potentially giving adversaries a strategic edge in information warfare and creating a blind spot in the global tech supply chain.  

U.S. leaders emphasize the necessity for regulated technology supply chains and accelerated Federal certifications, specifically FedRAMP, to ensure innovation does not come at the cost of national security. 

Rise and Race to AI Dominance 

With the rise of artificial intelligence (AI), data has become the modern form of power. Foreign adversaries are striving to build or gain access to data pipelines to fuel their AI models, bypassing privacy in a way that allows them to train AI models much faster than has been possible in America. The U.S. must counter this by accelerating our own AI model training and innovation, while safeguarding privacy and data integrity.  

Government and industry experts state that AI is being underutilized across U.S. operations. The current administration has streamlined AI usage through Executive Order 14179: Removing Barriers to American Leadership in Artificial Intelligence and Executive Order 14277: Advancing Artificial Intelligence Education for American Youth. Additionally, AI should be deployed when combating advanced cyberattacks and automating routine cybersecurity efforts such as threat detection, incident response and vulnerability identification. 

The Edge of Quantum Transformation 

Emerging technologies such as quantum computing are rapidly approaching mainstream adoption. The massive amount of encrypted data currently stored in secret could be vulnerable to decryption within the next 5 to 10 years. This hovering threat has made the development and deployment of post-quantum cryptography a top priority for the U.S. Government. The race to post-quantum cryptography and quantum computers has not just been an urgency for the U.S. and its allies, but also for adversarial nation-states. 

Typhoon of Attacks on Critical Infrastructure 

Advanced persistent threat (APT) groups such as Salt Typhoon, Volt Typhoon and Flax Typhoon have already infiltrated critical infrastructure systems, often using “living off the land” techniques. These public and well documented attacks are considered digital terrorism, disrupting U.S. critical infrastructure operations and stealing intellectual property.  

In response, the U.S. Government is prioritizing cyber hygiene, secure-by-design and the development of an integrated and robust defense system. Agencies, technology providers and critical infrastructure operators are heavily encouraged to collaborate through information sharing, adoption of emerging technologies and routine threat assessments. The severity of these cyberattacks have increased substantially, highlighting the urgency for a more proactive and coordinated national response from the U.S. Government. 

Streamlining Cybersecurity Compliance 

The current cybersecurity regulatory landscape presents a fragmented maze of overlapping requirements that hinder both innovation and effective security implementation. Government and industry security teams are overwhelmed by conflicting standards across Federal, State and agency-specific frameworks. Organizations must navigate multiple compliance frameworks—FedRAMP, National Institute of Standards and technology (NIST) requirements, Cybersecurity Maturity Model Certification (CMMC) and various state requirements—creating redundant processes that drain resources without enhancing security. 

To address this, industry leaders are advocating for regulatory harmonization initiatives. Federal agencies are working to align various compliance frameworks while updating modernization strategies to build interoperability. By aligning around core standards like NIST 800-53 and implementing automated compliance tools, agencies can reduce complexity while maintaining robust cybersecurity postures. Forum participants agreed: harmonized regulations are essential to enabling secure innovation without compromising oversight. 

The Global Cyber Innovation Forum demonstrated that securing America’s digital future requires unprecedented coordination between Government agencies, private industry and international allies. As adversaries continue exploit emerging technologies, the U.S. must respond with unified strategies that streamline regulations, accelerate innovation and sustain global cyber leadership. The insights shared offer a critical roadmap for defending against tomorrow’s threats in a rapidly evolving digital landscape. 

Visit Carahsoft’s Resource Hub to dive deeper into the key takeaways, expert perspectives and resources from the 2025 Global Cyber Innovation Forum.