Tag Archives: Cybersecurity

Adobe Express: The Content Creation Powerhouse

Posted on by
Reply

Adobe Max 2023 has finally arrived, and with it came a slew of intuitive new features and software options. As expected, Adobe’s primary focus this year was on its powerful AI innovations and tools. Unexpectedly however, Adobe Express, an application which previously was focused on social media content creation has received an enormous upgrade. So, let’s talk about these exciting new features and why it’s exciting for the government space.

Adobe Express is a powerful software suite that has gained significant traction in various industries for its user-friendly interface and versatile tools. While it’s widely known for its applications in creative fields such as graphic design, marketing, and content creation, its potential in the government space remains largely untapped and yet to be fully realized. Its adaptability and diverse functionalities make it an asset for government agencies seeking efficient solutions for their content related projects.

One of the primary advantages of Adobe Express in the government sector is its ability to streamline communication. The software allows for the creation of visually engaging documents, presentations, and reports, enabling agencies to convey complex information in a more digestible and visually appealing manner. Whether it’s producing internal reports or communicating with the public, the software’s intuitive design tools aid in crafting impactful visual content, enhancing the effectiveness of government messages.

Adobe Express Content Creation Blog Embedded Image 2023

Furthermore, Adobe Express’s compatibility with various file formats ensures seamless integration with existing government systems. This feature is pivotal in maintaining consistency and compatibility across different departments and agencies, facilitating the exchange of information and collaboration between various governmental bodies. It promotes a standardized approach to document creation, reducing compatibility issues and simplifying the sharing of information.

Data security and compliance are of utmost importance in the government sector, and Adobe Express offers robust security features to ensure the protection of sensitive information. With encryption, user authentication, and secure cloud storage options, the software provides a level of security essential for government use.

Another aspect worth highlighting is the software’s ability to handle a wide variety of tasks within government operations. From creating visually rich training materials for employees to designing public awareness campaigns, Adobe Express caters to a wide range of needs. Its features enable the development of interactive forms, streamlined workflows, and the creation of accessible content, ensuring inclusivity within government initiatives.

In addition, the software’s capacity for analytics and data visualization aids in the communication and presentation of complex information. This capability is invaluable in governmental decision-making processes, enabling officials to comprehend data more effectively and communicate insights to stakeholders and the public.

The use of Adobe Express can also lead to cost and time efficiencies within government departments. The software’s user-friendly interface reduces the need for extensive training, allowing employees to quickly grasp its functionalities. Its cloud-based solutions minimize the need for extensive physical infrastructure, reducing costs related to storage and maintenance.

As the digital landscape continues to evolve, the implementation of Adobe Express in government operations becomes increasingly relevant. However, its adoption may require tailored training programs and guidelines to ensure its optimal use and adherence to government protocols and standards.

In conclusion, Adobe Express offers a variety of tools and features that can significantly benefit government agencies. From enhancing communication and data security to fostering efficiency and innovation, its application in the government space holds immense potential, paving the way for more effective and visually compelling government initiatives.

Contact our team today to learn more about the latest trends discussed at Adobe MAX 2023 and how Carahsoft’s Adobe experts can support your organization.

Transforming State and Local Government in Ohio Through Technology

Posted on by
Reply

Innovation and collaboration are imperative to drive growth and transformation in State and Local Governments, as well as the need to invest in education and training to prepare the workforce for the jobs of the future. At the Carahsoft Digital Transformation Roadshow in Columbus, Ohio, Government IT and industry leaders engaged in dynamic discussions around the role of technology in shaping the modernization of the state of Ohio and beyond.

Technology Innovation in State and Local Government

Ohio State and Local agencies have begun to integrate innovative technologies to drive better decision-making while lowering the cost of ownership for IT systems; however, this requires significant investment in infrastructure, training and talent acquisition. Agencies must also ensure cybersecurity and risk management, as the use of new technology can create new vulnerabilities. There is a critical need for education, collaboration and innovation as State and Local agencies reimagine the future workforce which is an ever evolving complex and diverse ecosystem.

When faced with implementing technologies like artificial intelligence (AI), internet of things (IoT) and other transformational technologies, comprehensive planning is the best way forward for State and Local agencies. By doing the planning upfront, agencies can ensure that they have the right tools to manage vulnerabilities, mitigate risks and drive innovation.

Carahsoft State and Local Ohio Roadshow Blog Embedded Image 2023Utilizing a single platform that connects automation of other tools into that platform helps agencies get real-time data reporting and addresses risk within the organization. By using multiple endpoint management and security tools in a single platform, agencies can streamline their operations, reduce costs and improve their overall security posture.

A local agency in Westerville, Ohio has started using data for applied analytics and customizing citizen experiences using a feedback model. This approach involves analyzing and interpreting data to improve services and provide a more streamlined citizen experience for services like trash collection, public safety and traffic management. By using data to drive decision-making and improve services, agencies can become more efficient, effective and responsive to the needs of citizens.

Building a Resilient Government

Modernizing systems, which is the top priority for building a resilient Government, will improve citizen services, generate cost savings, increase security and provide a more holistic, human-centered Government experience. Many State and Local agencies have outdated systems and need to modernize their infrastructure and business processes to make commerce more accessible and efficient. This involves evaluating areas for improvement, such as replacing fax machines with modernized digital tools and platforms and consolidating multiple systems into a few with all the key functionality they need.

The Ohio Department of Aging (DoA) implemented a tenant of rapid response in which automated systems provide emergency staffing within 24 hours for long-term care facilities and nursing homes during the COVID-19 pandemic and continue to this day. The DoA has also worked on predictive modeling utilizing the Governance, Risk and Compliance (GRC) organizational strategy to identify potential issues and respond proactively. Additionally, it has focused on meeting citizens’ needs through an omnichannel approach, using interoperable data analytics and predictive modeling to provide a more personalized and efficient experience.

Combating Cyber Threats in Government

Public Sector organizations face a range of cybersecurity risks, including data exploitation, insider threats, third party vulnerabilities, ransomware, identity theft and fraudulent access to State Government services. To mitigate these risks, agencies can take steps such as implementing strong access controls, regularly updating software and systems, conducting employee training on cybersecurity best practices and partnering with other organizations to share threat intelligence and collaborate on incident response.

Cybersecurity and Infrastructure Security Agency (CISA) offers several services to assist Government agencies with cybersecurity, including assessments and external dependency mapping. These services are provided at no cost to agencies, as they are already paid for by federal taxpayers. The services include:

  • Cybersecurity assessments: conduct cybersecurity assessments, which can help identify vulnerabilities and areas for improvement.
  • Ransomware readiness assessments: prepare for and respond to ransomware attacks, which are a growing threat to State and Local Governments.
  • External dependency mapping: identify and assess third-party vendors and other external dependencies, which can be a source of cybersecurity risk.
  • Threat intelligence sharing: provide agencies with information on emerging threats and best practices for defending against cyber-attacks.
  • Incident response planning: develop and test incident response plans, which can help ensure a coordinated and effective response in the event of a cyber-attack.

As cybersecurity threats become more sophisticated, it is increasingly critical for individual employees to be aware of the risks and take steps to protect their agency. Following best practices for password management, avoiding suspicious emails and links and reporting any potential security incidents to IT or security personnel is imperative. Agencies should provide regular training and offer resources such as phishing simulations to help employees become more vigilant.

Agencies must continue to leverage technology, utilize resources like CISA, stay up to date on the latest best practices and remain committed to meeting citizens’ needs. By embracing technology innovation, State and Local agencies can create a brighter future for all.

 

Explore more resources and learn more about Carahsoft’s State and Local Roadshow Series: Digital Transformation by visiting our Roadshow portfolio.

*The information contained in this blog has been written based off the thought-leadership discussions presented by speakers at Carahsoft’s Digital Transformation Roadshow.*

Critical Infrastructure in Cybersecurity: Innovation for the Transportation Sector

Posted on by
Reply

In 2021, the presidential administration passed the National Security Memorandum on Improving Cybersecurity for Critical Infrastructure Control Systems, aiming to bolster the cybersecurity posture of critical infrastructure in the United States. Various agencies, such as the Transportation Security Administration (TSA), Department of Transportation (DOT) and the Cybersecurity Infrastructure Security Agency (CISA), have been working to continuously improve the security of the transportation sector, which oversees the movement of people and goods across the country.

The Transportation Sector

Within the transportation sector, initiatives have been taken to help fund cybersecurity improvements in an array of subsectors. The transportation sector includes:

  • Aviation: Approximately 450 commercial airports, 19,000 airfields, air traffic control systems, heliports, landing strips, joint-use military airports, sea plane bases, manned and unmanned recreational aircraft and flight schools[1]
  • Highway and motor carriers: Managing roadways, bridges, tunnels and commercial vehicles such as motorcoaches and school buses traffic management systems
  • The maritime transportation system: Approximately 95,000 miles of coastline, 361 ports and over 10,000 miles of navigable waterways
  • Mass transit and passenger rail: Terminals, operational systems, transit buses, monorails, trolleys and rideshares
  • Pipeline systems: Carriers of natural gas, hazardous liquids and various chemicals
  • Freight rail: Major carriers, smaller, active railroads, freight cars and locomotives
  • Postal and shipping: Regional and local couriers, mail management firms, charters and delivery services[2]

Carahsoft Cybersecurity for Transportation Blog 4 Embedded Image 2023Security Directives

Due to persistent threats to the cybersecurity of critical infrastructure, including the transportation sector, the TSA issued multiple security directives for various transportation types, including railways and pipelines. These new directives require agencies to develop approved implementation plans that will help improve cybersecurity resilience, proactively assess the effectiveness of cybersecurity measures and prevent the deterioration of infrastructure.

The directive also requires that entities regulated by the TSA proactively work to implement amendments in the directive, including to:

  • Develop network segmentation policies so that Operational Technology (OT) can continue working, even when compromised
  • Prevent unauthorized access to critical infrastructure systems by enabling control access measures
  • Identify vulnerabilities and implement security patches for operating systems, applications, drivers and firmware to reduce the risk of exploitation
  • Detect malicious software and unauthorized access on Information Technology (IT) or OT systems and report designated incidents to CISA
  • Isolate infected systems from uninfected systems to limit the spread of malware, deny further access and to preserve evidence of compromise[3]

A similar initiative, introduced by the DOT in 2022, aims to improve security awareness amongst employees. All DOT network users are required to complete the DOT’s Security Awareness Training, which is inspired by various federal requirements and the DOT Order on Department Cybersecurity Policy. The training measures employees’ knowledge in cybersecurity, including password and PIN protection and basic security for information systems.[4]

By striving to improve the security posture of the transportation sector, the TSA, DOT and CISA endeavor to protect the safety of the nation.

Cybersecurity Funding for the Future

The DOT has also introduced measures to improve the national security posture. To leverage funding from bipartisan infrastructure, the U.S. Transportation Secretary Pete Buttigieg announced up to $45 million in grants for various University Transportation Centers (UTC). These grants will be utilized to improve the cybersecurity resilience of agencies affiliated with roads, bridges, rail, shipping and airspace. One of these grants will go to Clemson University to lead a consortium focused on cybersecurity research and development. Another of these grants will go to Prairie View A&M University to improve technology in the transportation system, including data related to artificial intelligence and environmental resilience.[5]

Ever since the Colonial Pipeline attack of 2021, as well as other attacks on the cybersecurity of critical infrastructure of the United States, various agencies have done their part to improve the nation’s security. Through CISA’s hard work to create cybersecurity guidelines and cross-sector performance goals and the Federal Government’s generous grants, the nation’s critical infrastructure is postured to increase security and resolve potential crises.

This blog is the final installment in our four-part series, which examines cybersecurity initiatives inspired by The White House’s National Security Memorandum. The first three parts covered the basics of critical infrastructure cybersecurity, an overview of the Water and Wastewater Sector, and an overview of the Electric and Utility Sector.

 

To learn more about how agencies can bolster their cybersecurity efforts within critical infrastructure, visit Carahsoft’s Cybersecurity Solutions Portfolio. 

 

Resources:

[1] “National Infrastructure Protection Plan,” Transportation Systems Sector, https://www.dhs.gov/xlibrary/assets/nipp_transport.pdf

[2] “Transportation Systems Sector,” Cybersecurity and Infrastructure Security Agency, https://www.cisa.gov/topics/critical-infrastructure-security-and-resilience/critical-infrastructure-sectors/transportation-systems-sector

[3] “Security Directives and Emergency Amendments,” Transportation Security Administration, https://www.tsa.gov/sd-and-ea

[4] “FY 2022 Department of Transportation Security Awareness Training,” Federal Motor Carrier Safety Administration, https://www.fmcsa.dot.gov/safety/fy-2022-department-transportation-security-awareness-training

[5] “U.S. Department of Transportation Funds Innovative Research Providing Vital Training for Next Generation of Transportation Leaders,” U.S. Department of Transportation, https://www.transportation.gov/briefing-room/us-department-transportation-funds-innovative-research-providing-vital-training-next

Generative AI, DevSecOps and Cybersecurity Highlighted for the Air Force and Space Force at DAFITC 2023

Posted on by
Reply

Thousands of Space Force and Air Force personnel and industry experts convened to discuss the most current and significant threats confronting global networks and national defense at the 2023 Department of the Air Force Information Technology and Cyberpower Education & Training (DAFITC) Event. Throughout the many educational sessions, thought leaders presented a myriad of topics such as artificial intelligence (AI), DevSecOps solutions and cybersecurity strategies to collaborate on the advancement of public safety.

Leveraging Generative AI in the DoD

At the event, experts outlined three distinct use cases for simplified generative artificial intelligence in military training.

  • Text to Text: This type of generative AI takes inputted text and outputs written content in a different format. Text to Text is associated with tasks such as content creation, summarization, evaluation, prediction and coding.
  • Text to Audio: Text to Audio AI can enhance accessibility and inclusion by creating audio content from written materials to support elearning and education and facilitate language translation.
  • Text to Video: Text to Video AI is primarily geared towards generating video content from a script to aid the military with language learning and training initiatives.

Dr. Lynne Graves, representative of the Department of the Air Force Chief Data and Artificial Intelligence Office (CDAO), provided attendees with a brief timeline of how the USAF will fully adopt artificial intelligence. The overarching aim for AI integration is to make it an integral part of everyday training, exercises and operations within the Department of Defense (DoD).

  • In FY23, the DoD is focusing on pipeline assessment. Using red teaming where ethical hackers run simulations to identify weaknesses in the system, internal military personnel target improvement of their infrastructure and mitigation of the vulnerabilities in the different stages of the pipeline.
  • In FY24, the emphasis will be on the Red Force Migration policy, which involves developing, funding and scaling the necessary strategies.
  • In FY25, the goal is for the department to become AI-ready. This entails preparing for AI adoption at all agency levels, establishing a standard model card that explains context for the model’s intended use and other important information, creating a comprehensive repository of data and implementing tools for extensive testing, evaluation and verification.

Carahsoft AI, Cybersecurity, DevSecOps at DAFITC Tradeshow Blog Embedded Image 2023USSF Supra Coders Utilize DevSecOps for Innovation

The current operations of United States Space Force (USSF) Supra Coders involve a range of activities that combine modeling, simulation and expertise in replicating threats. These operations are conducted globally, and currently include orbit-related activities, replication of DA ASAT (Direct Ascent Anti-Satellite) capabilities and the reproduction of adversarial Space Domain Awareness (SDA).

The USSF Supra Coders have encountered limitations with software solutions, including restrictions tied to standalone systems, licensing structures with associated costs and limited adaptability to meet the specific needs of aggressors and USSF requirements. DevSecOps presents a multifaceted strategy for mitigating the identified capability gaps noted by the USSF Supra Coders. It can help create more effective and efficient software solutions through seamless integration of security protocols, streamlining system integration processes, optimizing costs and enhancing customizability.

Cybersecurity Within the Space Force

Cybersecurity is a shared responsibility across the DoD but is especially relevant for the U.S. Space Force. As a relatively newly emerging branch of the military, the Space Force is still developing its cyber strategies. Due to its completely virtual link to its capabilities, the USSF must prioritize secure practices from the outset and make informed decisions to protect its networks and data.

Currently, the Space Force is engaged in the initial phases of pre-mission analysis for its cyber component which serves as a critical element for establishing and maintaining infrastructure through the integration of command and control (C2). These cyber capabilities encounter a series of complex challenges, which necessitate a multifaceted approach including the following solutions:

  • Enforcing Consistent Cybersecurity Compliance
  • Developing Secure Methods to Safely Retire Old Technology
  • Enhancing Cryptography Visibility
  • Understanding Security Certificate Complexity
  • Identifying Vulnerabilities and Mitigating Unknown Cyber Risks

While the Space Force faces a uniquely heightened imperative to bolster its cybersecurity capabilities with its inherent reliance on information technology and networks in the space domain, the entire community must collaborate effectively to achieve military leaders’ targeted cybersecurity capabilities by the goal in 2027.

The integration of generative AI in military training, innovations through DevSecOps by the USSF Supra Coders and cybersecurity initiatives of the Space Force collectively highlight the evolving landscape of advanced technologies within the Department of Defense. Technology providers can come alongside the military to support these efforts with new solutions that enhance the DoD’s capabilities and security.

 

Visit Carahsoft’s Department of Defense market and DevSecOps vertical solutions portfolios to learn more about DAFITC 2023 and how Carahsoft can support your organization in these critical areas. 

*The information contained in this blog has been written based off the thought-leadership discussions presented by speakers at DAFITC 2023.*

3 Strategies the State Department Can Adopt to Successfully Balance Infrastructure Modernization and Security

Posted on by
Reply

The Department of State’s (DOS) plan to modernize American diplomacy has two focuses: adopting critical and emerging technologies and strengthening cybersecurity. Secretary Antony Blinken cites these initiatives as an “aspect of foreign policy that has become critical in recent years.”

Yet, a recent survey indicates IT complexity is a top challenge when it comes to protecting against cybersecurity threats. The more technology added to a network, the harder it is to defend.

That’s why the DOS must adopt a security-first approach when building and deploying new IT infrastructure. By shifting security left, the organization will be better positioned to successfully balance modernization with security.

Here are three ways the DOS and other government agencies can achieve this objective.

SolarWinds SLG Infrastructure and Security Blog Embedded Image 2023Adopt a “secure by design” approach

Infrastructure modernization isn’t just about the tools that are added to a network. It’s also about the people who must manage the tools, and the different processes teams might use to ensure that everything works as it should. All of this creates additional complexity and increases how an attacker could infiltrate a network.

That’s why it’s critical to weave cybersecurity throughout every phase of infrastructure deployment. Every time a new system or application is installed, its introduction and implementation should be carefully vetted by a dedicated security team. All endpoints should be carefully monitored and inspected to ensure their fortification and all systems tested by red teams to verify their security postures and resiliency.

Simultaneously, all IT professionals should follow predetermined security guidelines throughout the software implementation process. These guidelines should be easily accessible and understood by everyone involved in the process. Simple, direct, and sequential instructions can help prevent vulnerabilities.

Implement observability for proactive cybersecurity

As the DOS’s software factories continue to develop and deploy new technologies, the agency must adopt methods that allow it to keep close tabs on how those technologies connect and interact with one another. Implementing a process of observability is a good way to accomplish this task.

Observability provides a complete view of every asset that comprises an organization’s IT infrastructure, whether on-premises, in the cloud, or hybrid environments. IT teams can observe how assets operate and interact with each other and rapidly identify issues as they arise, including potential security risks.

Observability goes beyond traditional network monitoring, but both are essential. The latter pushes alerts to IT teams whenever there’s a deviation from a predetermined metric, while the former allows teams to detect and analyze abnormalities in real time. So, while monitoring is reactive, and observability is proactive, both work together to form a critical foundation for infrastructure security.

Take an “assume breach” mentality

Zero-trust is an effective best practice that the DOS has adopted from the Department of Defense’s leadership. In the wake of continually evolving cybersecurity threats, adopting a zero-trust posture should be considered the minimum protection standard.

The DOS can take this approach even further by taking an “assume breach” mentality. An assume breach mindset includes several strategies designed to protect the agency throughout the entire lifecycle of a cyberattack. In addition to incorporating zero-trust principles, assuming a breach involves:

  • Identifying and addressing gaps in security coverage
  • Planning how to react and respond to an attack
  • Detailing the steps needed to recover from an attack
  • Learning from an attack
  • Implementing processes to prevent future attacks

Assuming a breach is just as it sounds—embracing a position that it’s not if a breach will happen, it’s when it will take place. If agencies base their cybersecurity efforts around this mentality, they will be more prepared to both deal with and prevent the eventuality.

Cyber resiliency must be a top focus as the DOS continues its push toward modernization, but without a systematic plan in place, the agency’s efforts to contain and prevent vulnerabilities can easily become overwhelming. Adhering to the three strategies outlined here can help the DOS prioritize cybersecurity and tackle potential threats in a way that will not only protect the organization but also do so in a manner that is efficient and effective.

 

These best practices are fundamental elements to SolarWinds’ Secure by Design approach, developed in collaboration with leading cybersecurity experts in the wake of the 2020 SUNBURST attack. It’s a solid blueprint for the DOS to refer to as it continues its modernization efforts.

Critical Infrastructure in Cybersecurity: Modernizing the Electric and Utilities Sector

Posted on by
Reply

After the ransomware attack on Colonial Pipeline in 2021 and other notable events, the presidential administration has diligently worked to improve the cybersecurity posture of critical infrastructure in the United States. Several Government agencies, such as the Department of Energy (DOE) Cybersecurity, Energy Security and Emergency Response (CESER), the National Security Agency (NSA), Cybersecurity Infrastructure Security Agency (CISA), and private sector Electric & Utility Industry have joined to refine and boost cybersecurity in the Electric and Utilities sector.

Standards for the Electric and Utility Sector

Since 2021, the White House has put forth the National Security Memorandum on Improving Cybersecurity for Critical Infrastructure Control Systems, an initiative that aims to safeguard the critical infrastructure of the nation. The Memorandum specifies that the Electricity Subsector was the pilot effort in its Initiative. In acknowledgement of the Memorandum, at least 150 electric utilities have or will adopt operational technology (OT) and Industrial Control Systems (ICS) security and improved the visibility, detection and monitoring of critical electricity networks. Further reinforcing the memo, in March of 2023, the Presidential Administration announced a national cybersecurity strategy that strives to create a secure digital ecosystem reinforced with the National Cybersecurity Strategy.

Control systems experts that work with DOE CESER, CISA and the NSA have developed a set of ICS security considerations. These considerations aim to enhance and monitor the detection, mitigation and forensic capabilities for OT owners and operators.

The ICS/OT cybersecurity evaluating and monitoring technology guidelines are recommendations rather than mandates. They include but are not limited to:

  • Building technology for ICS networks with integration compatibility for ICS protocols and communications
  • Adding sensor-based continuous network cybersecurity monitoring, detection and facilitation of response capabilities for both ICS and OT
  • Creating a collective defense capability framework for software so that Federal Government partners and trusted organizations can share insights and detections
  • Utilizing passive deployment and isolation technologies to protect sensitive information
  • Securing technology against access credential misuse[1]

These guidelines aim to improve system security and visibility with Government partners.

Carahsoft Cybersecurity for Utilities Blog 3 Embedded Image 2023Financing the Security Movement

To help fulfill the National Security Memorandum promise, the current administration has released the Bipartisan Infrastructure Law, which authorizes up to $250 million to enhance the cybersecurity resilience of rural, municipal, and small private electric utilities. The Rural and Municipal Utility Advanced Cybersecurity Grant and Technical Assistance (RMUC) Program has utilized the law to help improve energy systems, processes, assets, incident response and cybersecurity skills in eligible agencies within the utility workforce. Nearly one in six Americans live in remote or rural communities with inadequate funding and infrastructure for updated technology and modern systems.[2] The RMUC Program pledges financial and technical assistance to help these communities, as well as small investor-owned electric utilities, to improve vital security functions such as operational capabilities and to provide cybersecurity services access and threat-sharing programs.  In August 2023, the program pledged a prize pool of $8.96 million dollars in competitive funding and technical assistance to enable municipal and small investor-owned utilities to advance their training and cybersecurity.[3]

By ensuring secure and reliable power to all customers, RMUC will help finance cybersecurity, as well as help fulfill another of the current administration’s goals of a net-zero carbon economy by 2050.

Cleaning Up Energy

In developing the clean energy sector, the Administration aims to mold the digital ecosystem to be more defensible, resilient and aligned with American values. This strategy will invest in the future by defending the energy sector and reinforcing clean-energy critical infrastructures.[4] To aid in the battle for clean energy through cybersecurity innovation, Clean Energy Cybersecurity Accelerator (CECA) will make cybersecurity accessible via collaboration with public and private expertise. To do so, CECA will assess all ICS assets that are connected to a utility’s infrastructure. Any ICS with potential wide-reaching impact is evaluated against physical and virtual attacks in a test lab, allowing CECA to mend any security holes. Aiming to achieve carbon-free electricity by 2035, the DOE has announced hundreds of funding opportunities, including funding for the Fossil Energy and Carbon Management (FECM) office.[5]

Through the collaboration of several key Government agencies and the tech industry, the Electric and Utilities sector is on the way to being secure, reliable and accessible to all.

The first two parts of this four-part blog series covered the basics of critical infrastructure cybersecurity, as well as an overview of the Water and Wastewater Sector. Following this third part, the fourth and final blog will dive deeper into the Transportation sector.

 

To learn more about how agencies can bolster their cybersecurity efforts within critical infrastructure, visit Carahsoft’s Cybersecurity Solutions Portfolio.

Sources

[1] “Considerations for ICS/OT Cybersecurity Monitoring Technologies,” Office of Cybersecurity, Energy Security and Emergency Response, https://www.energy.gov/ceser/considerations-icsot-cybersecurity-monitoring-technologies

[2] “Biden-Harris Administration Launches $250 Million Program to Strengthen Energy Security for Rural Communities,” Department of Energy, https://www.energy.gov/articles/biden-harris-administration-launches-250-million-program-strengthen-energy-security-rural

[3] “New Prize Supports Rural and Municipal Utilities in Strengthening Cybersecurity Posture,” NREL, https://www.nrel.gov/news/program/2023/new-prize-supports-rural-and-municipal-utilities-in-strengthening-cybersecurity-posture.html

[4] “Fact Sheet: Biden-Harris Administration Announces National Cybersecurity Strategy,” The White House, https://www.whitehouse.gov/briefing-room/statements-releases/2023/03/02/fact-sheet-biden-harris-administration-announces-national-cybersecurity-strategy/

[5] “Funding Notice: Critical Materials Innovation, Efficiency and Alternatives,” Energy.gov: Office of Fossil Energy and Carbon Management, https://www.energy.gov/fecm/funding-notice-critical-materials-innovation-efficiency-and-alternatives

Three Strategies for Minimizing Insider Threats

Posted on by
Reply

Insider threats (alternatively known as careless or untrained insiders) continue to be a problem for the public sector. According to SolarWinds 2023 Public Sector Cybersecurity Survey, 68% of respondents cited careless or untrained employees as one of the highest sources of security threats, second only to foreign governments.

Insider threats have continued to increase over the past few years. Mobile work has become commonplace, and more employees have begun using unsanctioned applications, leading to incidents of shadow IT. Meanwhile, hackers have become adept at targeting government employees through phishing and ransomware attacks, which succeed due to human error.

Educating your employees about the dangers of these attacks and putting in proper safeguards to prevent them is critical. Here are three strategies to help employees become more aware of threats and build a better security posture from the inside.

Understand while not everyone is a trained security expert, everyone can play their part

SolarWinds Cybersecurity Against Insider Threats Blog Embedded Image 2023

Some organizations tend to say, “Everyone is responsible for cybersecurity,” which is not entirely true. An employee in charge of processing applications for social security benefits is in charge of processing applications for social security benefits, not protecting the agency from a cyber attack.

However, there are little things everyone can do to prevent threats–they just need to know what those things are. It’s more than not opening emails from unknown senders or clicking on suspicious-looking attachments. It’s being vigilant, even when someone is feeling overworked. It’s also knowing who to report these incidents to if and when they occur and how and when to share information with colleagues about potentially suspicious activity.

Other things you can do to help employees protect your agency include:

  • Implementing company-wide password protocols, including two-factor authentication
  • Mandating employees to change their passwords every few months
  • Adding context to communications around cybersecurity to help employees understand the ramifications of cybersecurity incidents (for example, illustrating how a breach could impact employees’ jobs)

While rigorous training isn’t necessary, you can aim to make safe security practices a part of your day-to-day efforts. For example, periodic email reminders, replete with simple and easy-to-follow best practices and sent from the CIO or security team, can help improve your organization’s security posture.

Conduct simulations to help employees understand how to respond to possible threats

Email reminders are important, but nothing beats practicing what to do in the event of a threat. Which is where Breach and Attack Simulations (BAS) come in.

BASs can be used to simulate just about any type of attack your employees might be exposed to, including phishing, malware, and more. Employees are asked to spot, respond to, and prevent an attack in a simulation. Managers can assess employees’ responses and reactions and discover where more education is needed.

Simulated attacks are also great for increasing employee vigilance and education. The more employees are exposed to simulated threats, the more knowledgeable they become about those threats–and the less likely they will be to fall prey to them.

Build a zero-trust foundation that is secure by design

While employees should always be your first line of defense against cyberattacks, no defense is ever foolproof, even those that have been adequately trained and prepared. Implementing a secure by design zero-trust cybersecurity environment can ensure weaknesses aren’t exploited.

In a secure-by-design environment, security is inherent in every aspect of the organization. Employees are aware of possible cybersecurity risks and know how to prevent them. Security is baked into the agency’s technology infrastructure and software development processes, and all technologies an agency procures have security as a standard feature, not an add-on.

Security by design goes hand-in-hand with zero trust. Zero-trust cybersecurity models are based on an “assume breach” mentality, where every request to access information could pose a threat. Therefore, all requests must be carefully verified, and all employees should only have access to the information they need.

Remember: while employees can be your agency’s best defenders, they’re also human. They can and will make mistakes. It’s essential to put in place safeguards to mitigate those mistakes. Education is important, but so is having a backup plan in case something fails. By covering all angles you’ll have a better chance of preventing the next employee-centric cyberattack.

For more guidance on how to better enhance your agency’s cybersecurity posture, visit SolarWinds’ Secure by Design resource center.

Securing the Digital Workplace: Microsoft 365 Identity Management for Public Sector Leaders

Posted on by
Reply

Zero Trust is a critical focus for public sector organizations as they navigate today’s evolving digital workplace and cybersecurity landscape. But one issue is emerging as increasingly troublesome: insider threats.

The 2022 Cost of Inside Threats: Global Report found incidents involving insider threats surged 44% over the past two years. While some of these threats may be malicious insiders, seeking to misuse their authorized access for personal gain or harm, many are the result of cybercriminals exploiting vulnerabilities in identities to enter your environment. These criminals use tactics like compromised credentials – the leading cause of data breaches – as well as phishing scams and social engineering to impersonate identities and gain unauthorized access.

To effectively counter these increasingly sophisticated threats, organizations must strengthen identity management. When executed properly, identity management not only enhances the security of your digital workplace but enables a Zero Trust strategy.

Let’s discuss what identity management is, how to build a comprehensive strategy in Microsoft 365, and how it can fortify your Zero Trust deployment.

What is Identity Management?

AvePoint Identity Management Blog Embedded Image 2023

Identity management establishes and manages the digital identities of anyone entering your environment – from employees and contractors to guest users. Identities could refer to people, but they could also be services or devices entering your environment.

Identity management enables organizations to implement robust access controls, granting privileges based on roles – which is why identity management is an integral piece of Zero Trust. Without it, you will have no way to verify users and devices are who they say they are, let alone establish proper privileges and access, which are key Zero Trust principles.

When done effectively, identity management provides the right access to the right individuals at the right time for the right reason. This process not only improves your security posture, but can streamline user access, reduce administrative overhead, and help you better meet your compliance obligations.

Building Identity Management in Microsoft 365

When building your identity management strategy in Microsoft 365, remember these three basic elements: identify, authenticate, and authorize.

Here’s how to get started:

  • Identify: The backbone of identity management in Microsoft 365 is Azure Activity Directory (Azure AD). Azure AD provides a cloud identity for users, groups, and resources. It is where you build out your users’ identities and control access to internal and external resources – like your intranet or even Microsoft Teams. The solution will recognize users (based on Microsoft’s powerful machine learning and AI’s understanding of typical user and tenant behavior) and flag risks that fall outside of normal behavior, triggering the next steps of the process.
  • Authenticate: Multi-factor authentication (MFA) is today’s gold standard for authenticating identities. There are a variety of ways to do this, from smart cards to one-time passwords, that add layers of protection to your security. Microsoft’s Authenticator App helps implement MFA across your applications in a convenient and easy way for users, allowing them to verify their and their devices’ identities from their phones.
  • Authorize: It’s critical to grant access privileges based on the conditions specific to your organization. Conditional Access policies take a two-phased approach: first, it collects information about the person (their device, IP address, etc.) and then enforces any policies you have in place. This could mean if it detects a new device, it may enforce multi-factor authentication (MFA) or request the user sign in again. It could also prohibit access under certain conditions, like if a user is attempting access from a mobile device. These policies provide granular control over access while reducing the risk of authorized access.

By following this framework, you can easily begin using the powerful tools Microsoft offers to build your identity management strategy, ensuring only authorized individuals have access to critical systems.

Three Ways to Take a More Proactive Approach to Identity Management

Once you’ve taken the initial steps to start building your identity management approach, take it to the next level to enhance your security:

  • Right-size your policies: Strict, one-size-fits-all rules can hinder productivity; if security is in the way of getting the job done, users will find a way around it. Customizing your policies to specific users, workspaces, or even content creates a more tailored approach to access control, striking a balance between security and productivity.
  • Implement lifecycles: Identities should not permanently exist in your environment. People switch jobs or upgrade their devices. Establish a process to evaluate and recertificate identities – whether users (both external and internal) or devices – to ensure they still require access to your content and workspaces.
  • Monitor your environment: Even with the best-laid security plans, things can still fall through the cracks. That’s why it’s critical to monitor your environment – including users, devices, locations, and behavior – to identify any anomalies or suspicious activities that should be addressed.

These strategies can help you build a more proactive identity management approach that actively reduces risks and attack surfaces, allowing you to go beyond verifying identity to create a secure and efficient digital workplace.

Build a Secure Digital Workplace with Zero Trust

While identity management is an important aspect of building your secure digital workplace, ensuring only authorized individuals have access to your systems, it is not enough to protect your data or the workspaces where it lives in today’s ever-evolving cyber threat landscape.

Public sector organizations must embrace a comprehensive Zero Trust security framework to effectively build a secure digital workplace. To do so, you must combine identity management best practices with other robust security measures, like role-based access controls, workspace governance policies, lifecycle management processes, and risk assessments. Together, these strategies can enhance the protection of your digital environment and minimize your risk of data breach or unauthorized access.

Download the free AvePoint guide, “How to Achieve Zero Trust Standards Without Limiting Collaboration in Microsoft 365,” for more information about protecting your digital collaboration workspaces with a Zero Trust framework.

Security Protections to Maximize the Utility of Generative AI

Posted on by
Reply

Since the introduction of ChatGPT, artificial intelligence (AI) has exponentially expanded. While machine learning has introduced many merits, it also leads to security concerns that can be alleviated through several key strategies.

The Benefits and Risks of Generative AI

Broadcom Generative AI Blog Embedded Image 2023The primary focus of AI is to use data and computations to aid in decision-making. Generative AI can create text responses, videos, images, code, 3D products and more. AI as a Service, cloud-based offerings of AI, helps experts get work done more efficiently by advancing infrastructure at a quicker pace. In contrast, AI is also commonly used by the general public as a toy, since its responses can sometimes be entertaining. The comfort users have with AI and wide range of inputs introduces risk, and these risks can proliferate exponentially.

There are several key concerns for Government agencies when utilizing generative AI:

  • Copyright Complications – AI content comes from many different sources, and that content may be copyrighted. It is difficult to know who owns the words, images or source code that is generated, as the AI’s algorithm is based on derivative information. The data could be open sourced or proprietary information. To combat this, users should modify rather than copy any information gained from AI.
  • Abuse by Attackers – Bad actors can utilize AI to execute more effective and efficient attacks. While AI is not yet self-sufficient, inexperienced attackers can use AI to make phishing attacks more convincing, personal and effective.
  • Sensitive Data Loss – Users have, either intentionally or unintentionally, input sensitive data or confidential information into Generative AI systems. It is easier to disclose sensitive information into AI prompts, as users may dissociate the risk from the non-human machine.

The many capabilities of AI entice employees to utilize it to support their daily tasks. However, when this includes introducing sensitive information, such as meeting audios for transcripts or unique program codes, security concerns ensue. Once data is in the AI’s system, it is nearly impossible to have it removed.

To protect themselves from security and copyright issues with AI, several large communications companies and school districts have blocked ChatGPT. However, this still carries risk. Employees or students will find ways around security walls to use AI. Instead of blocking apps, organizations should create a specific policy around generative AI that is communicated to everyone in the company.

Combatting AI Risks

One such policy method includes utilizing a Data Loss Prevention (DLP) solution. The DLP’s purpose is to detect and prevent unauthorized data transmission, and its capabilities can be applied to AI tools to mitigate these concerns. Its security parameters work through three main steps:

  1. Discover – DLPs can detect where data is stored and report on its location to ensure proper storage and accessibility based on its classification.
  2. Monitor – Agencies can oversee data usage to verify that it is being used appropriately.
  3. Protect – By educating employees and enforcing data-loss policies, DLPs can deter hackers from leaking or stealing data.

DLP endpoints can reside on laptops or desktops and provide full security coverage by monitoring data uploads, blocking data copied to removable media, blocking print and fax options and covering cloud-sync applications. For maximum security, agencies should utilize DLPs that cover all types of data storage—data at rest, data in use and data in motion. A unified policy based on detection and response to data leaks will prevent users from misapplying AI and provide balance for secure operation.

While agencies want to stay competitive and benefit from AI, they must also recognize and take steps to reduce the risks involved. Through educating users about the pros and cons of AI and implementing a DLP to prevent accidental data leakages, agencies can achieve their intended results.

 

Broadcom is a global infrastructure technology leader that aims to enhance excellence in data innovation and collaboration. To learn more about data protection considerations for generative AI, view Broadcom’s webinar on security and AI.

People Plus Technology: Building a Resilient Federal Cyber Workforce

Posted on by
Reply

Filling cyber jobs in Federal agencies is complicated – it requires competing with industry salaries, retaining existing talent and navigating the Federal hiring process. It’s a far-reaching challenge that affects every agency – the administration knows that, the Office of Personnel Management knows that, and agency technology and human resources leaders know that. And federal C suite leaders realize how the government recruits, hires and retains people for cyber jobs has to change. In partnership with FNN, our Federal Cyber Workforce guide takes a look at what the government is doing to tackle this problem on a sweeping federal level and also on a more agency-specific level. We also get industry perspective on the technologies that affect cyber workforce resiliency. We hope it provides some guidance and help as your agency works to beef up its cybersecurity, both through investments in people and technology.

 

Carahsoft IIG FNN July Cyber Workforce Blog Embedded Image 20233 Key Rallying Points for a Resilient Cybersecurity Team

“Agencies are currently operating in a high-threat environment, but that doesn’t mean they can’t implement a reasonable amount of information assurance. It may not be perfect, but it doesn’t have to be. The idea is to make it so that adversaries have to work extremely hard to penetrate the infrastructure. The adversaries are good, but agencies can be better with a resilient cybersecurity team, said Mark Bowling, chief risk, security and information security officer for ExtraHop. The key to achieving this is to have a risk reduction perspective.”

Read more insights from Mark Bowling, Chief Risk, Security and Information Security Officer at ExtraHop.

 

Do not Wait for a Breach: Why to Adopt Proactive Approach to Cyber Resilience

“When most people talk about cyber resilience, they’re referring to post-breach recovery — the means, methods and speed with which an organization can get its systems and services back online after a cyber incident. But Felipe Fernandez, federal chief technology officer at Fortinet, views resiliency more holistically. His advice? Agencies need to take a proactive stance on cyber resilience and include not only recovery from breaches but also when their planning for non-malicious threats and other operational disruptions, including those associated with cloud-based services.”

Read more insights from Felipe Fernandez, Federal Chief Technology Officer at Fortinet.

 

Proactively Improve Digital Employee Experience Though Automation

“Digital modernization and the adoption of collaboration tools is supposed to make work easier, especially in a hybrid environment. Employees want the flexibility to be productive in whatever manner best suits them. Unresolved technology issues can impede productivity. In its latest survey of industry employees and IT professionals, Ivanti found that 49% of employees are frustrated with the tools they use and 26% are considering leaving their jobs because of that. Employee experience is a top priority in government right now, and employees are internal customers of an agency’s IT services. By improving their experience your agency can realize gains in productivity and retention.”

Read more insights from Mareike Fondufe, Product Marketing Director at Ivanti.

 

Download the full Expert Edition for more insights from these cyber workforce leaders and additional government interviews, historical perspectives and industry research.