Protecting Government Benefit Programs from Automated Fraud

Posted on by Katherine Hennessey and Joe Rogers

Nation-states, ransomware gangs, and cyber criminals have a new weapon of choice: AI-powered bots. These systems, which mimic human behavior to automate tasks, have already helped fraudsters siphon hundreds of billions of dollars from federal programs. If left unchecked, this problem will cause taxpayers severe financial harm. The incoming administration will need to move quickly to guard against this rapidly growing threat.

The need to better defend the nation’s technology infrastructure against AI-powered attacks is not a partisan issue, and it is likely our new cyber leaders can build upon some actions taken by the last administration, including the final cybersecurity EO, issued in January 2025, that highlighted the role that stolen or synthetic identities play in defrauding our government programs. While the focus on instituting modernized digital identity methods may be appropriate, we’d like to offer a few additional considerations for our incoming cyber leaders on how to attack this problem.

The Bots Are Here

HUMAN Security NightDragon Protecting Government Benefit Programs Automated Fraud Blog Embedded Image 2025

Bots are increasingly being used by malicious actors to hack into systems, scrape personal data, or submit fake claims for benefits. At its simplest, they can use credentials and identification information purchased or stolen on the dark web to perpetrate fraud against benefit websites. From overwhelming public benefit portals with credential stuffing attacks to manipulating identity verification systems with precision-targeted scams, bots exploit gaps in digital identity systems at a speed, precision, and scale that is incredibly hard to defend against. And with the advancements in AI, they can increasingly mimic legitimate users to bypass security measures faster than most institutions can adapt.

In fact, in 2021, the Department of Labor found that at least $87 billion of the nearly $900 billion in unemployment insurance awarded under the CARES Act in the aftermath of the COVID pandemic were paid improperly, with a significant, but indeterminable portion attributable to fraud. However, in 2023 alone, bots were responsible for 352 billion attacks targeting login portals, credential verification systems, and transaction flows across industries, according to HUMAN’s Quadrillion report.

With 20 percent of login attempts across observed systems linked to account takeover attacks, and 150 million new compromised credential pairs discovered last year, bots are evolving into the ultimate enablers of fraud. If left unchecked, they could amplify the scale of fraud exponentially.

How do we prevent this problem from evolving from merely headline-grabbing to system-crippling?

Our incoming cyber leaders must recognize bots as the major root cause of the fraud problem and refocus attention on deploying cutting-edge new tools on U.S. federal systems to defend the thousands of .gov websites the government administers. This includes deploying applications that can help protect from automated credential stuffing and brute force attempts, block bots from manipulating web applications, prevent data contamination in which bots disseminate fake information to skew metrics, and prevent the unauthorized data harvesting of public websites.

The government must also take the lead in helping private sector entities adopt these tools. The federal government can serve as a catalyst, pushing hold-out organizations to invest in their own fraud defenses. Private businesses are looking for guidance on this issue. Bot detection and counter bot solutions deserve the same level of attention as endpoint detection, patch management, and other fundamental security controls. Proactively embedding bot mitigation into NIST frameworks, for example, will ensure government systems are prepared to defend against automated fraud at scale. Following on this, government guidance relating to how agencies establish Zero Trust architectures should also incorporate bot detection and mitigation.

Finally, we must foster stronger public-private collaboration to advance bot mitigation. Existing bodies for public-private cooperation on cybersecurity must more deliberately include bot intelligence and insight-sharing. We must evolve outdated conceptions of what constitutes cyber threat intelligence (CTI), and endeavor to collect, analyze and report bot intelligence as its own distinct, but highly important category of CTI.

As our incoming cyber leaders in the new administration plan their agenda, it is critical they understand that the root cause of large-scale fraud is not just weak digital identity management methods but AI-powered bots. Bots that undermine the delivery of services and benefits to millions. Combating fraud perpetrated by and with them is a national priority.

To learn more about how HUMAN Security and NightDragon work better together to support Government agencies in their mission to defend against bots, visit our website!

Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, including HUMAN Security and NightDragon, we deliver solutions for Geospatial, Cybersecurity, MultiCloud, DevSecOps, Artificial Intelligence, Customer Experience and Engagement, Open Source and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Explore the Carahsoft Blog to learn more about the latest trends in Government technology markets and solutions, as well as Carahsoft’s ecosystem of partner thought-leaders.

Modernizing the Department of Defense’s Authorization to Operate Process For Agility

Posted on by Danielle Metz

What is the National Defense Authorization Act?

Since 1961, the National Defense Authorization Act (NDAA) has authorized funding levels and provided authorities for the U.S. military and other critical defense priorities, ensuring America’s forces have the resources they need to carry out their missions.

Authority to Operate

A barrier that exists for technology companies is obtaining an Authorization to Operate (ATO) for their software applications, services, and or platform capabilities. The ATO process can be challenging, tedious, and unpredictable, with varying costs and timelines. This process is particularly cumbersome and incongruent with the dynamic nature of software deployment. Once the ATO hurdle is cleared, technology companies face their next challenge: continuous monitoring and associated updates. Every major software update must be run through a compliance process. This poses significant challenges for both the software company and the government end-user. It prohibits the timely and continuous resolution of issues and prevents the government from leveraging the latest and most cutting-edge version of an application.

“Presumptive reciprocity” in the context of the National Defense Authorization Act (NDAA) refers to a provision mandating that if one Department of Defense (DoD) authorizing official has approved a cloud-based platform or service as secure, then other DoD officials should automatically accept that assessment without needing to conduct a separate review. Presumptive reciprocity helps lighten the ATO burden and was recently reinforced in Section 1522 of the FY25 NDAA. Enabling another DoD organization to take an ATO for their software application, services, and or platforms from the Air Force Authorizing Official, for example, and having it accepted by the Navy’s Authorizing Official, greatly reduces the burden on both government accrediting officials and the technology company. Most importantly, the DoD warfighter wins by gaining access to best-in-class capabilities delivered at the speed of relevance, ensuring they can execute their missions effectively.

Second Front Systems DoD Authorization to Operate Blog Chart Image 2025

FY2025 NATIONAL DEFENSE AUTHORIZATION ACT (NDAA) SEC. 1522.

What does the language in Sec. 1522 of the FY25 NDAA on DoD Presumptive Reciprocity entail?

Tasks the DoD Chief Information Officer (CIO) to work with Military Department CIOs to develop and regularly maintain a digital directory of all Authorizing Officials (AOs) across the DoD. Specifically, this database will contain current contact information of the AOs AND list training requirements that must be completed to be certified and perform the duties of an AO.
Identifies the need to establish a policy for “Presumption of Reciprocal Software Accrediting Standards.” The DoD CIO is tasked with creating and implementing a policy for DoD that would require AOs to adopt security analysis and supporting documentation of cloud-hosted platforms, services, or applications that have been approved by another AO in the DoD.
- This policy change will allow for more rapid adoption of cloud-hosted platforms, services, or applications at the corresponding classification level (e.g., CUI, Secret, Top Secret) with the existing approval conditions and no further authorization or approval reviews required.
- The policy will include the following:
  - Standardization of security, accreditation, performance, and operational capabilities of the cloud-hosted platforms, services, and applications;
  - A digital workflow to document acceptance by/among the mission owners and system owners to use the operational capabilities from the cloud-hosted platforms, services, and applications; and
  - Define an adjudication process with associated timelines that would allow AOs that disagree with using this policy to present their rationale to the DoD CIO or designated entity for reconciliation.
- The policy applies to the following:
  - ALL AOs in the DoD (Military Department, Defense Agency and Field Activity, and Component).
  - ALL operational capabilities of cloud-hosted platforms, services, and applications that are on public cloud infrastructure and authorized through FedRAMP and DISA AND capabilities in private cloud landing zones managed by the DoD that have been approved by DoD AOs.

The big take away here is that the FY25 NDAA language marks a significant step forward in reducing bureaucratic hurdles for both technology companies and the DoD. By implementing “presumptive reciprocity,” the NDAA streamlines the ATO process, enabling faster adoption of cloud-hosted platforms and services while maintaining rigorous security standards. This policy helps ensure that the DoD can access cutting-edge technology more efficiently, empowering warfighters with the tools they need to execute their missions with speed and precision. As the DoD continues to modernize and adapt to rapidly evolving technologies, these changes pave the way for a more agile, secure, and effective defense ecosystem.

To learn more about Second Front Systems and the National Defense Authorization Act, visit our website and keep up with our latest efforts with the DoD.

Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, including Second Front Systems, we deliver solutions for Geospatial, Cybersecurity, MultiCloud, DevSecOps, Artificial Intelligence, Customer Experience and Engagement, Open Source and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Explore the Carahsoft Blog to learn more about the latest trends in Government technology markets and solutions, as well as Carahsoft’s ecosystem of partner thought-leaders.

Navy Customer Executive: WEST 2025: Top 10 Insights on AI, Cybersecurity and More

Posted on by Mike McCalip

Government leaders, military officials and industry professionals gathered at AFCEA’s WEST 2025 conference to discuss the newest technologies, modern networking capabilities and cybersecurity initiatives that enhance operations within the Sea Services. As a technology provider for the Department of Defense (DoD) and industry experts affiliated with the Navy, Carahsoft and its partners are deeply aligned with the goals of the Navy and Sea Services and is committed to providing mission-critical technologies to keep the country safe. Carahsoft and over 90 of our partners, including Adobe, Appgate, Crowdstrike, Docusign, HashiCorp, Hitachi, Qualys and WIZ joined at WEST 2025 to showcase solutions in artificial intelligence (AI), cybersecurity, DevSecOps, Zero Trust and more.

Check out the action from San Diego, California in our West 2025 recap video!

Here are the top ten insights for the technology industry and Government from this year’s conference.

1. Artificial Intelligence (AI) in the U.S. Navy

There are many opportunities for AI in the Navy, such as the OpenShip Tool and its usage of OpenAI’s Whisper model to translate incoming communications through the Navy’s Very High Frequency (VHF) radios. Remote monitoring can detect issues with technology and support rapid troubleshooting. AI can also be used to predict turnaround time, helping the workforce choose when to prioritize projects and deliver items on time.

AI can simplify operations. PMS 406 unmanned Maritime Systems runs the Unmanned Maritime Autonomy Architecture (UMAA), whose architecture creates a low barrier of entry for operation. With AI, update 6.0 of the UMAA and the Navy’s “Replicator initiative,” which works to field hundreds of autonomous systems by August 2025,” every soldier could operate a drone.

In the session “Fleet AI Deployment,” Lieutenant Artem Sherbinin, the Chief Technology Officer for the U.S. Navy ‘s Task Force Hopper, reviewed the three priority areas for the Navy’s AI usage, which are to:

Outthink adversaries

Enhance administrative work

Maintain goal of keeping 80% of combat surge-ready fleet

By using AI capabilities, the Navy can empower its acquisition force to act efficiently and quickly. Lieutenant Sherbinin also discussed two upcoming projects. Navy warships produce 150TB of data per warship per day. To manage this massive volume of data, the Navy is building a Warfighting Data and AI Ecosystem. This tool’s requirements are being drafted and will be submitted in the upcoming fiscal year, but currently include components such as data extraction, data processing and sensor updates to ships underway. Vendors should keep an eye out for pre-RFPs and RFI opportunities surrounding this capability. The second project is a new Commercial Solutions Offering (CSO), the Surface Lethality CSO. This soon to be released solution will be released through the Defense Innovation Unit on AI for Surface Lethality, and will expedite decision-making and enable the Navy to keep ahead of adversaries.

2. Red Teaming to Improve Cybersecurity

In the session “Leveraging Cloud to Accelerate Unmanned and Autonomous System (UAS) Mission Critical Capabilities,” Allen Mcafee, CTO of Fuse Integration, discussed the desire to increase red teaming—a process for testing cybersecurity by having allied hackers conduct non-threatening breaches—amongst autonomous systems to increase the robust quality of existing programs, especially in the electronic and kinetic fields. Vendors that specialize in cybersecurity solutions for autonomous systems should offer red team services to help solidify UAS security.

3. The Importance of Maritime Trade to Cybersecurity

In the session “Office of Naval Intelligence Brief,” Rear Admiral Mike Brooks, Commander of the Office of Naval Intelligence (ONI), spoke heavily on the criticality of maritime trade and the effect it has on the posture of the Navy. Chokeholds on shipping ports can hinder the economy, and so ONI is placing further emphasis on gathering intelligence in this area to preserve supply chains.

4. DISA’s New Cloud-Based Mission Partner Environment

To address logistic challenges, the Defense Information Systems Agency (DISA) developed a mission partner environment within the cloud. This tool acts as a joint sustainment decision tool and will feature an application hosting platform. DISA will initially host this environment, but is looking for commercial partners to host the platform and ensure its accessibility to all allies and partners.

5. Business Initiatives

The Navy has upgraded its approach to doing business, releasing its Information Superiority Vision (ISV) 2.0. In the initial version, the Navy’s framework for business was “Modernize, Innovate and Defend.” The 2.0 System is:

Optimize – IT teams can integrate new systems and turn off outdated ones

Secure – Personnel should think proactively in the design phase, rather than the more reactive “defend”

Decide – Staff places data into the hands of people who need it

This new system focuses on being proactive and innovative, integrating a focus on the workforce. Vendors should determine how their solutions fit into one or more of these pillars when marketing their technology and solutions.

Carahsoft WEST 2025 Blog Embedded Image 2025

The Navy can learn from all types of industries and technology. Former Commander of the U.S. Pacific Command and Former Ambassador to the Republic of South Korea Admiral Harry B. Harris Jr. recounts an example from the 1930s where the Marine Corps struggled to field a landing craft. The solution came from examining a small civilian craft in the local area, showcasing a “Higgins Boat Moment” where the Marine Corps were able to learn from civilian technologies, highlighting the importance of dual-use technology that is prioritized by the DoD.

Business is fulfilled when employees have bandwidth. In the session “Bringing Enterprise IT to the Edge to Accelerate Innovation,” Captain Kevin White of the PEO C4I PMW/A 170 Navy Communications and GPS Navigation Program discussed how bandwidth can fall into three different categories: morale, business applications and tactical services. When sailors have excellent bandwidth for morale and business applications, they are more efficient tactically.

The DoD is working on a portal that provides information and education on Small Business Innovation Research (SBIR) and Small Business Technology Transfer (SBTT) programs. This portal assists in creating effective proposals and understanding language and resources. This page, while accessible, is still in development and will continue to be fleshed out in the upcoming weeks.

6. Renewing Technology

In the session “I’m charged with Putting a Flux Capacitor in a 1995 Mazda,” Brigadier General of the U.S. Marine Corps and Commanding General of the Marine Corps Installations West Nick I. Brown mentions that whether it is power systems or IT, infrastructure needs to be in place to accept new technology. Much of the DoD’s infrastructure is build on legacy systems or is out of date and needs to be replaced or upgraded before advanced solutions can be put in place. The U.S. Marine Corps is looking for vendors to help with new technology instillations and upgrading existing infrastructure, especially on the West coast. The U.S. Navy is allocating funds to achieve similar goals. It aims to improve its outdated infrastructure and systems to carry out technology initiatives by the Program Executive Office Digital and support the Navy’s culture of excellence.

In the session “Why Have a Lambo if You Don’t Have the Road?”, Col. Jared Voneida discussed five major areas that DISA is working on:

Building commercial and Government data centers

Improving theater transport and host nation infrastructure

Fortifying existing cybersecurity infrastructure and Defensive Cyberspace Operations-Internal Defensive Measures (DCO-IDM)

Maintaining command and control of the network

Completing initiatives by 2027

The Colonel also emphasized the need to divest from legacy time division multiplexing (TDM) infrastructure. While AI and machine learning (ML) has a plethora of uses, until AI/ML software divests from TDM infrastructure, DISA cannot utilize it effectively to assist with their network and data. With updated networks and hardware in place, the Navy and DoD can utilize the newest advanced solutions.

7. IT at the Center of the Workforce

To meet the rising demand in recruitment, the Navy has released its new enlisting agent, Robotics Warfare Specialist. With cybersecurity being more at the center of safety, the Navy aims to train more sailors in IT. Additionally, the Navy has released a new enlisted rating, Robotics Warfare Specialist, a new job that helps ensure effective planning and control of autonomous systems.

8. Improving Productivity by Decreasing Troubleshooting

IT and software issues can lead to lost productivity. RAND Corporation, a research and development nonprofit, recently released a report regarding the viral LinkedIn post “Fix Our Computers” that highlighted user experience challenges with IT systems in the DoD. Their report estimated, on the conservative side, $2.5 billion in lost productivity due to IT and software difficulties. The Sea Services aim to increase the user friendliness of software to decrease the time lost to troubleshooting. In the sessions “Bringing Enterprise IT to the Edge to Accelerate Innovation,” Captain White of the U.S. Navy attributed the largest productivity gaps to IT teams relying on command line programing. Captain White encourages industries to develop more user-friendly systems that do not rely on command lines.

9. Compliance is No Longer Enough

In the session “DON CIO Perspective,” Navy CIO Jane Rathbun states that while Authority to Operate (ATO) tells you how secure a system is at that point in time, it does not encourage the readiness mindset that is optimal for protecting cybersecurity. Rathbun encourages switching to continuous monitoring and authorizations of systems, rather than stopping at ATO compliance. Rathbun specifically noted threat analysis and continuous monitoring as areas vendors might be assessed on in the future.

10. DevSecOps Products that Improve Marine Corps Productivity

The Marine Corps showcased 11 different products manufactured by the software factory product line related to development, security and operations (DevSecOps).

Check out details on the products below:

MyCareer – Supports the Manpower Management Enlisted Assignments (MMEA) and aids Marines by monitoring conversations, providing a virtual queue and matching partners based on data on marine preferences

ItemEyes – Provides marine units with a digitized inventory

Sensor Processing Analysis Radar Translation Application (SPARTA) – Hosts data from radar, automatic identification system (AIS) and unmanned systems all in one user-friendly interface

CRUSADER – Controls, processes and detects radar information in one easy to use library

Real-time Alerting, Interference Detection & Electromagnetic Reporting (RAIDER) – Provides real-time alerts for anomalies detected in the electromagnetic spectrum

All-domain Electromagnetic and Radio Organic Trainer (AeroT) – Helps Marines simulate and visualize their electromagnetic signature

EXODUS – Provides evacuees located abroad with personal services, such as mobile passport processing

TAK Design System – Helps Marines navigate and build plugins for Tactical Assault Kit (TAK)

ReserveHub – Enables Marines to find ideal areas when relocating, boosting retention rates

SnapDB – Analyzes pictures taken by unmanned aerial systems (UAS)

J-Series Message Library, Government Open-Source (JSML) – Translates code into J-Series

Through the developing partnerships between the technology industry and Government as well as Carahsoft and our partners, the DoD can streamline in areas such as artificial intelligence, cybersecurity, DevSecOps, compliance and more. These insights from West 2025 illustrate the Navy and Sea Service’s commitment to continual innovation and maintaining the safety of the nation.

To learn more about cybersecurity and the defense industry, visit Carahsoft’s defense portfolio to explore solutions showcased at AFCEA’s WEST 2025. For additional research into the key takeaways industry and Government leaders presented at WEST, view Carahsoft’s extensive market research brief for a recap.

CMMC Program Executive: How Defense Industrial Base Organizations Can Prepare for the CMMC Program

Posted on by Alex Whitworth

The New CMMC Rule

The security of each organization that supplies goods or services to the Department of Defense (DoD) is of vital importance to the nation’s cyber resilience. The CMMC Program is a part of a holistic initiative by the DoD and Federal Government to enforce cybersecurity standards for DoD contractors and subcontractors and increase supply chain visibility and resilience overall. FedRAMP has increased the security levels of Cloud Service Providers (CSPs) and Software as a Service (SaaS) companies in the technology supply chain. Within the DoD supply chain, CMMC encourages DIB organizations to raise their cyber maturity and resilience. The Code of Federal Regulations (CFR) Title 32 rule passed its 60-day Congressional review on December 16, 2024, officially launching the new Cybersecurity Maturity Model Certification (CMMC) Program. The last remaining step to operationalizing CMMC is the CFR Title 48 rule, which will allow the Government to implement CMMC requirements into contracts and is estimated to launch this year. Defense Industrial Base (DIB) organizations will begin to see CMMC requirements in their contracts with the DoD and related agencies and must be prepared to demonstrate their compliance with the new regulations.

In the latest version, DOD contracts will require one of three cyber maturity levels for all prime or subcontractor organizations under a given contract. During Phase One of the program rollout, DIB organizations will need to provide a self-assessment of their relevant maturity level for the contracts they desire. Then in Phase Two, estimated to begin in 2026, maturity level two contracts will require assessments conducted by a third-party Cyber AB approved C3PAO. The program will be completely rolled out over four phases.

Gaining CMMC Compliance

It will be vital for all organizations to have the relevant level of cyber maturity so that they can continue delivering work, goods and services to the DoD. Whether they are the prime contractor or a subcontractor, defense contractors should expect to see CMMC requirements in their contracts. Prime contractors will pass the maturity level requirements down to subcontractors as a condition of receiving sub-contract work.

Carahsoft CMMC Rule for DIB Organizations Blog Embedded Image 2025

Since the DoD first announced the CMMC Program, it has been building momentum and communicating the framework of the Program to DIB organizations. While there have been minor changes, the core of the framework has remained consistent over the past four years. DIB organizations that have not begun working on compliance should start immediately so they can deliver a self-assessment in early 2025 or a third-party audit in 2026 if they are a level two contractor. With the limited supply of C3PAOs and CMMC assessors, there will likely be a supply shortage resulting in back logs for scheduling a CMMC assessment. Furthermore, organizations looking to utilize external service providers (ESPs) need to engage with those companies early, as there is a limited supply of available compliant options. Ultimately, gaining CMMC compliance is a critical national security mission. With cyber security and data becoming more paramount to the strength of a nation, protecting the data that resides outside DoD firewalls on contractor networks is imperative.

Changes to the Contracting World

CMMC encourages DIB organizations to raise their cyber maturity and resilience. Many DIB customers have begun with self-assessments, engaged with consultants for gap assessments and migrated to Government cloud products. This trend has spread to the civilian side of the Federal Government, as well as to American allies, who have discussed or announced mandatory certification programs modeled on National Institute of Standards and Technology (NIST) standards. But for some small and medium sized businesses, cost is a barrier to gaining CMMC compliance, especially for level two or above. The defense industry has responded to that challenge by innovating and developing more offerings for advisory and consulting services, managed services and purpose-built technology that will help companies accelerate their CMMC journey. This expansion of choice allows for a more ideal fit for each individual company based on its unique environment, considering factors such as in-house talent, available resources and budget.

It is not just prime contractors that must have the appropriate CMMC certification, but subcontractors as well. They will need the same CMMC maturity level as their prime contractor before storing or processing any Controlled Unclassified Information (CUI) or Federal Contract Information (FCI) as part of a contract delivery. To maintain competitiveness, subcontractors will need to achieve CMMC compliance of their own. Ultimately, the prime will be responsible for validating the CMMC maturity level of their subcontractors and will need to put in place a process to do so.

Ultimately, CMMC compliance is a vital contribution to the security of Federal data. Whether an organization is beginning to research CMMC, scoping out the boundaries of their CUI environment, or preparing to remediate the gaps to full compliance, it is a good time to start thinking about CMMC compliance.

How Carahsoft Can Help

Carahsoft is a proud part of the cybersecurity industry and the CMMC ecosystem. Gaining CMMC compliance can be a costly and time-consuming process; Carahsoft can guide your organization through all the available options and help make decisions that are best suited to meet your organization’s unique needs. As a value added reseller that represents over 200 cybersecurity technology vendors, and with over 1000 team members focused on our wide breadth of cyber offerings, Carahsoft can support DIB organizations in addressing every CMMC maturity level and capability domain. Carahsoft can foster connections with service providers, subject matter experts and advisory consultants that can help organizations prepare for or execute a CMMC assessment. By tracking policies and trends that align with customer needs, Carahsoft can pair your organization with the right technology to address your needs, as well as offer news, educational material, events and other resources to make an informed decision for CMMC compliance.

To learn more about gaining CMMC compliance, visit Carahsoft’s CMMC Compliant Products and Services portfolio.

The Top 10 AI Events for Government in 2025

Posted on by Mike Adams

Artificial intelligence (AI) has grown from simple automation and robotics in the mid-20^th century to modern-day advanced technology, experiencing major evolution within the last several years. The power of AI and increased usage across many Public Sector markets has sparked a new wave of innovation surrounding development of tools, solutions, policy, ethics and more. Whether showcasing new technologies or networking with AI tech industry experts, dive into Carahsoft’s recommendations below for the top upcoming AI events to attend this year as we explore all these topics and what is to come for AI.

Ai4 

August 11 – 13 | Las Vegas, NV | In-Person Event 

Ai4 2025 is North America’s premier artificial intelligence conference, scheduled for August 11–13 at the MGM Grand in Las Vegas. The event is set to host over 8,000 attendees, 600+ speakers, and 250+ exhibitors, offering a comprehensive platform for exploring AI advancements across various industries, including the public sector.

Ai4 2025 features a dedicated Government Track that delves into how AI transforms public services, enhancing operational efficiency and improving decision-making within Government agencies.

Key Themes and Sessions Include:

AI in Public Infrastructure: Insights from leaders like Dr. Mike Horton, Chief AI Officer at the U.S. Department of Transportation, on integrating AI into transportation systems while navigating regulatory landscapes.

Healthcare Innovations: Discussions on how the Veterans Health Administration is leveraging AI to enhance patient care through proactive and personalized solutions.

Ethical AI and Governance: Exploration of AI ethics, data governance and compliance, crucial for public sector implementations.

Join and connect with Carahsoft partners at Ai4, including: Dataiku, Dell Technologies, Google Cloud, IBM, MongoDB, Oracle, Red Hat, Anaconda, Lilt, NetApp, Snorkel, ZLTech, Weights & Biases, Yurts and Domino.

Public Sector Low-Code App Engine Innovation Workshop

August 13 – 14 | Vienna, VA | In-Person Event

This two-day, hands-on Low-Code App Engine Innovation Workshop will show how agencies are reimagining their approach to automation and app development with ServiceNow’s Creator Workflows and Generative AI. Learn how to boost productivity at scale by building high-value, low-code mission apps with App Engine.

During this workshop, attendees will learn:

How to identify the right problems to solve in your agency with Low-Code tools.

Successful examples of how other agencies are driving rapid innovation at scale with ServiceNow’s Low-Code App Engine.

Practice ideation and rapid Low-Code app creation techniques that focus on making the world of work, work better.

Carahsoft is the proud host of this event and is please to offer 16.6 continuing professional education (CPE) credits to those that attend the event through NASBA.

State & Local Government AI Summit

August 14 | Boston, MA | In-Person Event

The Center for Public Sector AI and the Center for Digital Government are building on the momentum of their AI Summit by bringing together state and local CIOs, AI leaders, and private sector partners to explore how artificial intelligence is reshaping Government. As agencies work to unlock AI’s potential while addressing trust, ethics, privacy and workforce challenges, this event offers a dynamic space to connect with peers and innovators who are driving real transformation across Government.

Connect with Carahsoft partners AWS, Dataminr and Dell Technologies at the State and Local AI Summit.

AI For Defense Summit

September 3-4 | National Harbor, MD | In-Person Event

The 4th Annual AI for Defense Summit will bring together leaders from the Department of Defense (DoD), Federal agencies, industry, academia and the intelligence community to explore the strategic integration of artificial intelligence in defense operations. This year’s event will showcase advancements in generative AI, autonomous systems, cybersecurity, and operational AI, while addressing key topics like software acquisition reform, human-machine integration, and safeguarding critical infrastructure. Through panels, keynote sessions, and networking, attendees will gain insights into how AI is reshaping warfighting capabilities, accelerating decision-making, and strengthening national security across all domains.

Connect with Carahsoft partners, including OpenAI, Ask Sage, Fiddler, Everfox, Seekr, AutogenAI and Scale AI.

Billington Cybersecurity Summit

September 9-12 | Washington, D.C. | In-Person Event

A long-standing and experienced event, the Billington Cybersecurity Summit features an extensive array of cyber topics, speakers, sessions, and interactive breakouts for attendees to truly immerse themselves in the world of today’s emerging cybersecurity solutions and trends. In its 16th year, this leading Government cybersecurity summit promises an exceptional lineup of Government presenters, an invaluable leadership luncheon, an all-attendee networking reception and over 100 vendor booths featuring strategy development and technology demos.

For a sneak peek into what you can expect at the summit, topics covered during last year’s event included:

Zero Trust

Ransomware

Advancing cyber diplomacy

Learning how to use proactive defenses

Engineering AI into cybersecurity platforms

Implementing an effective risk management approach

Protecting critical infrastructure

Stay tuned to the website for announcements around the speaker lineup and further summit information.

Carahsoft is looking forward to sponsoring this year’s event and will feature a booth to engage with attendees throughout the week. We will also be hosting a large partner pavilion and encourage attendees to stop by and learn more about our partners and their technology solutions! Check out the events tab on our website for more details closer to the event!

ACT-IAC Digital Transformation Summit

September 17 | Reston, VA | In-Person Event

Digital transformation is reshaping how Government, industry and academia operate by leveraging new and evolving technologies to streamline business processes, reduce manual work through automation and expand access by overcoming geographic limitations. It enhances efficiency, agility and scalability, while delivering greater value and satisfaction to staff, customers and stakeholders. Often described as “reimagining how we do business,” successful digital transformation requires strong leadership, a clear vision, staff buy-in, and a solid understanding of how to maximize the impact of technology investments.

Sessions to Look Out for: Breaking Ground: Real-World Implementation of AI and Next-Gen Technologies and Workforce Management in the Digital Age: AI-Driven Strategies for Recruitment, Retention, and Engagement of Government Employees

This Summit is being planned and hosted by ACT-IAC and Carahsoft and will focus on where Digital Transformation is today, how it has been used to transition to new innovative technologies and how it has improved overall performance. This event will also include an international element to hear how other countries have utilized digital technologies successfully.

Dreamforce

October 14 – 16 | San Francisco, CA | In-Person Event

Dreamforce 2025, Salesforce’s flagship technology conference emphasizes AI-driven transformation, with a particular focus on the public sector. A central theme is “Agentforce,” Salesforce’s AI-powered digital labor platform designed to enhance operational efficiency and service delivery. For public sector organizations, Agentforce offers tools to automate tasks, improve constituent services, and streamline workflows. Sessions will showcase real-world applications, such as AI-powered virtual assistants, automated case management, and advanced analytics through Tableau Next, all aimed at modernizing government operations

Sessions to Look Out for: Public Sector Product Roadmap: Future-Proof Your Mission and Elevate Every Education Journey with AI, Data, and Action.

Carahsoft partner, Salesforce, returns with the most impactful event of the year. Carahsoft is looking forward to hosting a Public Sector networking reception at Dreamforce again in 2025. Stay tuned for more details to attend or participate alongside us as a sponsor! Check out the events tab on our website for more details closer to the event!

GovAI Summit

October 27 – 29 | Arlington, VA | In-Person Event

The GovAI Summit 2025, scheduled for October 27–29 in Arlington, Virginia, is a premier event focused on the integration of artificial intelligence within the public sector. Organized by Modev, the summit aims to bring together government officials, policymakers, technologists, and industry leaders to explore the transformative potential of AI in governance.

Discussions will emphasize the importance of ethical, non-discriminatory, and responsible AI governance, aligning with the mission of the GovAI Coalition to promote AI for social good.

SC25: International Conference for High Performance Computing

Carahsoft Top 10 AI Events Carahsoft Blog Embedded Image 2025

November 16-21 | St. Louis, MO | Hybrid Event

Supercomputing25 (SC25) is the premier global conference for high-performance computing (HPC), networking, storage and analysis, tailored to address the needs of Government, defense and research organizations. This year’s event explores the transformative impact of HPC technologies on solving critical challenges, advancing national security and driving innovation across scientific and governmental missions.

At SC25, there will be a wide array of programming including presentations on new research, showcasing innovative work or practices and teaching and guiding the next generation of HPC students and professionals.

Carahsoft will once again host a large pavilion space and is an exhibiting sponsor of SC25 along with many of our partners at the forefront of high-powered computing, including AWS, Broadcom, Cloudian, Dell, Google, Groq, HPE, IBM, Intel, Microsoft, Microway, NVIDIA, Oracle, Red Hat and VAST Data.

DODIIS Worldwide

December 7 | Fort Lauderdale, FL | In-Person Event

The DoDIIS Worldwide Conference 2025, scheduled for December 7–10 in Fort Lauderdale, Florida, will spotlight the integration of artificial intelligence (AI) within defense and intelligence operations. Hosted by the Defense Intelligence Agency (DIA), this event gathers leaders from the Department of Defense (DoD), Intelligence Community (IC), industry and academia to discuss mission-critical technologies and strategies.

Carahsoft will host an expansive Partner Pavilion highlighting cutting-edge technologies that support artificial intelligence. Within this space, our AI booth—located in the Vertical Alley—will feature demos from our AI solution partners.

—

To learn more or get involved in any of the above events please contact us at AITeam@carahsoft.com. For more information on Carahsoft and our industry leading AI technology partners’ events, visit our AI solutions portfolio and AI Events page.

The Top 10 Customer Experience and Engagement Events for Government in 2025

Posted on by Tiffany Goddard

Customer experience (CX) and engagement is at the forefront of positive innovation in Government, creating efficient and convenient services, accessible access to information and opportunities for communication between agencies and their customers to build a clearer understanding of public needs and how to develop and reform operations. Carahsoft Technology Corp., The Trusted Government IT Solutions Provider®, features a portfolio of industry-leading solutions and providers to support the Government in its efforts to share and report information to its community. Throughout this year, new and returning events will showcase the latest technologies, generate meaningful conversations through networking sessions and provide live product demonstrations to enhance Government CX. We look forward to joining these events with you soon!

2025 Government Contact Center Summit

April 30 | Reston, VA | In-Person Event

Join us for the inaugural Government Contact Center Summit. Dorris Consulting, in collaboration with ACT-IAC, will bring you a day of thoughtful discussions on delivering outstanding digital experiences with best-in-class contact centers. Learn best practices for Government Contact Centers, explore new technologies and solutions and network with leaders from Government and industry.

As the hosting organization, Carahsoft is excited to partner with DCI and ACT-IAC for the inaugural Government Contact Center Summit at our Carahsoft Conference & Collaboration Center. Join us to hear from and meet Government and industry leaders at the forefront of Government Contact Center innovation.

Carahsoft AI for Government Summit

May 15 | Reston, VA | In-Person Event

Carahsoft Top 10 CX Events Carahsoft Blog Embedded Image 2025

Carahsoft’s AI for Government Summit is the premier event for exploring how AI is revolutionizing the Public Sector. This summit brings together Federal, State and Local Government leaders, industry innovators and technology experts to discuss the transformative potential of AI in addressing the nation’s most pressing challenges. Attendees will gain actionable insight into how Generative AI is transforming Government operations, how AI can streamline public services, cybersecurity and data protection, and how to leverage AI for predictive analytics and decision-making, as well as tackling ethical, privacy and compliance challenges.

Session to Look Out for: Enhancing Customer Experience (CX) in the Public Sector with AI: AI is transforming how Government interacts with citizens. This session will explore how AI-driven chatbots, virtual assistants, and automation improve service delivery and user satisfaction in public-facing Government services.

Carahsoft is the proud host of the AI for Government Summit. This was a milestone event in 2024 with speakers from NVIDIA, OpenAI, Microsoft, Google, AWS, Dell, HPE and others. Join us at the Carahsoft Conference & Collaboration Center to learn about all things AI within the Public Sector.

2025 Government Social Media Conference

May 20-22 | Orlando, FL | Hybrid Event

GSMCON is the largest social media conference for Government. Hear from 25+ Government speakers participating in more than 20 sessions and breakouts on the latest social media trends, industry secrets and best practices. Attendees will gain real, actionable strategies while fostering connections with Government social media professionals around the globe.

Sessions to look out for:

Accessible and Inclusive Social Media Strategies for Government Agencies

The Fresh Brand of Bel-Air: Keep Employee Engagement Fresh

As a Premium Exhibitor at GSMCON in 2025, Carahsoft, along with our partners LinkedIn, Hootsuite and Sprout Social are excited to participate in the premier social media conference for Government agencies for its 10-year anniversary event. Visit our Carahsoft exhibit booth to meet the team and our partners.

Government Customer Experience & Engagement Summit

June 3 | Washington, D.C. | Hybrid Event

The Government Customer Experience & Engagement Summit serves as a crucible for knowledge exchange to build a customer-centric Government. Join Federal and State and Local experts, thought leaders and CX professionals to discuss how emerging technologies are revolutionizing Government CX. Explore best practices for digital transformation, improving employee experience, building trust with constituents and implementing innovative technologies to make Government services, information and processes more efficient. Participants will be able to follow two distinct tracks that cater to diverse interests and objectives: technology and culture.

Carahsoft is proud to host our 15th annual summit powered by GovExec. Join us, Government leaders and our CX technology and solutions industry experts as they discuss how the future of Government services and CX lies at the intersection of technology, efficiency and establishing a culture of excellence.

Federal Experience Summit

August | Washington, D.C. | In-Person Event

The Qualtrics Federal Experience Summit brings leaders together to engage with each other on the evolving landscape of CX and employee experience (EX). Attendees will gain insight into innovative technologies that foster digital transformation, improve service delivery and build trust with constituents. Participants can choose between CX and EX breakout tracks to tailor their experience to their agency’s needs.

Carahsoft partner, Qualtrics, is excited to host the Federal Experience Summit once again this year. Join them in Washington, D.C. for discussions on how to listen, understand and act on employee and customer experience feedback. Check out the events tab on our website for more details closer to the event!

Digital Transformation Summit 2025

September 17 | Reston, VA | In-Person Event

The ACT-IAC Digital Transformation Summit provides Government and industry leaders strategies to accelerate the transition from legacy applications to new innovative technologies. Hear leaders share their best practices for building a successful digital transformation approach to meet evolving CX challenges and promote efficiency holistically. Join us for a day of insightful discussions and networking with industry experts, thought leaders and CX professionals.

Sessions to look out for:

Workforce Management in the Digital Age: AI-Driven Strategies for Recruitment, Retention, and Engagement of Government Employees

Safeguarding Digital Services: Federal Success Stories in Cybersecurity and Data Management

Carahsoft looks forward to collaborating with ACT-IAC for the 5th Annual Digital Transformation Summit and hosting the event at our Carahsoft Conference & Collaboration Center. Join us to hear from and meet Government and industry leaders driving Government digital transformation.

Service to the Citizen Awards

September 19 | Washington, D.C.

The Service to the Citizen Awards recognizes public servants at all levels of Government (e.g., Federal, State, Local, tribal and international) for their leadership and dedication to delivering services that impact the publics’ lives and rebuild trust in Government. While the event is for the esteemed award winners and sponsors only, nominations are open through April 4, 2025. Are you or do you know someone who goes above and beyond to deliver an exceptional customer experience to citizens? Have a ‘champion of change’ spirit? Supported initiatives that helped the Government provide remarkable services? Submit your nomination today!

Carahsoft is honored to return as a Platinum sponsor for 2025 and support our partners and customers in their nominations. Join us in honoring exemplary public servants. If you need support with the nomination process, please contact CXmarketing@carahsoft.com.

Dreamforce 2025

October 14-16 | San Francisco, CA | Hybrid Event

Dreamforce is a three-day event featuring the world’s brightest minds in CX to foster discussions about driving innovation and customer success. Discover the latest Salesforce tools and products to help you build engaging digital experiences and meet your constituent’s every expectation. Attend educational breakout sessions, hands-on workshops and network with industry leaders and peers.

Carahsoft partner, Salesforce, returns with the most impactful event of the year. Carahsoft is looking forward to hosting a Public Sector networking reception at Dreamforce again in 2025. Stay tuned for more details to attend or participate alongside us as a sponsor! Check out the events tab on our website for more details closer to the event!

Government Service Delivery 2025

October 29-30 | Washington, D.C. | In-Person Event

The Government Service Delivery event program unites U.S. public service leaders to explore how technology is driving innovation and accelerate the delivery of high-quality government services. Attendees will have the opportunity to participate in exclusive roundtables and an open conference over the course of the two days to hear government CX leaders discuss shared challenges to transformation and share insights and intelligence on how they can be overcome to improve public services.

Carahsoft is partaking as a Bronze Sponsor with an exhibit booth and is excited to have the opportunity to connect with our Government’s CX community to learn about their goal and initiatives and how our technology portfolio of solutions can support their goals.

CX Workshop 2025

December 4 | Virtual Event

During this transitional time of Government operations, the need to streamline service delivery is imperative. This Nextgov/FCW virtual workshop brings together Government and industry leaders to share lessons and successful customer experience case studies. CX leaders will guide participants on adopting technology to enhance CX and highlight how agencies can best collaborate.

Carahsoft is returning as an Elite sponsor for 2025. Join us and our partners for conversations on delivering quality digital services and meeting customer expectations. Check out the events tab on our website for more details closer to the event!

Whether you are looking for latest innovations in improving service delivery and employee experience or to learn more about digitization of services and social media trends, join us at an event this year as we explore all topics within the realm of customer experience and engagement.

To learn more or get involved in any of the above events please contact us at CXMarketing@Carahsoft.com. For more information on Carahsoft and our industry leading CX technology partners’ events, visit our Customer Experience and Engagement solutions portfolio and CX events page.

The Top 10 Cybersecurity Events for Government in 2025

Posted on by Steve Jacyna

In 2025, assessment, adaptation and agility are key for Government agencies and the tech industry to successfully navigate the growing landscape of cybersecurity. As part of the recently released White House Executive Order, “Strengthening and Promoting Innovation in the Nation’s Cybersecurity” Government agencies are tasked with modernizing polices to meet today’s cyber security challenges which include an emphasis on Zero Trust Architectures, Endpoint Detection and Response, Network Segmentation and advancing Phishing Resistant MFA protocols. Carahsoft is prepared to support and guide the Federal, State and Local Government, as well as Education and Healthcare organizations through this new year in collaboration with our robust network of cybersecurity partners and solutions. Check out these top events to learn more about what to expect in cybersecurity throughout this year.

Public Sector Day at RSA Conference

April 28 | San Francisco, CA | In-Person Event

Carahsoft Top 10 Cybersecurity Events Carahsoft Blog Embedded Image 2025

Join us for the 12th Annual RSA Public Sector Day at RSA Conference! This year’s program will examine key areas such as developing a strong cybersecurity workforce, understanding the impact of AI on both offensive and defensive cyber operations, and improving the exchange of information among Government entities. Hear directly from top Government leaders and industry professionals as they discuss their perspectives and strategies for enhancing cybersecurity across all levels of Government and healthcare.

Stay connected with Carahsoft as we prepare for another great presence at this year’s event and stay tuned to our RSA Public Sector Day 2025 website for more information on our agenda.

AFCEA TechNet Cyber

May 6-8 | Baltimore, MD | In-Person Event

This flagship event will feature conversations led by national defense professionals, tech industry experts and academia partners discussing topics focused on policy, strategic architecture, C2 and joint capabilities. Explore global security challenges and solutions with IT professionals and learn about new ways to combat sophisticated cybersecurity threats.

Carahsoft’s pavilion will feature more than 50 partners showcasing a full range of cybersecurity, artificial intelligence, DevSecOps and cloud solutions. Fed Gov Today with Francis Rose will also be in the Carahsoft booth taping a broadcast TV episode showcasing Government and industry thought leaders at the event. In addition to our pavilion, Carahsoft will be hosting a networking reception on May 7 at Power Plant Live.

Educause Cybersecurity and Privacy Professionals Conference

May 19-21 | Baltimore, MD | In-Person Event

Student safety and security are consistently at the forefront of educator’s minds and discovering innovative and modern ways to ensure those basic requirements are met is imperative. This premier Educause forum connects you with higher education information security and privacy professionals to do just that. Attendees will have the chance to network and discuss the latest cybersecurity trends and current events with peers and solution providers to make a meaningful impact on their individual communities and the education sector as a whole.

Program tracks to look out for:

Privacy

Risk, Compliance and Policy

Awareness and Education

Technologies and Operations

Leadership and Professional Development

We are excited to confirm that we will be attending this year’s conference! Carahsoft has100+ vendors who are dedicated to supporting cybersecurity in education and we, along with our partners, are looking forward to connecting during this premier event. For updates, please email EDUMarketing@carahsoft.com

EDGE25 Security Summit

July 10-12 | San Diego, CA | Hybrid Event

The Government Business Executive Forum (GBEF) is hosting the annual EDGE25 Security Summit to join 400 senior security professionals across multiple industry sectors in three full days discussing the latest global and emerging security threats, strategies and technologies. This is an exclusive, invite-only, event for GBEF members, Government and Carahsoft partners. The summit’s highly interactive, off-the-record executive roundtable agenda offers attendees and participants the opportunity to make connections, share perspectives and speak candidly on technology and mission issues. Additional impactful multimedia presentations will be live and broadcast for virtual attendees, allowing for even more interaction and insight into the progression of world-wide security innovation.

As a Carahsoft partner, you will have the opportunity to join us at GBEF’s leading event, participate in engaging receptions and attend pre- and post-conference activities that encourage building professional relationships across the industry. Additionally, join us as Carahsoft will be sponsoring the welcome reception for attendees aboard the USS Midway on July 10!

SANS Government Security Solutions Forum

July 22 | Virtual Event

The SANS Institute stands on a mission of empowering cybersecurity professionals and honoring the highest standard in cybersecurity education to make the world a safer place. The Government Security Solutions Forum will delve into the latest trends in network protection, AI and cyber defense, supply chain, workforce development and more to help attendees understand how to combat modern threats effectively. At last year’s event, participants engaged with technology experts and listened to unique panel discussions with audience Q&As surrounding invaluable security initiatives across the Public Sector in areas such as Zero Trust implementation, achieving CMMC compliance and harnessing AI. Join us at this year’s event for all this and more!

Carahsoft looks forward to partnering with the SANS Institute for the fifth year in a row to bring this event to life. Carahsoft has over 800 employees focused on cybersecurity and partnerships with over 150 vendors. To learn more about the topics discussed at the forum and what to expect in July, read out highlights from last year’s event.

GovForward ATO and Cloud Security Summit

July 24 | In-Person Event

The GovForward ATO and Cloud Security Summit will be back for its 7^th year on Thursday, July 24, 2025, at the Waldorf Astoria in Washington D.C. The event will explore the Federal Risk and Authorization Management Program (FedRAMP) changes, and how advancements at the Federal level are impacting the broader Public Sector market.

With over 1000 registered attendees, more than 30 speakers and 10+ engaging sessions and panels at the 2024 event, Carahsoft is excited to join forces with Government Executive again in 2025 delivering even more valuable insights, expert discussions, and networking opportunities for attendees. View highlights from the 2024 event and check back soon for more information on joining us at the 2025 ATO and Cloud Security Summit.

Black Hat USA 2025

August 2-7 | Las Vegas, NV | In-Person Event

Returning to the Mandalay Bay Convention Center this year, the Black Hat USA 2025 program is packed with cybersecurity excellence in research, development and exploration of trends. Get involved with immersive and interactive trainings, live-in person sessions and demos, on-demand briefings, dynamic networking opportunities in the business hall, as well as the Black Hat Certified Pentester (BCPen) certification program. Join Carahsoft and uncover new ways to support your agency’s or organization’s cybersecurity mission.

This year, we are exploring the possibility of hosting a breakfast briefing tailored for the Public Sector—stay tuned for updates as plans develop! Additionally, we are excited to announce that we will be hosting a networking reception again this year, providing a great opportunity to connect with industry peers. Check out the events tab on our website for more details closer to the event!

Billington Cybersecurity Summit

September 9-12 | Washington, D.C. | In-Person Event

A long standing and experienced event, the Billington Cybersecurity Summit features an extensive array of cyber topics, speakers, sessions and interactive breakouts for attendees to truly immerse in the world of today’s emerging cybersecurity solutions and trends. In its 16th year running, this leading Government cybersecurity summit promises an exceptional line up of Government presenters, an invaluable leadership luncheon, an all-attendee networking reception and over 100 vendor booths featuring strategy development and technology demos.

For a sneak peek into what you can expect at the summit, topics covered during last year’s event included:

Zero Trust

Ransomware

Advancing cyber diplomacy

Learning how to use proactive defenses

Engineering AI into cybersecurity platforms

Implementing an effective risk management approach

Protecting critical infrastructure

Stay tuned to the website for announcements around the speaker lineup and further summit information.

StateRAMP Cyber Summit

October 2-3 | Chicago, IL | In-Person Event

Carahsoft is excited to be the presenting sponsor of the 2nd annual StateRAMP Cyber Summit this year. For Public and Private Sector leaders, this is the leading event to come together and examine today’s crucial cybersecurity, risk management and compliance topics.

Here is an overview of what attendees can expect this fall:

Future-focused insights on framework harmonization & AI

Best practices in supplier risk management & procurement

Real-world case studies from top cybersecurity leaders

Discussions on emerging technologies and their compliance impact

With over 350 registered attendees, more than 30 esteemed speakers and 10+ engaging sessions and panels, Carahsoft is honored to have been a presenting sponsor at last year’s inaugural summit. Check out highlights from the 2024 event and check back soon for more information on joining us at the 2025 StateRAMP Cyber Summit.

Carahsoft Cyber Leaders Exchange

October | Virtual Event

Presented by Carahsoft in collaboration with Federal News Network, The Cyber Leaders Exchange will dive into how the Government is building cyber resilience, including showcasing tips, tactics and tools to support your organization’s mission-critical cybersecurity efforts. Look forward to sessions about cybersecurity strategy-building, workforce challenges, AI within cybersecurity and informative speakers from trusted technology vendors as well as Government experts.

Stay tuned for event announcements and more information to be released. Curious about what to expect? Check out highlights from our 2024 Cyber Leaders Exchange. View the events tab on our website for more details closer to the event!

Previous Event Highlights:

Rocky Mountain Cyberspace Symposium

February 10-13 | Colorado Springs, CO | In-Person Event

Connecting people and ideas, RMCS25 is an annual forum for the tech industry, academia and Government to discuss and propose solutions to the challenges of cybersecurity, community cyber readiness and homeland defense facing our nation. The theme of this year was “Securing the Future: Cyber Capabilities, All-Domain Superiority, and Strategic Advantage.” This event explored how cyber capabilities and multi-domain strategies are pivotal in achieving and maintaining strategic advantage in the modern landscape.

Topics highlighted:

Innovation and Rapid Acquisitions

CJADC2 Strategic Opportunities

Modern Deterrence and Special Ops

Securing Space Through Cyberspace

AI Across the Spectrum of Operations

Posturing and Developing Forces

Carahsoft exhibited at the event hosting a small pavilion featuring demos from several of our partners and held a successful networking session at this year’s event!

While the Government and cybersecurity community face a great deal of change over the next year, join Carahsoft at one of these immersive events and be a part of modernization and finding solutions to today’s cyber challenges.

—

As technology and the Public Sector’s adoption of Cybersecurity tools advance, the topic remains at the forefront. Our partners are making significant strides in Cybersecurity, and you are invited to join the conversation. Attend these revolutionary events and help shape the future of cybersecurity.

Fal.con Gov

February 27, Washington, D.C., In-Person

Zscaler Public Sector Summit

March 24 – 25, Washington, D.C., In-Person Event

Okta Government Identity Summit

March 5, Washington, D.C., In-Person Event

Palo Alto Ignite

April 1, Tysons, VA, In-Person Event

F5 Public Sector Symposium

April 8 – 10, Tysons, VA, In-Person Event

AWS re:Inforce 2025

June 16 – 18, Philadelphia, PA, In-Person Event

To learn more or get involved in any of the above events please contact us at cybersecurity@carahsoft.com. For more information on Carahsoft and our industry leading Cyber technology partners’ events, visit our Cybersecurity solutions portfolio and Cybersecurity Events page. 

How AI Models are Advancing Weather Predictions and Forecasting

Posted on by Mike Adams

AI models have revolutionized weather forecasting, achieving levels of accuracy unimaginable just a few years ago. Today, a four-day forecast is as reliable as a one-day forecast was in the past, allowing meteorologists to predict weather further in advance with increased precision. This has practical benefits for everyday planning, like deciding whether to grill over the weekend or preparing for outdoor activities. More critically, improved forecasting is a game-changer for disaster preparedness in areas where timely and accurate predictions can save lives and reduce economic losses. Carahsoft, The Trusted Government IT Solutions Provider™, leads in AI innovation, addressing Government challenges and unlocking AI’s potential to accelerate operations. Partnering with top AI companies, Carahsoft delivers advanced, accurate weather models to support Government agencies.

The Power of AI and Data

Ground-level stations and satellite sensors generate a massive influx of information daily, which AI excels at processing. By analyzing real-time observations alongside decades of historical weather records, AI tools identify patterns and deliver accurate predictions. This capability is particularly valuable during extreme weather events.

Carahsoft AI Models Advancing Weather Forecasting Blog Embedded Image 2025

Innovative AI models like Google DeepMind’s GenCast push the boundaries of what is possible in forecasting. GenCast delivers highly detailed forecasts with a resolution of about 16 miles, capturing localized weather patterns often missed by traditional methods. In addition to precision, these models offer unprecedented speed, processing vast amounts of high-quality data in minutes. This efficiency empowers emergency responders and decision-makers to act with confidence, reducing the impact of extreme weather on communities.

The integration of AI into weather forecasting has also significantly enhanced disaster preparedness. AI enables more precise identification of regions of concern, helping meteorologists and emergency teams allocate resources more effectively and reduce unnecessary efforts elsewhere. This targeted approach ensures critical areas receive the attention they need, while also preventing burnout among professionals tasked with monitoring weather events.

Moreover, meteorologists are expanding their roles to include emergency management skills. By combining AI insights with a deep understanding of societal and infrastructure impacts, they ensure forecasts translate into actionable strategies that protect lives and property. The combination of AI’s processing power and human expertise enables more effective evacuations, resource alignment and response efforts.

Challenges and Sustainability in AI Operations

While AI offers transformative benefits, it also presents challenges. The risk of misinformation from AI-generated weather models or images remains a concern, as untrained individuals may spread false predictions, causing unnecessary panic. This places an additional burden on professionals to correct misinformation and redirect resources. Maintaining a “human-in-the-loop” is essential for all AI deployments, ensuring that expert oversight validates outputs and mitigates potential errors. Furthermore, improving model training to recognize complex atmospheric dynamics, such as interactions with continental systems that can alter hurricane paths, is essential to enhancing forecasting accuracy. Weather forecasting is uniquely suited for early AI adoption because it generates massive amounts of data and benefits from high-quality datasets provided by organizations like the National Weather Service and NASA, ensuring models are trained on reliable information.

Sustainability is another critical consideration. Data centers and AI facilities consume significant amounts of energy and water, often in regions susceptible to drought or extreme heat. Expanding such operations across multiple sites could strain local resources. A lack of water for cooling systems, coupled with increasing heat waves, poses risks to operations and the energy grid, potentially leading to rolling blackouts.

Infrastructure capable of withstanding extreme weather is crucial. Facilities like the Salesforce Tower in California exemplify climate-resilient design by incorporating renewable energy, black water recycling and the ability to export energy to the city during optimal periods. More facilities of this kind are needed—those that not only minimize environmental impact but also contribute positively to surrounding communities. Strategic planning for site locations and designs, informed by accurate climate data, will be essential for ensuring sustainability and resilience.

How Government Agencies are Preparing for the Future

As Government agencies embrace an AI-driven future, they are modernizing infrastructure, curating large datasets and upskilling their workforce to harness AI’s potential. These efforts go beyond technological enhancements, focusing on using AI to address critical challenges such as refining weather predictions and mitigating the impacts of extreme weather. By integrating AI into disaster preparedness and emergency management, agencies are building a more resilient framework that protects lives, safeguards jobs and fosters innovative solutions for future challenges.

How Carahsoft Can Help

Carahsoft works with a robust and growing ecosystem of thousands of IT solutions providers, including Google, NVIDIA and Microsoft, who have developed AI weather models that are predicting hurricane landfall faster and more accurately than traditional Numerical Weather Prediction (NWP) models. Carahsoft removes barriers around the AI adoption process by providing the infrastructure, data management and cybersecurity solutions required to safely and securely deploy innovative technology in your agency. As Government agencies continue to navigate the complexities of the modern landscape, Carahsoft’s AI partners stand ready to empower them with the tools and technologies needed to thrive in an era of unprecedented change.

Discover solutions tailored to your needs in Carahsoft’s Artificial Intelligence Solutions Portfolio and gain valuable insights with the AI Buyer’s Guide for Government.

Why Now is the Time for Government Agencies to Switch to Jira Service Management

Posted on by Will Scheffe

The demands on government agencies are increasing. Citizens expect faster, more efficient services, and agencies are under pressure to modernize their operations and reduce costs. At the same time, legacy IT service management (ITSM) systems are struggling to keep up with the demands of the digital age.

That’s why now is the time for government agencies to switch to Jira Service Management (JSM). JSM is a modern, flexible, and cost-effective ITSM solution that can help agencies improve their service delivery, increase efficiency, and save money.

The Complete ITSM Solution for Government: Cost-Effective, User-Friendly, and Secure

Here are just a few of the reasons why JSM is the right choice for government agencies:

Cost-effective: A Forrester Total Economic Impact™ (TEI) study found that organizations using Jira Service Management realized a 277% ROI over three years, with a payback period of less than six months. The study also found that JSM can help organizations save $2.1 million by retiring their previous service management solution. JSM is more affordable than legacy ITSM solutions like ServiceNow, which can be complex and require expensive add-ons. JSM’s transparent pricing model means you’ll know exactly what you’re paying for, with no hidden fees or gotchas.
Easy to use: JSM is user-friendly and easy to implement, even for non-technical users. Your team can be up and running quickly, without the need for extensive training.
Flexible: JSM can be customized to meet the specific needs of your agency. You can easily create new workflows, add new features, and integrate with other systems.
Scalable: JSM can grow with your agency. Whether you’re a small team or a large organization, JSM can handle your needs.
Secure: JSM is a secure platform that meets the stringent requirements of government agencies.

The Complete Solution for Modern Government: JSM’s Feature-Rich Platform

JSM also offers several features that are particularly beneficial for government agencies, such as:

Collaboration: JSM’s unified platform allows for seamless collaboration between IT teams and other business units. This can help to improve communication and coordination and speed up service delivery.
Citizen Service Desk: JSM’s Citizen Service Desk provides a user-friendly portal for citizens to submit requests and track their progress. This can help to improve citizen satisfaction and engagement.
ITIL Compliance: JSM is fully compliant with the ITIL framework, the industry standard for ITSM best practices. This can help agencies to improve their IT service management processes.

Ensure Mission Success: Secure Your Agency’s Future with JSM

In addition to the benefits listed above, switching to JSM can also help government agencies to:

Future-proof their IT infrastructure: JSM is a cloud-based solution that is always up to date. This means you’ll always have access to the latest features and security updates.
Improve their agility: JSM’s flexible and scalable platform can help agencies to adapt to change quickly and easily.
Reduce their total cost of ownership: JSM can help agencies save money on IT costs by reducing the need for expensive hardware and software.

The Future of Government Service Delivery is Here: Embrace it with JSM

The time for government agencies to embrace the future of IT service management is now. Legacy systems are no longer sufficient in meeting the evolving needs of citizens and the demands of a rapidly changing technological landscape. Jira Service Management offers a compelling solution to these challenges, providing a modern, flexible, and cost-effective platform for enhanced service delivery.

By switching to JSM, government agencies can unlock a world of possibilities:

Enhanced Citizen Service Delivery: Empower your team to deliver exceptional service faster and more efficiently, improving citizen satisfaction and engagement.

Reduced Costs: Streamline processes, automate tasks, and unlock trapped resources, resulting in significant cost savings.

Improved User Experience: Cultivate a user-friendly service environment that fosters collaboration and satisfaction for both internal teams and citizens.

Future-proof your agency: Ensure your technology can adapt to evolving needs and scale alongside your growth.

Don’t let your agency fall behind. Embrace the future of ITSM with Jira Service Management. Contact Oxalis today to embark on your journey towards a brighter, more agile, and citizen-centric future. Our team of experts will guide you every step of the way, ensuring a smooth transition and unlocking the full potential of JSM for your agency.

Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, including Atlassian, we deliver solutions for Geospatial, Cybersecurity, MultiCloud, DevSecOps, Artificial Intelligence, Customer Experience and Engagement, Open Source and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Explore the Carahsoft Blog to learn more about the latest trends in Government technology markets and solutions, as well as Carahsoft’s ecosystem of partner thought-leaders.

Governing Identity Attributes in a Contextual and Dynamic Access Control Environment

Posted on by Frank Briguglio

In the rapidly evolving landscape of cybersecurity, federal agencies, the Department of Defense (DoD), and critical infrastructure sectors face unique challenges in governing identity attributes within dynamic and contextual access control environments. The Department of Defense Instruction 8520.04, Identity Authentication for Information Systems, underscores the importance of identity governance in establishing trust and managing access across DoD systems. In parallel, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency (DHS CISA) guidance and the National Institute of Standards and Technology (NIST) frameworks further emphasize the critical need for secure and adaptive access controls in safeguarding critical infrastructure and federal systems.

This article examines the governance of identity attributes in this complex environment, linking these practices to Attribute-Based Access Control (ABAC) and Role-Based Access Control (RBAC) models. It highlights how adherence to DoD 8520.04, CISA’s Zero Trust Maturity Model, and NIST guidelines enable organizations to maintain the accuracy, security, and provenance of identity attributes. These efforts are particularly crucial for critical infrastructure, where the ability to dynamically evaluate and protect access can prevent disruptions to essential services and minimize security risks. By integrating these principles, organizations not only achieve regulatory compliance but also strengthen their defense against evolving threats, ensuring the resilience of national security systems and vital infrastructure.

SailPoint Governing Identity Attributes Blog Embedded Image 2025

Importance of Governing Identity Attributes

Dynamic Access Control

In a dynamic access control environment (Zero Trust), access decisions are made based on real-time evaluation of identity attributes and contextual information. Identity governance plays a pivotal role in ensuring that these attributes are accurate, up-to-date, and relevant. Effective identity governance facilitates:

Real-time Access Decisions: By maintaining a comprehensive and current view of identity attributes, organizations can make informed and timely access decisions, ensuring that users have appropriate access rights based on their roles, responsibilities, and the context of their access request.
Adaptive Security: Identity governance enables adaptive security measures that can dynamically adjust access controls in response to changing risk levels, user behaviors, and environmental conditions.

Attribute Provenance

Attribute provenance refers to the history and origin of identity attributes. Understanding the provenance of attributes is critical for ensuring their reliability and trustworthiness. Identity governance supports attribute provenance by:

Tracking Attribute Sources: Implementing mechanisms to track the origins of identity attributes, including the systems and processes involved in their creation and modification.
Ensuring Data Integrity: Establishing validation and verification processes to ensure the integrity and accuracy of identity attributes over time.

Attribute Protection

Protecting identity attributes from unauthorized access, alteration, or misuse is fundamental to maintaining a secure access control environment. Identity governance enhances attribute protection through:

Access Controls: Implementing stringent access controls to limit who can view, modify, or manage identity attributes.
Encryption and Masking: Utilizing encryption and data masking techniques to protect sensitive identity attributes both at rest and in transit.
Monitoring and Auditing: Continuously monitoring and auditing access to identity attributes to detect and respond to any suspicious activities or policy violations.

Attribute Effectiveness

The effectiveness of identity attributes in supporting access control decisions is contingent upon their relevance, accuracy, and granularity. Identity governance ensures attribute effectiveness by:

Regular Reviews and Updates: Conducting periodic reviews and updates of identity attributes to align with evolving business needs, regulatory requirements, and security policies.
Feedback Mechanisms: Establishing feedback mechanisms to assess the effectiveness of identity attributes in real-world access control scenarios and make necessary adjustments.

Risks Associated with ABAC and RBAC

ABAC Risks

ABAC relies on the evaluation of attributes to make access control decisions. While ABAC offers flexibility and granularity, it also presents several risks:

Complexity: The complexity of managing a large number of attributes and policies can lead to misconfigurations and errors, potentially resulting in unauthorized access or access denials.
Scalability: As the number of attributes and policies grows, the scalability of the ABAC system can be challenged, affecting performance and responsiveness.
Attribute Quality: The effectiveness of ABAC is heavily dependent on the quality of the attributes. Inaccurate, outdated, or incomplete attributes can compromise access control decisions.

RBAC Risks

RBAC assigns access rights based on predefined roles. While RBAC simplifies access management, it also has inherent risks:

Role Explosion: The proliferation of roles to accommodate varying access needs can lead to role explosion, complicating role management and increasing administrative overhead.
Stale Roles: Over time, roles may become stale or misaligned with current job functions, leading to over-privileged or under-privileged access.
Inflexibility: RBAC may lack the flexibility to handle dynamic and context-specific access requirements, limiting its effectiveness in modern, agile environments.

Importance to a Zero Trust Model

The Zero Trust model is predicated on the principle of “never trust, always verify,” emphasizing continuous verification of identity and context for access decisions. Governing identity attributes is integral to the Zero Trust model for several reasons:

Continuous Verification: Accurate and reliable identity attributes are essential for continuous verification processes that dynamically assess access requests in real-time.
Context-Aware Security: By governing identity attributes, organizations can implement context-aware security measures that consider a wide range of factors, including user behavior, device health, and network conditions.
Minimizing Attack Surface: Effective governance of identity attributes helps minimize the attack surface by ensuring that access rights are tightly controlled and aligned with current security policies and threat landscapes.

Governing identity attributes is a cornerstone of modern access control strategies, particularly within the dynamic and contextual environments that characterize today’s IT ecosystems. By supporting dynamic access, ensuring attribute provenance, protection, and effectiveness, and addressing the risks associated with ABAC and RBAC, identity governance enhances the security and efficiency of access control mechanisms. In the context of a Zero Trust model, the rigorous governance of identity attributes is indispensable for maintaining robust and adaptive security postures, ultimately contributing to the resilience and integrity of organizational systems and data.

To learn more about SailPoint’s cybersecurity capabilities and how it can support mission-critical DoD initiatives, view our technology solutions portfolio. Additionally, check out our other blog highlighting the latest insights into “The Role of Identity Governance in the Implementation of DoD Instruction 8520.04”.

Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, including SailPoint, we deliver solutions for Geospatial, Cybersecurity, MultiCloud, DevSecOps, Artificial Intelligence, Customer Experience and Engagement, Open Source and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Explore the Carahsoft Blog to learn more about the latest trends in Government technology markets and solutions, as well as Carahsoft’s ecosystem of partner thought-leaders.

The Bots Are Here

How do we prevent this problem from evolving from merely headline-grabbing to system-crippling?

What is the National Defense Authorization Act?

Authority to Operate

FY2025 NATIONAL DEFENSE AUTHORIZATION ACT (NDAA) SEC. 1522.

1. Artificial Intelligence (AI) in the U.S. Navy

2. Red Teaming to Improve Cybersecurity

3. The Importance of Maritime Trade to Cybersecurity

4. DISA’s New Cloud-Based Mission Partner Environment

5. Business Initiatives

6. Renewing Technology

7. IT at the Center of the Workforce

8. Improving Productivity by Decreasing Troubleshooting

9. Compliance is No Longer Enough

10. DevSecOps Products that Improve Marine Corps Productivity

The New CMMC Rule

Gaining CMMC Compliance

Changes to the Contracting World

How Carahsoft Can Help

Federal Experience Summit

CX Workshop 2025

GovForward ATO and Cloud Security Summit

StateRAMP Cyber Summit

Carahsoft Cyber Leaders Exchange

Previous Event Highlights:

The Power of AI and Data

Challenges and Sustainability in AI Operations

How Government Agencies are Preparing for the Future

How Carahsoft Can Help

The Complete ITSM Solution for Government: Cost-Effective, User-Friendly, and Secure

The Complete Solution for Modern Government: JSM’s Feature-Rich Platform

Ensure Mission Success: Secure Your Agency’s Future with JSM

The Future of Government Service Delivery is Here: Embrace it with JSM

Importance of Governing Identity Attributes

Risks Associated with ABAC and RBAC

Importance to a Zero Trust Model

The New CMMC Rule