Tag Archives: Cyber Workforce Development

Culture as a Catalyst: How Internal Culture Drives External Impact 

Posted on by
Reply

At the 2025 Customer Experience (CX) and Engagement Summit, thought-leaders and Government officials from the U.S. Department of Health and Human Services (HHS), the U.S. Air Force, GovExec and more discussed the many ways Government agencies can use company culture and technology to build trust and reach customers. 

Carahsoft and our partners are committed to helping agencies find the right technology for their CX solutions. 

People, not Products 

Customers have come to expect seamless, digital-first experiences in service delivery. In the session “Creating a Customer-First Culture,” Dwight Chamberlain, the Area Vice President at Docusign, and Marcy Katz Jacobs, the Chief Digital Experience Officer for the State of Maryland, attest that Government can close current service gaps by reframing business models to prioritize people, not products. Traditionally, Government modernization efforts have prioritized systems and software over service design. By addressing communication barriers instead, teams can identify service gaps and engage more effectively with customers.  

Fragmentation is another barrier to exemplary service. “It’s our job to connect the dots behind the scenes,” Jacobs states. “Showing teams that their silo is part of a bigger picture helps them align around a common mission.” Maryland’s new analytics platform, Analytics.Maryland.Gov, is one tool Jacobs’ team is using to better understand public demand and find a unified goal. It tracks critical data, such as where people are going on state websites, how long they are staying and where they drop off, which helps determine which services to focus improvement efforts on. “We have so many ways to listen — emails, phone calls, escalations, bad form data — but we haven’t been using that feedback to inform what we fix next,” Jacobs shares. “Now we are.”  The combination of user data, internal feedback and data analysis enable Maryland to go beyond digitizing Government, humanizing services to be more intuitive, transparent and trusted. 

Driving Transformation through Service Delivery 

While new technology is vital to achieving maximized efficiency, technology alone cannot drive transformation. In the session “The Employee Experience: A Foundation for CX,” speakers Colt Whitall, the former Chief Experience Officer of the U.S. Air Force and founder of Bravo 17, and Karl Hermann, solutions engineering manager for State, Local and Education (SLED) and Federal Government at Zoom, discussed how meaningful change comes from connecting internal experience with mission outcomes. Hermann attests that technology should work for its users, not the other way around. In the rush to modernize, the day-to-day reality of user experience can be easily overlooked. Hermann watches employees juggle several different tools for business operations. By consolidating these tools into one platform, he found that agencies can reduce confusion, boost productivity and make services more accessible. 

Whitall explained that when internal tools fail, service delivery comes to a halt as well. Whitall encouraged his team to shift their mindset to treat technology issues like product issues. They created a ‘Voice of the Customer’ program that monitors digital experience and collects data on performance and user perception. “That way, we can start to ascertain where service levels are impacting the mission and where they’re impacting productivity,” Whitall explains. By mapping technical pain points to real-world productivity loss, agencies can make the business case for faster technology replacements, better support and smarter investments. 

 
Improving Workflows with Cross-Agency Communication


In the session “Overcoming Organizational Silos,” speakers Alana M. Burman, the Director of Policy, Intergovernmental Affairs & Mediation at the Pennsylvania Human Relations Commission, and Jamison Bruan, the Vice President of the Global Public Sector at Salesforce, discussed overcoming silos to service delivery. Today’s infrastructure creates silos that lead to communication and service gaps. “Communication should have no hierarchy. Everyone in the organization needs information at the speed of relevance,” Braun says. Shifting policy to support cross-departmental communication is the key to encouraging staff to take a more collaborative role, ultimately improving agency efficiency. Technology can also aid in unifying Government agencies by enabling the quick and efficient sharing of information across departments. Juggling multiple systems can lead to confusion and slower workflows, while one technology platform with omnichannel capabilities allows employees to effectively communicate, collaborate and document. Burman concludes that such systems are “revolutionary to the way that Government works and the way we think about how our public interacts with Government.” 
 

The Top 6 Leadership Qualities for Success 

At the session “Harnessing Your Inner Leader: Empowering a CX Culture,” speakers Avery Muse, the Sr. Founder and CEO of the Muse Group, as well as the Former Executive Director of the Office of IT Operations at the HHS, Amanda Chavez, the Vice President of CX at Qualtrics, and Anna Pettyjohn, the EVP of Product and Strategy at GovExec, discussed the best leadership qualities. 

Here are their top 6: 

  1. Leadership begins with initiative, not a title. 

Leadership is not limited to executives or managers. Rather, a leader is one that acts to drive change when they see a need.  

  1. Curiosity and authenticity 

Curiosity shapes the way leaders build relationships, solve problems and bring others into CX work. Rather than emulating others, leaders should build on their own authentic, unique strengths.  

  1. Small ideas scale faster with the right community 

Change begins by working with passionate, knowledgeable people who can uplift teams. For some communities, agencies will need to use non-traditional methods to gather feedback, to ensure they are meeting the holistic needs of their customer base. 

  1. Measure the experience, not just the output 

Meaningful metrics, such as employee productivity and complete resolution of support issues, help measure how well a service works. 

  1. The language of CX is evolving 

As the Government invests in new CX initiatives, leaders must also rethink the terminology itself. Customers expand beyond the public, including employees and internal stakeholders. With a clear definition, agencies can target solutions towards an inclusive customer base. 

  1. The future is ‘total experience’ 

When agencies lose time on outdated systems, they lose opportunities to connect with and serve the public. Muse recommends agencies rebuild for what he calls a “total experience,” a strategy that aims to connect Government services, employee strategy and customer desires. With the combination of relevant technology and a strategy-based, unified plan, agencies can reach their maximum potential. 

 
Ultimately, by unifying technology, CX-focused leadership and service delivery, agencies can enhance their services while fostering trust and inclusion with the customers they serve. 
 

To learn more about the topics discussed at the 2025 CX & Engagement Summit, view the session recordings, on-demand. To learn more about the technologies that can help meet your agency’s mission statement, take our Carahsoft’s CX Buyer’s Guide Quiz, or visit our CX and engagement solutions portfolio.   

Unified Security Readiness During the Election Season

Posted on by
Reply

Elections are the backbone of American democracy. Every vote counts, and agencies can help protect the integrity of voting by solidifying IT security. Keeping hardware and software updated is vital for successful cybersecurity. Through proper training and inter-organization communication, security industry leaders and Government agencies can help raise awareness on election-related issues.

Cyber Threat Landscape and Security Challenges in Modern Elections

By taking advantage of interest in elections, bad actors use common and highly trafficked websites to distribute remote access tools, allowing them to exfiltrate massive amounts of data. Traffic distribution system (TDS)—which are utilized to target ads to users, their search history and their location—are used by bad actors to push pop-up ads that prompt users to update their computer system or software. These pop-ups, hidden in TDSs, install ransomware and malware on the user’s device when clicked, making them difficult to find and fix. There is an uptick in these non-stop, ubiquitous attacks every election cycle. Bad actors target users that visit websites to stay updated on election news through pop-ups, phishing, web browser alerts and website subscriptions. All these methods lead users to socially engineered, compromised websites. However, agencies can prevent cybersecurity attacks at the office and at home by administering relevant security awareness training as part of a Human Risk Management Program.

Optimize Company Training on Security Awareness

ProofPoint Election Security Blog Embedded Image 2024

Employees trust their organization as a valuable source of security information. Therefore, it is important that agencies communicate training and awareness effectively to all users. Some anti-phishing modules rely on realignment methods such as enrolling employees for anti-phishing training after they are misled by these kinds of threats. This can create an environment where employees question whether to alert IT when they click on false updates or phishing scams. Instead, agencies can focus on promoting positive behaviors such as congratulating employees who report phishing attempts, small bite sized trainings, and focused awareness campaigns around threats in the landscape. Here are several ways agencies can support their employees in learning and implementing security best practices during this election season:

Focus on real-time awareness: Agencies should prioritize keeping employees up to date on live threats. Traditionally, users were encouraged to keep systems up-to-date by accepting update notices.  Now, to keep systems up-to-date while simultaneously discouraging pop-up clicks,

Contextualize email warning tags (EWTs): Emails are a great way to communicate awareness surrounding popular hacking methods. Including banners or visual cues, such as color themes, can help employees recognize company emails, giving them pause when faced with phishing threats. During election cycles, newsletters should focus on deepfakes and their effect on elections.

Utilize modules on demand: People trust their tech company or Government agency’s knowledge more than the news. Security awareness modules, training modules and weekly reminders can all help raise awareness among employees. By allowing users to access education modules at their own pace, agencies can pass on valuable knowledge in a way that is pressure and judgement free.

Focus on relevant topics: Modules should be relevant to employees. For example, training modules should be specific to each user’s job role. Short, one-to-two-minute targeted modules that hold the viewer’s attention can be more valuable than long, untargeted modules. During election cycles, the best modules cover election security, fake updates and safe browsing habits.

Teach at the trainee’s level: Agencies should meet employees at their level. Training should be tailored differently for users who may have more experience using the internet on a regular basis and users who did not have internet as a daily part of their education. Agencies must communicate with employees on security strategies, especially those with higher permission access.

Through all these methods, agencies should focus on the good, positively reinforcing employees and building trust between the individual and their organization. 

Transform Company Culture Through Transparent, Unified Security

Focus on the Why: To protect from fake updates and phishing scams, organizations can implement training and assessment strategies into their work culture. Transparency is key: by explaining the purpose of phishing simulations, employers can get employees on board with cybersecurity training. Agencies can use realistic, election-themed phishing simulations during module assessments, which work best in real-time scenarios rather than during training. By monitoring results, agencies can gauge whether users are adequately equipped with the knowledge to report threats within simulations.

Encourage Feedback and Build Trust: By checking in with users after training modules and simulations, agencies can ensure the training has resonated with users, as well as ensuring users do not view trainings as punitive action. The most important part to training simulations is that employees report phishing or pop-up scams to their organization, regardless of if they clicked on them or not. Trainers and leadership teams should use positive reinforcement as corrective behavior to encourage employees to better understand modern scams and how to spot them. It is important to establish that the employee is not in trouble, lest they feel that they cannot report future scams to the organization. Instead, training administrators should build conversations around the reason for clicking. Whether or not the employee was in a hurry, if they had specific training, if they need help or if scams were fallen for at a particular time of day are all valuable information points for preventing future oversights.

Creating a Security Culture: Visual aids placed in common areas are also a valuable learning reinforcement because repetition can help employees remember the most important details surrounding security. Common-sense posters and announcements can be placed in elevators, breakrooms and even on the back of bathroom stall doors. Additionally, agencies should administer regular updates and ongoing education through newsletters, and programming should be consistent and personable. Agencies can:

  1. Send reminders
  2. Share real-world examples
  3. Encourage discussion
  4. Provide easy action items (such as restarting computers daily)
  5. Provide resources for learning and reporting

Unity is key to transforming organizations’ culture, creating awareness around digital hygiene and cybersecurity. Ultimately, repetition, consistency and discussion can help users stay safe and protect the organization from phishing, pop-up scams and other cybersecurity related risks during the election cycle.

To learn more about election security readiness, visit Proofpoint and Carahsoft’s webinar, Navigating the Cyber Threat Landscape: Election Scams. To learn more about Proofpoint’s Human Risk Reduction Solutions, please visit their website. Check out Proofpoint and Carahsofts’ past webinars into the cyber threat landscape.

The 10 Cybersecurity Events for Government in 2024

Posted on by
Reply

In the fast-paced world of Cybersecurity, staying ahead of evolving threats and industry trends is paramount for Government agencies and the ecosystem that supports them. From in-depth discussions on certification processes to cutting-edge solutions for modern cyber threats, Carahsoft and our partners’ cybersecurity events promise to provide valuable insights, networking opportunities and practical strategies for enhancing Government cybersecurity posture.  
 
Join us as we delve into cybersecurity excellence and empower Government entities to navigate the digital landscape with confidence and resilience. 

Public Sector Day at RSA Conference 

May 6 | San Francisco, CA 

Attendees joined us for our 11th Annual Public Sector Day event at RSA Conference. They heard from pioneering figures in Government as they shared their perspectives on the forefront cybersecurity challenges facing the Public Sector. As cyber threats continue to challenge all levels of Government, attendees learned how Government and industry are working together to protect communities at all levels from ransomware, thefts of data, election security challenges and attacks on critical infrastructure. Carahsoft was proud to host this event for our 11th year. We will be back in 2025 in San Francisco and hope to see you there! Access our podcast series for a recap of the sessions and discover how to protect your organization’s sensitive information by leveraging compliant cloud authentication services.  

AFCEA TechNet Cyber 2024 

June 25-27 | Baltimore, MD 

A flagship event, AFCEA’s TechNet Cyber serves as a center of gravity for a whole-of-government effort to bring together the policy, strategic architecture, operations and C2 – along with the joint capabilities – needed to meet the global security challenges and successfully operate in a digital environment. Join us in Baltimore and be part of the conversation led by U.S. Cyber Command, DISA, the DoD CIO and numerous industry and academia partners to deliver solutions for this enduring, no-fail mission. Carahsoft will host a pavilion on the exhibit floor that features more than 50 of our technology partners showcasing a range of cybersecurity solutions. Visit our website for more information! 

2024 SANS Government Solutions Forum  

July 25 | Online 

Government agencies face a continuing stream of legislative, executive and oversight recommendations, constantly keeping teams and technologies on their toes. This SANS Government Security Forum equips Public Sector cybersecurity teams with the essential knowledge to address these challenges and modern threats head-on. Carahsoft has partnered with SANS to host this event for our third year in a row. Hear from Government and industry leaders on the latest in cybersecurity. 

DOE Cybersecurity and Innovation Conference 

July 29 – August 1 | Dallas, TX 

Carahsoft is proud to be a sponsor of the DOE Cybersecurity and Innovation Conference. This event will explore the developments and challenges in cybersecurity, technology innovation, workforce development, and critical infrastructure protection. Speakers and attendees will include top thought leaders from across the DOE enterprise, the federal interagency, academia, international partners, and private industry leaders for thoughtful conversations about cybersecurity, modernizing IT and OT environments and solutions, sharing tools, data management, technology, and best practices with the energy industry, and developing technical solutions to meet national challenges. 

Carahsoft will have a booth on the exhibit floor that features and handful of our technology partners showcasing a range of cybersecurity solutions. We will also host a networking happy hour on July 30th from 7:30 – 9:30 pm CST. Stay tuned for more information! 

Black Hat USA 2024 

August 3-8 | Las Vegas, NV 

Now in its 27th year, Black Hat USA returns to the Mandalay Bay Convention Center in Las Vegas with a six-day program. The event will open with four days of specialized cybersecurity trainings with courses for all skill levels. The two-day main conference (August 7-8) will feature more than 100 selected briefings, dozens of open source tool demos in Arsenal, a robust Business Hall, networking and social events and much more.  
 
Carahsoft is pleased to host a networking reception for our vendor partners and their customers. Join us for food, drinks and networking!  

Billington CyberSecurity Summit 2024 

September 3-6 | Washington, D.C. 

Join over 2,500 attendees and 200+ top speakers participating in more than 40 sessions and breakouts at the leading Government cybersecurity summit. Hear from speakers with years of experience in mitigating cyber threats, offering valuable insights. Government, military, nonprofit, academia and industry thought leaders will present major cyber trends and discuss solutions for current field issues. Carahsoft and more than 50 partners will showcase a full range of cybersecurity solutions in our partner pavilion on the show floor. Register Now

The National Cyber Summit 

September 24-26 | Huntsville, AL 

National Cyber Summit is the nation’s most innovative cybersecurity technology event, offering unique educational, collaborative and workforce development opportunities for industry visionaries and rising leaders. NCS offers a cyber conference with diverse focus-areas, premier speakers and unmatched accessibility focused on education, collaboration and innovation.  
 
Visit Carahsoft at our booth on the show floor and explore our CMMC Solutions Showcase. 

Carahsoft Cyber Leaders Exchange 

October 1-2 | Online 

Discover how agencies are leading the way as the Government “fundamentally re-imagines America’s cyber social construct”. During this exclusive two-day virtual event, Federal News Network and Carahsoft will sit down with cyber leaders and experts to dive deep into efforts across Government to bring the White House vision to life and strengthen Federal cyber capabilities. Tune in for multiple sessions featuring some of our leading technology partners.   

Innovate Cybersecurity Summit 

October 6-8 | Scottsdale, AZ 

Powered by the collective knowledge of cybersecurity executives, practitioners and cutting-edge solution providers, Innovate Cybersecurity Summit is the premier resource for CISO education and collaboration. The Reverse Expo, a featured session, is a highly interactive engagement model and a refreshing way for technology vendors to meet with attendees. Carahsoft is a premier sponsor of the event and will have a partner pavilion featuring some of our leading cybersecurity partners as well as networking events throughout the summit. 

Carahsoft Cybersmart Series: State and Local Government 

November 7 | Austin, TX  

Carahsoft has partnered with FedInsider for a series highlighting and discussing topics on cyber in Government. Join us to hear cyber experts in State and Local organizations discuss the latest cybersecurity threats to the Public Sector and what steps State and Local agencies are taking to protect against them. This year’s half-day event focuses on how the release of AI into the broader computing environment is affecting cybersecurity strategies across the Public Sector. Collaborate with peers, thought leaders and key partners in Austin or watch the panel discussions online in a follow-up webinar!  

Do not miss out on the opportunity to engage with industry experts, explore innovative solutions and network with like-minded professionals at our 2024 events. Secure your spot today and take proactive steps towards safeguarding your organization’s critical assets in an ever-evolving cyber landscape. Together, let us strengthen our cybersecurity defenses and pave the way for a more resilient Government cybersecurity ecosystem.  

To learn more or get involved in any of the above events please contact us at CyberSecurity@carahsoft.com. For more information on Carahsoft and our industry leading Cybersecurity technology partners’ events, visit our Cybersecurity Solutions Portfolio and Cyber Events page

People Plus Technology: Building a Resilient Federal Cyber Workforce

Posted on by
Reply

Filling cyber jobs in Federal agencies is complicated – it requires competing with industry salaries, retaining existing talent and navigating the Federal hiring process. It’s a far-reaching challenge that affects every agency – the administration knows that, the Office of Personnel Management knows that, and agency technology and human resources leaders know that. And federal C suite leaders realize how the government recruits, hires and retains people for cyber jobs has to change. In partnership with FNN, our Federal Cyber Workforce guide takes a look at what the government is doing to tackle this problem on a sweeping federal level and also on a more agency-specific level. We also get industry perspective on the technologies that affect cyber workforce resiliency. We hope it provides some guidance and help as your agency works to beef up its cybersecurity, both through investments in people and technology.

 

Carahsoft IIG FNN July Cyber Workforce Blog Embedded Image 20233 Key Rallying Points for a Resilient Cybersecurity Team

“Agencies are currently operating in a high-threat environment, but that doesn’t mean they can’t implement a reasonable amount of information assurance. It may not be perfect, but it doesn’t have to be. The idea is to make it so that adversaries have to work extremely hard to penetrate the infrastructure. The adversaries are good, but agencies can be better with a resilient cybersecurity team, said Mark Bowling, chief risk, security and information security officer for ExtraHop. The key to achieving this is to have a risk reduction perspective.”

Read more insights from Mark Bowling, Chief Risk, Security and Information Security Officer at ExtraHop.

 

Do not Wait for a Breach: Why to Adopt Proactive Approach to Cyber Resilience

“When most people talk about cyber resilience, they’re referring to post-breach recovery — the means, methods and speed with which an organization can get its systems and services back online after a cyber incident. But Felipe Fernandez, federal chief technology officer at Fortinet, views resiliency more holistically. His advice? Agencies need to take a proactive stance on cyber resilience and include not only recovery from breaches but also when their planning for non-malicious threats and other operational disruptions, including those associated with cloud-based services.”

Read more insights from Felipe Fernandez, Federal Chief Technology Officer at Fortinet.

 

Proactively Improve Digital Employee Experience Though Automation

“Digital modernization and the adoption of collaboration tools is supposed to make work easier, especially in a hybrid environment. Employees want the flexibility to be productive in whatever manner best suits them. Unresolved technology issues can impede productivity. In its latest survey of industry employees and IT professionals, Ivanti found that 49% of employees are frustrated with the tools they use and 26% are considering leaving their jobs because of that. Employee experience is a top priority in government right now, and employees are internal customers of an agency’s IT services. By improving their experience your agency can realize gains in productivity and retention.”

Read more insights from Mareike Fondufe, Product Marketing Director at Ivanti.

 

Download the full Expert Edition for more insights from these cyber workforce leaders and additional government interviews, historical perspectives and industry research.