Tag Archives: Cybersecurity

The Top CMMC Events for Government and the DIB in 2025 

Posted on by
Reply

With the release of the Cybersecurity Maturity Model Certification (CMMC) 2.0 framework, 2025 marks a pivotal year for education, collaboration and implementation across the Defense Industrial Base (DIB). As compliance standards evolve, this year’s lineup of CMMC-centric events offers defense contractors, cybersecurity professionals and Government stakeholders unparalleled opportunities to deepen their understanding, explore new solutions and engage directly with policy leaders and technology providers. Below is a preview of the key events shaping the CMMC landscape in 2025—and how Carahsoft and our partners are helping to drive the conversation forward. 

CEIC West 

May 21-23 | Las Vegas, NV | In-Person Event 

​CEIC West 2025, the official conference of The Cyber AB, is the premier event for defense contractors and cybersecurity professionals focused on implementing the CMMC 2.0 framework. Hosted by Forum Makers, this conference offers practical strategies to help organizations achieve compliance and secure their place in the DIB. Attendees will benefit from expert-led sessions, hands-on workshops and networking opportunities with key figures from the DoD and The Cyber AB. Additional highlights include pre-conference training, the Women of CMMC Dinner and the Tech for Troops Golf Tournament. Learn how to close security gaps, manage costs and tackle the real-world challenges of CMMC compliance at CEIC West 2025. 

Sessions to look out for:  

  • Keynote: “Protecting CUI, Federal Contractors and the Future of CMMC” feat. Katie Arrington, CIO, DoD 
  • “CMMC Beyond the DoD: Preparing for a Broader Compliance Landscape” 

Carahsoft will present a Solutions Showcase spotlighting a group of partners that provide CMMC compliance tools tailored for the DIB. Numerous resources and solutions providers —including those in Carahsoft’s “Solutions Showcase” such as Cyturus, Lifeline Data Centers, Axonius Federal Systems, ISI Defense and Paramify— will be available for attendees seeking to learn more about CMMC and Carahsoft’s role in the program. Join us at the pre-conference golf tournament as Carahsoft is proud to be the Beverage Sponsor of this charitable event! 

Carahsoft CMMC Webinar Series 

August 12-14 | Virtual Event 

Carahsoft upcoming webinar series offers a comprehensive look at the latest updates to the CMMC program, providing DIB stakeholders with the insights needed to achieve and maintain compliance. Through a series of expert-led sessions, participants gain a clear understanding of the CMMC framework and learn how to implement effective cybersecurity practices aligned with Federal requirements. Whether you are just beginning your compliance journey or looking to strengthen your existing posture, this series delivers actionable guidance for all levels of the CMMC compliance journey. 

The Carahsoft CMMC Webinar Series will feature a number of partners to share insights and offer practical solutions for achieving compliance. Check out our website for more information and to register as we get closer to the event date. 

National Cyber Summit 

September 23-25 | Huntsville, AL | In-Person Event 

The National Cyber Summit 2025 is the nation’s most innovative cybersecurity technology event, offering unique opportunities for education, collaboration and workforce development. Hosted by the North Alabama Chapter of the Information Systems Security Association (NAC-ISSA), Cyber Huntsville Corporation (CHC), Auburn University Research and the University of Alabama in Huntsville, the summit brings together participants from Government, industry and academia. Attendees can expect a comprehensive agenda featuring expert-led sessions, hands-on training and valuable networking designed to foster collaboration and innovation across the cybersecurity landscape. With its strong emphasis on advancing best practices and protecting national interests, the National Cyber Summit remains a must-attend event for the cybersecurity community.  

Carahsoft will host a Partner Pavilion highlighting trusted technology providers focused on CMMC compliance solutions for the DIB. This space will serve as a hub for attendees to explore Carahsoft’s extensive lineup of solutions providers and educational resources, offering access to experts and compliance tools. 

CS5

October 16-17 | Washington, D.C. | In-Person Event 

The essential gathering for Defense Contractors and their Subcontractors to get CMMC compliance right. CS5 is the one conference that brings the entire compliance ecosystem together. From the experts who prepare you (RPOs) to the auditors who assess you (C3PAOs) and the training and tool providers who support you every step of the way. Start here to deliver CMMC compliance to your organization. Return here to optimize your path. If you’re in the defense industrial base, you can’t afford to miss it.

Carahsoft will have a Solutions Showcase for partners that provide CMMC compliance solutions to the DIB. This showcase will provide attendees with a hands-on opportunity to explore Carahsoft’s expansive network of compliance-focused technologies and gain insights into the tools, services and support available to guide them through every phase of their CMMC journey. 

DoDIIS *Canceled for 2025

December 7-10 | Fort Lauderdale, FL | In-Person Event 

​The 2025 Department of Defense Intelligence Information System (DoDIIS) Worldwide Conference is a premier event that brings together senior decision-makers, technical experts and innovators from the DoD, Intelligence Community (IC), industry, academia and Five Eyes (FVEY) partners. This immersive conference offers a unique platform for collaboration and knowledge sharing, focusing on the integration across the IC and the rapid development and deployment of mission-focused solutions. Attendees will have the opportunity to engage with a comprehensive selection of sessions, interact with a broad range of leaders and showcase solutions addressing issues impacting mission users. The event also features dynamic speakers, innovative technologies and networking socials, providing an invaluable experience for all participants.  

Carahsoft, Top CMMC Events, blog, embedded image, 2025

Carahsoft will host an expansive Partner Pavilion highlighting cutting-edge technologies that support defense and intelligence missions. Within this space, our Cyber booth—located in the Vertical Alley”—will feature a demo station from our CMMC team. 

CMMC Day 

May 5, 2026 | College Park, MD | In-Person Event  

Join industry leaders at the 6th annual CMMC Day 2026, where the Defense Industrial Base (DIB) will come together to navigate the shift from compliance to competitiveness under CMMC 2.0. With over 300,000 U.S. Government subcontractors soon to be impacted, this one-day conference offers essential insights into the CMMC framework’s wide-reaching implications for Federal supply chain security. CMMC Day delivers expert-led sessions from the National Institute of Standards and Technology (NIST), the National Information Assurance Partnership (NIAP), the National Security Agency (NSA) and other key players, guiding attendees through NIST 800-171, foundational cybersecurity standards and the maturity model’s evolving requirements.  

Whether you are a product vendor, integrator, testing lab or Government official, you will gain actionable knowledge, connect with the full industry value chain and leave better equipped to assess, prepare and certify under the new framework. 

Carahsoft is looking forward to showcasing our partners who deliver innovative CMMC compliance solutions for the Defense Industrial Base at CMMC Day 2026. The event will spotlight Carahsoft’s broad portfolio of resources and solution providers, making it a must-attend opportunity for those preparing for or advancing their role in the CMMC ecosystem. 

CS2 Reston 

May 6-7 | Reston, VA | In-Person Event 

The Cloud Security and Compliance Series (CS2) Reston, hosted by Summit 7, brings together defense contractors and IT leaders to learn about Federal cybersecurity requirements. With the CMMC rule now published, the CS2 Reston delivers critical guidance on achieving compliance with CMMC 2.0, NIST 800-171, Defense Federal Acquisition Regulation Supplement (DFARS) 70 Series—7012, 7019, 7020—and International Traffic in Arms Regulations (ITAR), as well as securing Controlled Unclassified Information (CUI) and Federal Contract Information (FCI). Featuring expert-led sessions, real-world case studies and technical breakouts, the agenda includes speakers from The Cybersecurity Assessor and Certification Body (Cyber AB), Microsoft, Summit 7 and others. CS2 Reston is a must-attend event for Chief Information Security Officers (CISOs), IT administrators and compliance professionals seeking practical insights and peer connections in the evolving defense cybersecurity landscape.  

Carahsoft will exhibit at CS2 Reston, engaging with attendees interested in learning more about our cybersecurity solutions portfolio and educational resources. Look out for our 2026 involvement on our website. 

SOF Week 

May 5-8 | Tampa, FL | In-Person Event 

​SOF Week is the premier global gathering for the Special Operations Forces (SOF) community. Jointly hosted by U.S. Special Operations Command (USSOCOM) and the Global SOF Foundation, this annual event brings together over 19,000 attendees—including SOF operators, defense industry leaders, policymakers and international partners—to collaborate on advancing the future of special operations. Attendees can expect a dynamic agenda featuring senior keynotes, breakout sessions, live demonstrations and a multi-venue exhibition showcasing cutting-edge technologies.  SOF Week offers unparalleled opportunities to network, learn and contribute to the global SOF mission. 

Carahsoft will host a large Partner Pavilion at SOF Week 2026, where attendees can explore a wide range of mission-focused technologies from our partners. Look out for more information about our involvement in 2026 on our website. 

TechNet Cyber 

May 6-8 | Baltimore, MD | In-Person Event 

TechNet Cyber 2026, hosted by the Armed Forces Communications and Electronics Association (AFCEA) International, is a premier event uniting military, Government, industry and academic leaders to tackle the ever-evolving challenges in cyberspace. The conference emphasizes collaborative strategies to strengthen cyber resilience and outpace adversaries. Attendees will gain valuable insights from top officials at United States Cyber Command (USCYBERCOM), the Defense Information Systems Agency (DISA), the Department of Defense Chief Information Officer (DoD CIO) office and other key agencies. Sessions will cover zero trust architecture, artificial intelligence (AI) integration and cyber workforce development. Featuring a robust exhibit hall and targeted networking opportunities, TechNet Cyber offers a comprehensive platform for driving cybersecurity innovation across the Public and Private Sectors.  

Carahsoft will host a Partner Pavilion showcasing cybersecurity solutions from our leading technology partners such as Cyturus. Check out our website as we look forward to our 2026 involvement. 

Looking Ahead: 

Whether you are just beginning your CMMC journey or looking to enhance your existing compliance strategy, these 2025 events provide a critical forum for insight, innovation and connection. With each event tailored to address the most pressing challenges facing the DIB, participants can expect actionable takeaways, hands-on demos and valuable discussions with experts across Government and industry. Carahsoft is proud to support these initiatives through our presence at each event, along with our robust ecosystem of CMMC-focused partners and resources. 

Explore Carahsoft’s full CMMC solutions portfolio and learn how we can help support your compliance efforts. 

Nutanix AHV and Rubrik’s Layered Security – The Key to System Resilience and Efficiency

Posted on by
Reply

Protecting critical infrastructure from cyber threats and ensuring business continuity in the face of disasters is a top priority for organizations today. Luckily, Nutanix AHV, a modern, secure virtualization platform that powers and enhances virtual machines (VMs), can help. Rubrik’s integrated solutions fortify AHV environments against ransomware attacks and enable efficient disaster recovery. By leveraging features like immutable backups, anomaly detection and on-demand cloud-based disaster recovery, organizations can enhance their cyber resilience and minimize the impact of disruptive incidents.

A Simple and Secure Path to VM Management

Nutanix AHV is simple to use and secure by design. The platform works through a centralized control plane, where AHV is integrated into a single application programming interface (API). This eradicates a complicated setup on the customer side. By maintaining constant management and a virtualization layer, Nutanix AHV allows organizations to fulfill mission objectives.

Nutanix AHV features several built-in security features, such as micro-segmentation, data insights, audit trails, ransomware protection and data age analytics.

Nutanix features:

  • Built-in, self-healing abilities protect against disk failure, node failure and more
  • A vulnerability patch summary automatically alerts users about susceptibility risks and anomalies that need to be addressed
  • A life cycle manager provides readmittance testing and deployment testing
  • More than one copy of backup data, ensuring that users do not lose valuable information
  • Multi-site replication including to and from the public cloud.

Securing data in Nutanix AHV requires more than just the basic perimeter defenses, but a multi-layered strategy. With Rubrik’s data protection abilities, which include immutable backups, automatic encryption and logical air-gapping, agencies and organizations can recover information within minutes and resume mission objectives in the event of a breach.

Securing Data with Rubrik’s Rapid Recovery Abilities

Rubrik, a security cloud solution provider that keeps your data resilient, enables the near-instant recovery of virtual machines and data within the Nutanix AHV environment. Rubrik provides multiple recovery options within AHV, such as file-level recovery, live mount, export, mount virtual disks and downloadable virtual disk files. Through Rubrik, businesses can recover files from older hypervisors into newer AHV environments without having older hypervisors online. Once granted access to the AHV environment, Rubrik automatically discovers and integrates protocols and base level policies for VMs. Rubrik’s recovery process restores data in minutes, regardless of VM size. As VMs get larger and larger, frequently hitting 50 terabytes, this speedy and precise response empowers organization’s incident response plans to be swift and efficient. After scanning the meta data, users are granted file level recovery after anomaly detection, allowing users oversight on affected data.

As the data that organizations manage grows exponentially, data security becomes critical to business functions. Rubrik offers comprehensive data security, continuously monitoring and remediating data risks within the network.

Through Rubrik, businesses can recover files from older hypervisors into newer AHV environments without having older hypervisors online. Once granted access to the AHV environment, Rubrik automatically discovers and integrates protocols and base level policies for VMs.Rubrik’s recovery process restores data in minutes, regardless of VM size. As VMs get larger and larger, frequently hitting 50 terabytes, this speedy and precise response empowers organization’s incident response plans to be swift and efficient.After scanning the meta data, users are granted file level recovery after anomaly detection, allowing users oversight on affected data.

Rubrik also provides constant monitoring for backups. Typically, businesses do not regulate data backlogs, which increases the likelihood that they miss attackers that sit in the system environment for a few days before collecting data. With Rubrik’s threat monitoring and hunting, organizations can search through backups and detect when an anomaly entered the environment. Through Nutanix and Rubrik’s integration, IT teams can reduce complexity, gain oversight, cut down on operational costs and improve resiliency and efficiency.

Automation: The Key to a Proactive Incident Response

Modern cyber threats require a proactive approach to incident response. With automation and orchestration, facilitated by the combined capabilities of Nutanix and Rubrik, organizations can detect, respond to and recover from cyber incidents more efficiently.

Rubrik has a built-in anomaly detection, which searches protected data for strange behavior, such as mass deletion or encryption. As the volume of data on a network increases, organizations often have sensitive data they are not actively monitoring or even know sensitive data maybe exposed. Rubrik clusters are always scanning protected data for anomalies, sensitive data, and known IOC’s allowing customers to select resolution options, such as isolating compromised VMs, or the ability to restore product systems from last known good copies.

Readiness impacts recovery time, and recovery time impacts organization operations. Nutanix AHV’s recovery organization authorizes IT teams to organize VMs into a set of templates, which can be used to create blueprints and launch application recovery. Nutanix also provides organizations with the flexibility to apply policy to each workload, taking control of network security and BC/DR policy with VM level granularity. By allowing organizations to map out their application owners, Nutanix AHV enables businesses to move from a reactive to a proactive security posture, minimizing the impact of attacks and ensuring swift recovery.

Nutanix and Rubrik’s integration creates a powerful security and operational synergy, empowering organizations with the tools they need for network safety and, if necessary, a swift and comprehensive restoration of critical systems, empowering organizations to resume business missions. Nutanix AHV enables organizations to reduce complexity, improve security and achieve a higher level of resilience and operational efficiency.

To learn more about how Nutanix AHV and Rubrik’s integration delivers streamlined data protection, rapid recovery and robust incident response capabilities, watch our webinar, Fortifying AHV: Cyber Recovery and Incident Response with Nutanix and Rubrik.

The Switch to Proactive Network Resilience Management to Maintain Operational Continuity

Posted on by
Reply

Due to the threat of modern ransomware gangs and Advanced Persistent Threats (APTs), critical infrastructure organizations face unprecedented challenges from sophisticated adversaries. These gangs and APT groups, such as Volt and Salt Typhoons, seek to compromise and disrupt the operations of critical national infrastructure (CNI) for financial gain or to cause economic and societal harm. Luckily, organizations can combat these attacks by shifting from traditional defensive approaches to a comprehensive network resilience strategy that ensures operational continuity through proactive management.

The Critical Shift from Defense to Resilience

With mission-critical systems increasingly dependent on network availability, cybersecurity is a top priority. Traditional security approaches have primarily focused on hardening defenses against external threats. However, this strategy has proven insufficient as sophisticated attackers continue to infiltrate networks and are increasingly exploiting weakly configured or vulnerable network devices to carry out their attacks. The consequences of such breaches extend beyond security concerns to operational, financial and reputational damage that can undermine an organization’s core mission.

Network devices are particularly attractive targets because they serve as the connective tissue for all organizational IT operations. When compromised, these devices provide attackers with persistence, lateral movement capabilities and access to sensitive data flows. Additionally, misconfigurations and unplanned changes to these devices—whether malicious or accidental—can result in disruptive outages at precisely the wrong moment.

To address these challenges, organizations need a tailored network resilience strategy built on the four pillars of operational resilience:

  1. Business Continuity: Maintaining critical business functions and mitigating interruptions to mission-critical services
  2. Risk Management: Assessing proactively to identify and address potential failure points before they impact operations
  3. Cybersecurity: Utilizing trusted hardening guides and security frameworks, such as those provided by the US National Institute of Standards and Technology (NIST) and the UK National Cyber Security Centre (NCSC), to monitor, detect and respond to cyber attacks and insider threats
  4. Disaster Recovery: Regaining access to and use of critical systems and restoring services as soon as possible following an outage

This approach recognizes that network security must be redefined as the proactive protection and assurance of business services, applications and data. This strategy shifts the goal from merely defending the perimeter to ensuring systems remain available and recoverable, and therefore trustworthy.

Titania, Network Resilience, blog, embedded image

Implementing Continuous Network Resilience Management

Organizations must switch to viewing their network security as something that must be continuously and proactively protected. By focusing on network readiness, resilience and recoverability, organizations can quickly detect problems within their network and reduce risk to their business, all which aligns with the latest compliance and security mandates. While shifting to continuous network resilience may seem daunting, Titania, a world-leader in network configuration analysis for routers, switches and firewalls, can help.

Here are five ways that Titania enables organizations to shift from risk-based vulnerability management to continuous network resilience management:

  1. Offers full network visibility, equipping organizations to swiftly identify anomalies. Titania’s platform establishes a configuration baseline that identifies all changes, differentiating between planned and unauthorized ones, enabling teams to automatically identify anomalies and potential indicators of compromise (IOCs). This includes identifying macro-segmentation violations, such as changes to or presence of unauthorized internet protocols (IPs), ports and users that could signal an active threat.
  2. Assesses network segmentation to contain breaches. Network segmentation prevents or delays bad actors from moving laterally within a business, which would allow them to access more of the network than otherwise possible. By hardening and effectively segmenting all routers, switches and firewalls, Titania helps reduce risk to a business’ mission-critical objectives.
  3. Analyzes and remediates network exposure. Titania helps organizations assess misconfigurations and software vulnerabilities based on the specific tactics, techniques and procedures (TTPs) that threat actors use. To minimize exposure to APTs and ransomware, Titania automatically prioritizes remediation workflows to address the most critical and likely TTP risks.
  4. Maintains accurate configuration management database (CMDB) to aid business continuity and disaster recovery.  By tracking all configuration changes, whether planned or unauthorized, Titania enables businesses to swiftly recover from any potential breaches. Titania also enables network operations center (NOC) teams to manage configurations-as-code, ensuring potential disruptions are identified and addressed during pre-deployment configuration testing.
  5. Assures networks comply with both internal and external mandates. Titania cross-checks network configurations to determine adherence to mandated requirements, automatically reporting pass/fail compliance with US, EU and international hardening standards and risk management frameworks (RMFs).

As threats continue to evolve and mission objectives become intertwined with network infrastructure, the ability to ensure operational continuity through comprehensive network resilience management will become a defining characteristic of successful cybersecurity programs. By implementing solutions that address the full spectrum of network security challenges, Government agencies and commercial organizations can protect their mission-critical services and maintain the trust of those who depend on them.

To learn more about implementing a comprehensive network resilience strategy for your organization, visit Titania’s Nipper Resilience product page.

Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, including Titania we deliver solutions for Geospatial, Cybersecurity, MultiCloud, DevSecOps, Artificial Intelligence, Customer Experience and Engagement, Open Source and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Explore the Carahsoft Blog to learn more about the latest trends in Government technology markets and solutions, as well as Carahsoft’s ecosystem of partner thought-leaders.

Unlocking Productivity: How the Latest Creative Tech Innovations Support Government Teams

Posted on by
Reply

The pace of technological advancement continues to accelerate, and creative tools are no exception. For Government teams tasked with producing clear communication, detailed documentation or visually compelling reports, these innovations are more than just upgrades — they represent opportunities for greater efficiency, accessibility and impact.

Recent updates announced during major creative technology conferences in late 2024 introduce a new generation of features specifically suited to the evolving needs of Public Sector organizations. Here’s a look at how these enhancements can deliver real value.

Streamlining Collaboration Across Agencies

In the Government space, collaboration is often complex. Projects frequently involve multiple departments, external partners and strict compliance requirements. New cloud-based workflows offer:

  • Real-time co-editing: Teams can work simultaneously on documents, presentations or multimedia projects, reducing bottlenecks.
  • Version history and tracking: Enhanced tools help manage approvals and ensure compliance with audit-ready records.
  • Role-based permissions: Simplified access controls allow teams to securely share content without risking data integrity.

These features are crucial for agencies seeking to enhance teamwork while maintaining accountability and transparency.

Boosting Accessibility and Inclusivity

Accessibility is a fundamental priority for government organizations. New creative platform updates now integrate accessibility tools directly into content creation processes, offering:

  • Automated alt-text suggestions for images to meet WCAG standards.
  • Built-in accessibility checks to catch issues early in the design stage.
  • Simplified document tagging to ensure content is screen-reader friendly.

These innovations support Government mandates for inclusive communication, making it easier to serve all constituents.

Enhancing Visual Storytelling

Government messaging often demands clarity and impact. Recent creative updates deliver more powerful storytelling tools without requiring specialized design expertise:

Adobe, Creative Cloud, blog, embedded image, 2025
  • AI-assisted layout and design recommendations: Automatically suggest polished layouts for reports, social media posts and outreach campaigns.
  • One-click video editing: Tools that allow users to quickly trim, subtitle and brand videos for public service announcements or training sessions.
  • Customizable templates: Pre-built templates tailored to common Public Sector needs like policy briefs, public notices and infographics.

These capabilities empower Government communicators to produce professional-grade materials quickly and cost-effectively.

Strengthening Data Security and Compliance

Security remains paramount in Government operations. New creative technology offerings emphasize robust protections:

  • Enterprise-grade encryption for all files stored or transmitted via the cloud.
  • Secure identity management to control user access based on agency credentials.
  • Data residency options to comply with Local or Federal storage regulations.

By embedding these features natively into creative workflows, teams can innovate confidently without sacrificing security.

Embracing Sustainable Practices

Sustainability goals are becoming a priority across Government sectors. Updated creative tools now include eco-conscious features such as:

  • Optimized file formats that reduce storage needs and energy consumption.
  • Remote collaboration capabilities that minimize travel requirements.
  • Digital-first design options to support paperless initiatives.

These enhancements align with broader efforts to lower carbon footprints and demonstrate environmental stewardship.

Ready to Explore the Full Potential?

Access our on-demand recordings and presentation resources.

Access our on-demand Adobe Creative Cloud Resource Hub.

Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, including Adobe we deliver solutions for Geospatial, Cybersecurity, MultiCloud, DevSecOps, Artificial Intelligence, Customer Experience and Engagement, Open Source and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Explore the Carahsoft Blog to learn more about the latest trends in Government technology markets and solutions, as well as Carahsoft’s ecosystem of partner thought-leaders.

Sea-Air-Space 2025: Top 6 Insights on AI, Readiness and More

Posted on by
Reply

Sea-Air-Space, the premier maritime exposition of the United States, is an educational hub for defense industry leaders, Government leaders and top military decision-makers to network and discuss the latest insights and advancements in the maritime and space domains.  

Joined by over 40 of our technology partners, Carahsoft showcased solutions on cybersecurity, cloud computing, artificial intelligence (AI) and more at Sea-Air-Space 2025, providing customers the opportunity to engage with and explore technologies designed to enhance the efficiency of mission objectives.  

This year’s conference featured six key themes for attendees to explore. 

1. Integrating Artificial Intelligence into Maritime Missions 

The efficiency of AI enhances the speed and accuracy of decision-making, providing real-time insights for Sea Service personnel. Integrating AI and other autonomous systems into military operations can satisfy the critical need for close collaboration between the technology industry and the defense sector. Speakers at Sea-Air-Space discussed the importance of finding practical applications of AI, machine learning (ML) and automation across warfighting, business processes, logistics and readiness.  

Major General of the United States Marine Corps, Matthew Glavy, spoke about the Marine Corps’ strategic use of AI. Presently, there is a “campaign of learning” aimed at aligning training and acquisition with AI capabilities. One goal is integrating algorithm management and scalability into AI training. Another is finding AI that functions in harsh maritime environments to improve warfighter’s abilities. Speakers stressed that AI is not just a tool for the future, but a present-day necessity that enables the Sea Services to significantly enhance the effectiveness, precision and longevity of their platforms and operations. With AI’s ability to detect and respond to cyber threats, the nation can better maintain its strategic defense edge.   

2. Preparing Data for Mission Readiness  

Currently available technology, assets and resources can be used to prepare data for future missions. As data can be used to enhance awareness amongst combat environments, sourcing data from diverse sources is vital to developing logistics systems for operations.  

Autonomous systems can be used to collect and translate data into actionable insights, enabling the Sea Services to improve operational readiness, extend lethality and respond swiftly at the tactical edge. The usability of data is just as important as having a diverse source.  

Technology with visualization tools, such as user-friendly dashboards, make data more accessible and predictive. This readability enables forces to anticipate failures, identify vulnerabilities and make data-driven decisions that impact mission readiness, ensuring personnel are equipped to outpace evolving threats.   

3. Maintenance for Operational Readiness  

Readiness is critical to maintaining a competitive edge. The United States Navy’s aims to achieve and sustain 80 percent combat surge ready posture for ships, submarines and aircraft by 2027. To accomplish this, platforms must be maintained and enhanced with the newest technology to ensure they are up-to-date and at their best capacity. Novel approaches to training, manning, and sustainment can all improve force readiness.   

In the session “Ready Our Platforms,” panelists discussed tips on the path to maintain pace with this goal.  

Sea Service personnel should:  

  • Engage with maintenance initiatives to strengthen planning, execution and partnerships to improve on-time delivery  
  • Take boats out of public shipyards in a timely fashion to ensure combat readiness  
  • Invest in original equipment manufacturing for maintenance work and quality assurance  
  • Review and update the Navy’s acquisition strategy to better acquire services for systems with diminishing subject matter expertise  
  • Increase the number of structural engineers embedded with maintenance teams to enable faster technical resolution of issues  
  • Create a dedicated force to focus on material ordering and provisioning for major maintenance efforts  

By embracing a proactive approach to training, manning, modernization and sustainment, the U.S. Navy can ready and bolster its force to improve combat readiness. 

4. Enhancing Security Through Space Systems  

To maintain its competitive edge, the Sea Services must strategically utilize all available assets, including space. In the session “The Critical Role of Industrial Space Assets in Maritime Security,” speaker John Hill, the assistant Secretary of Defense for Space Policy and the Deputy Assistant Secretary of Defense for Space and Missile Defense (PTDO) at the Department of Defense (DoD), discussed the five foundational space mission areas: generating, processing, storing, transporting and protecting data. By aligning mission objectives across the Space Force, Space Command and other relevant forces, the Sea Services can maintain pace with industry goals. Affordable, proliferated space systems and high-value technology can enhance maritime security by providing resilience and durability against emerging threats. By taking a proactive approach to innovation, the defense sector can leverage industry momentum and accelerate capability development.   

5. Innovation With Enterprise Solutions 

To support innovation and experimentation, the Sea Services aim to move from traditional procurement models towards modern, iterative approaches that empower operational commands and developers to co-create solutions in real time.  

The key strategies in this shift include:  

  • Using agile methodologies and continuous delivery pipelines  
  • Giving operational teams authority to drive mission-specific solutions  
  • Building open, modular systems with interoperability standards that allow for adaptable integration that maintains pace with threats and mission priorities  
  • Involving end users throughout the process, ensuring that the burden of integration at scale does not fall to combatants  
  • Providing consistent funding that supports innovation and experimentation  
  • Fostering a culture that accepts measured risk and supports transformation 
     

By decentralizing development and giving operational teams the authority to drive mission-specific solutions, the Navy aims to collapse development timelines, remove bureaucratic friction and deliver high-impact capabilities faster. The initiative provides persistent, mission-aligned funding streams that support innovation and experimentation without excessive risk aversion, creating pathways for scalable solutions at the pace of technological advancement.  

6. A Dive into Maritime Initiatives with Francis Rose 

A special Sea-Air-Space 2025 edition of Francis Rose’s Fed Gov Today explores the critical convergence of maritime security, technology and strategy in today’s evolving global environment. An interview with Vice Admiral Andrew Tiongson, Commander of the U.S. Coast Guard Pacific Area, discussed how the Sea Services have increased presence and coordination along the West Coast to counter maritime border incursions. Melissa Carson, Vice President and General Manager at Iron Mountain Government Solutions, highlights the critical need for structured data governance to enable effective AI-driven defense operations. Dr. Abbie Tingstad, Research Professor at the U.S. Coast Guard Academy, underscores the strategic importance of maintaining multi-domain presence in the Arctic through international partnerships, as environmental shifts and great power competition reshape polar governance. These insights collectively demonstrate how technological modernization, AI literacy, data readiness and strategic partnerships are essential for securing maritime domains against complex threats.  

Reliable, adaptable and verifiable technology enables the Sea Services to fulfill mission objectives. By leveraging today’s technologies to meet resource needs, extend the lifecycle of critical assets and enhance mission readiness, the Sea Services continue to outpace evolving threats and uphold its promise to protect the nation.  

To learn more about innovations amongst the Sea Services, visit Carahsoft’s defense portfolio to explore solutions showcased at Sea-Air-Space. For additional research into the key takeaways that industry and Government leaders presented at Sea-Air-Space, view Carahsoft’s full synopsis of key sessions from the tradeshow.  

Healthcare Program Executive: HIMSS 2025: Top 5 Insights

Posted on by
Reply

At the Healthcare Information and Management Systems Society (HIMSS) Global Health Conference and Exhibition 2025, health IT professionals, healthcare personnel and Government leaders joined to connect on the latest trends in the healthcare industry. As a provider and distributor of health IT solutions, Carahsoft and its partners are equipped to communicate recent trends and connect care providers, agencies and companies with the technology they need to embrace the future of healthcare. 

Here are the top 5 insights for the technology industry and Government from this year’s conference.  


1. Utilizing Artificial Intelligence in Healthcare  

Healthcare must ensure all provided tools are safe, effective and ethical to ensure the best outcomes for patients. As the widespread adoption of artificial intelligence in the healthcare industry is relatively new, providers and public health officials should employ risk management practices, strong governance and transparency with their usage of the tool.  

Providers should employ best practices for AI usage:  

  • Understand AI’s risk profile 
  • Ensure that data is representative of patients 
  • Address potential biases  

With continuous monitoring, providers can mitigate any potential model drifts and gain better oversight of the dynamic nature of AI systems. By highlighting the areas of risk, the healthcare system can make informed decisions on which tools, solutions and personnel to deploy to mitigate risk.  

Carahsoft HIMSS AI Interoperability Tradeshow Recap Blog Embedded Image 2025

There are many opportunities for AI in Healthcare. In the session “HL’s Ride on the AI Train,” the Chief Executive Officer of HL7 International, Charles Jaffe, discussed how AI can enable healthcare providers to promote interoperability. AI can also help providers address industry concerns, such as data provenance and data lineage. In the session “Shaping the Future of healthcare: A Collaborative Care Journey Where Technology and Humanity Coexist,” speakers Seung Woo Park and Meong Hi Son, respectively the President and Chief Medical Information Officer and Associate Professor at Samsung Medical Center (SMC), mentioned that SMC reduced the nurse turnover rate from 9.3% to 5.9% by assisting their workflow with AI and automation. In the session “Disruptive Technologies: Examining the Challenges and Opportunities of Cyber, AI and Beyond,” the Former Commander and U.S. Cyber Command and Former Director at the National Security Agency, Paul Nakasone, noted that AI-driven behavior changes could transform healthcare and prevent chronic diseases. Using AI to get suggestions on sleep, meditation, diet and stress management can all help in between doctor visits to chip away at chronic diseases. Through the collaboration of providers and technology, service in healthcare can be reshaped for the better, providing a gateway into personal medicine. 


2. Improving Healthcare Quality through Interoperability  

Another point of discussion at HIMSS was the role of digital technology and standards in improving healthcare quality. The National Committee for Quality Assurance (NCQA) has several initiatives, such as the Healthcare Effectiveness Data and Information Set (HEDIS) Fast Healthcare Interoperability Resources (FHIR) data model and the Bulk FHIR Quality Coalition, aimed at enhancing digital quality measurement by enabling end-to-end FHIR data exchanges. Quality measurement has evolved, and standardized clinical data helps accelerate that evolution. With modern computing platforms and technologies, such as Bulk FHIR, healthcare institutions can utilize real-time, continuous data processing, improving data encryption, data security and quality measurement. With comprehensive and timely data sharing among healthcare stakeholders, patients can get results from labs and pharmacies quicker, and can share their data across different healthcare offices, improving the affordability and quality of services.   


3. Addressing Veteran Needs in Collaboration with CMS 

On average, patients have their medical data located at 5.6 different locations, making interoperability, the ability of information to be exchanged between different health systems or technology systems, instrumental in helping patients and providers alike to improve the healthcare experience. 

In the session “A Discussion: Transforming Care Through Interoperability,” members of the Department of Veteran Affairs (VA) and University of Oklahoma discussed the benefits of interoperability for veterans. Data sharing between the VA and the Center for Medicare and Medicaid Services (CMS) can address healthcare challenges, such as dementia, suicidal ideation, traumatic brain injury (TBI) and oncology by enabling the two agencies to collaborate to achieve actionable approaches for real-world cases. For example, improving care coordination, optimizing resource utilization and driving better outcomes for veterans and other patients. 

Data sharing and collaboration is key to achieving efficient and effective healthcare delivery in the modernized health data infrastructure. In modernizing the infrastructure of the healthcare industry through interoperability, providers and patients can alleviate the work burden and work towards finding solutions at an expedited and swifter rate. The need for remote patient monitoring tools (RPM) is key to assist physicians and clinicians with increased data collection to support real-time treatment of these chronic illnesses for our veterans. 

HIMSS_Day 1_Case Study - Missouri Mission to Transform Digital Health


4. Leveraging Data to Improve Service 

Digital health increases the speed of learning, helps patients and providers overcome health inequity and increases the effectiveness of virtual care. In the session “Case Study: Missouri’s Mission to Transform Digital Health,” speakers Joshua Wymer, the Chief Health Information and Data Strategy Officer of the Missouri Department of Health and Senior Services (DHSS), and Natasha Ramontal, the Digital Health Strategist in Community Outcomes for HIMSS, discussed the DHSS’ journey to transform digital health. To address the needs of businesses, HIMSS and the DHSS teamed up, eliminating duplicate data sets, reducing volumes of data entry and improving regulatory oversight. Through their collaboration in improving the handling of data, the Missouri Department of Health and Senior Services became the first state level organization to successfully implement HIMSS’ Digital Health Indicator model.  


5. Bolstering Cybersecurity Mitigation with OCR and HIPAA 

In the session “Preparing for OCR’s Revived HIPAA Security Audits,” speaker Nadia Faheem Coster, the Executive Vice President of Permit Intelligence Services, discussed the Department of Health and Human Services’ Office of Civil Rights (OCR) 2025 audit program, which applies to fifty entities and business associates. The audit focuses on decreasing hacking and ransomware attacks.  

HIMSS_Day 1_Preparing for OCR Revived HIPAA Security Audits

To combat bad actors, Coster recommends:  

  1. Maintaining a risk management plan 
  1. Conducting annual secure risk assessments 
  1. Ensuring all policies and procedures are up to date 

Coster also emphasized the need for segmentation and asset inventory under the proposed Health Insurance Portability and Accountability Act (HIPAA) Security 2.0 rule. All related health systems and the IT industry should ensure their software and hardware are compliant under the proposed ruling. System resiliency is the gold standard for health systems looking to comply with the HIPAA Security 2.0 ruling. 


Data sharing, cybersecurity awareness, interoperability and artificial intelligence all enable cheaper and quicker work, whether it is sharing information between healthcare providers or on internal day-to-day operations, while ensuring quality care. By enabling the latest solutions in healthcare technology, health systems can create a better work environment for providers and a seamless experience for patients.  


To learn more about interoperability, legislation, cybersecurity and AI in healthcare, visit Carahsoft’s Healthcare Technology solutions portfolio to explore solutions showcased at HIMSS. For additional research into the key takeaways thought, industry and Government leaders presented at HIMSS, view Carahsoft’s extensive market research brief for a deeper dive.

Strengthening Cybersecurity in the Age of Low-Code and AI: Addressing Emerging Risks

Posted on by
Reply

As new technologies like low-code/no-code development and generative AI (GenAI) revolutionize how we build and interact with software, they also bring about new security challenges—especially for the public sector. Protecting sensitive information and online accounts is more critical than ever, as cybercriminals look to exploit gaps in these emerging systems. Ensuring robust security and threat visibility is now essential for safeguarding against the risks associated with these advancements, especially as traditional safeguards become less effective in the face of evolving threats.


Low-code Development Exposes New Risk

One of the unintended consequences of our shift to a low-code/no-code development paradigm is the delegation of complex development tasks to Large Language Models (LLMs) and GenAI systems, often bypassing seasoned developers and architects. This opens new opportunities for cybercriminals. These systems excel at functional requirements—‘Build me a website that accepts customer checkout requests’—but they rarely infer non-functional needs, like security, unless explicitly instructed.

In traditional software development, security considerations are often implicit, stemming from the experience of developers and architects who’ve spent years learning from real-world failures. GenAI, however, lacks this depth of experience and focuses narrowly on the task at hand. The result? Incomplete or inadequate security measures in software developed through these systems. As organizations lean more heavily on GenAI, we risk creating an insecure software ecosystem ripe for exploitation by threat actors.


The Proliferation of Knowledge-Based Verification Attacks

We’re on the brink of a surge in automated attacks exploiting vulnerabilities in Knowledge-Based Verification (KBV) systems. Large-scale data breaches, like the one that exposed millions of Social Security numbers last year, are eroding the effectiveness of this approach at confirming identity when creating an account or supporting a password reset. These processes often rely on KBV—such as answering questions about your mother’s maiden name or the street you grew up on—but this information is increasingly accessible to malicious actors.

Human Security GenAI Low Code Blog Embedded Image 2025

As these personal details become more widely available through data breaches and online marketplaces, attackers can easily bypass KBV systems. Worse yet, threat actors can now leverage LLMs to develop sophisticated tools to mine personal data at scale and orchestrate automated attacks against these KBV systems. Organizations face an urgent challenge: how to protect accounts in a world where traditional KBV methods are no longer secure or reliable while still offering users a legitimate path to create an account or regain access when needed.


LLM Safeguards Can Be Overridden or Bypassed by Running Models Locally

With the proliferation of local LLM instances and tools like Ollama, we’ll see safeguards embedded in commercial LLMs eroded or bypassed entirely. Running models locally can allow threat actors to fine-tune them, removing restrictions on malicious activity and enabling custom models optimized for cybercrime. This creates a new frontier for scaled attacks that are faster, more targeted, and harder to detect until it’s too late.

Imagine a threat actor fine-tuning a model to craft phishing campaigns, identify vulnerabilities in software, or automate account takeovers. The ability to localize and modify these models fundamentally shifts the balance, empowering attackers with tools tailored to their malicious intent. The guardrails built into commercial LLMs are no match for this growing trend, amplifying the need for robust detection and defense strategies at every level.

As the public sector continues to adopt innovative technologies, staying ahead of emerging cyber threats is crucial. The increasing sophistication of attacks, such as those targeting KBV systems and leveraging GenAI, highlights the need for stronger protections. By prioritizing comprehensive security measures and threat detection, organizations can mitigate the risks of these evolving vulnerabilities and safeguard their sensitive data and online accounts against malicious actors. It is essential to build and maintain resilient security strategies to ensure the integrity of digital infrastructures in this rapidly changing environment.


To learn more about how HUMAN Security helps the public sector protect citizen accounts, sensitive information, and critical infrastructure, click here.


Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, including HUMAN Security, we deliver solutions for Geospatial, Cybersecurity, MultiCloud, DevSecOps, Artificial Intelligence, Customer Experience and Engagement, Open Source and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Explore the Carahsoft Blog to learn more about the latest trends in Government technology markets and solutions, as well as Carahsoft’s ecosystem of partner thought-leaders.

Protecting Government Benefit Programs from Automated Fraud

Posted on by
Reply

Nation-states, ransomware gangs, and cyber criminals have a new weapon of choice: AI-powered bots. These systems, which mimic human behavior to automate tasks, have already helped fraudsters siphon hundreds of billions of dollars from federal programs. If left unchecked, this problem will cause taxpayers severe financial harm. The incoming administration will need to move quickly to guard against this rapidly growing threat.

The need to better defend the nation’s technology infrastructure against AI-powered attacks is not a partisan issue, and it is likely our new cyber leaders can build upon some actions taken by the last administration, including the final cybersecurity EO, issued in January 2025, that highlighted the role that stolen or synthetic identities play in defrauding our government programs. While the focus on instituting modernized digital identity methods may be appropriate, we’d like to offer a few additional considerations for our incoming cyber leaders on how to attack this problem.


The Bots Are Here

HUMAN Security NightDragon Protecting Government Benefit Programs Automated Fraud Blog Embedded Image 2025

Bots are increasingly being used by malicious actors to hack into systems, scrape personal data, or submit fake claims for benefits. At its simplest, they can use credentials and identification information purchased or stolen on the dark web to perpetrate fraud against benefit websites. From overwhelming public benefit portals with credential stuffing attacks to manipulating identity verification systems with precision-targeted scams, bots exploit gaps in digital identity systems at a speed, precision, and scale that is incredibly hard to defend against. And with the advancements in AI, they can increasingly mimic legitimate users to bypass security measures faster than most institutions can adapt.

In fact, in 2021, the Department of Labor found that at least $87 billion of the nearly $900 billion in unemployment insurance awarded under the CARES Act in the aftermath of the COVID pandemic were paid improperly, with a significant, but indeterminable portion attributable to fraud. However, in 2023 alone, bots were responsible for 352 billion attacks targeting login portals, credential verification systems, and transaction flows across industries, according to HUMAN’s Quadrillion report.

With 20 percent of login attempts across observed systems linked to account takeover attacks, and 150 million new compromised credential pairs discovered last year, bots are evolving into the ultimate enablers of fraud. If left unchecked, they could amplify the scale of fraud exponentially.


How do we prevent this problem from evolving from merely headline-grabbing to system-crippling?

Our incoming cyber leaders must recognize bots as the major root cause of the fraud problem and refocus attention on deploying cutting-edge new tools on U.S. federal systems to defend the thousands of .gov websites the government administers. This includes deploying applications that can help protect from automated credential stuffing and brute force attempts, block bots from manipulating web applications, prevent data contamination in which bots disseminate fake information to skew metrics, and prevent the unauthorized data harvesting of public websites. 

The government must also take the lead in helping private sector entities adopt these tools. The federal government can serve as a catalyst, pushing hold-out organizations to invest in their own fraud defenses. Private businesses are looking for guidance on this issue. Bot detection and counter bot solutions deserve the same level of attention as endpoint detection, patch management, and other fundamental security controls. Proactively embedding bot mitigation into NIST frameworks, for example, will ensure government systems are prepared to defend against automated fraud at scale. Following on this, government guidance relating to how agencies establish Zero Trust architectures should also incorporate bot detection and mitigation.

Finally, we must foster stronger public-private collaboration to advance bot mitigation. Existing bodies for public-private cooperation on cybersecurity must more deliberately include bot intelligence and insight-sharing. We must evolve outdated conceptions of what constitutes cyber threat intelligence (CTI), and endeavor to collect, analyze and report bot intelligence as its own distinct, but highly important category of CTI.

As our incoming cyber leaders in the new administration plan their agenda, it is critical they understand that the root cause of large-scale fraud is not just weak digital identity management methods but AI-powered bots. Bots that undermine the delivery of services and benefits to millions. Combating fraud perpetrated by and with them is a national priority.


To learn more about how HUMAN Security and NightDragon work better together to support Government agencies in their mission to defend against bots, visit our website!


Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, including HUMAN Security and NightDragon, we deliver solutions for Geospatial, Cybersecurity, MultiCloud, DevSecOps, Artificial Intelligence, Customer Experience and Engagement, Open Source and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Explore the Carahsoft Blog to learn more about the latest trends in Government technology markets and solutions, as well as Carahsoft’s ecosystem of partner thought-leaders.

Navy Customer Executive: WEST 2025: Top 10 Insights on AI, Cybersecurity and More

Posted on by
Reply

Government leaders, military officials and industry professionals gathered at AFCEA’s WEST 2025 conference to discuss the newest technologies, modern networking capabilities and cybersecurity initiatives that enhance operations within the Sea Services. As a technology provider for the Department of Defense (DoD) and industry experts affiliated with the Navy, Carahsoft and its partners are deeply aligned with the goals of the Navy and Sea Services and is committed to providing mission-critical technologies to keep the country safe. Carahsoft and over 90 of our partners, including Adobe, Appgate, Crowdstrike, Docusign, HashiCorp, Hitachi, Qualys and WIZ joined at WEST 2025 to showcase solutions in artificial intelligence (AI), cybersecurity, DevSecOps, Zero Trust and more.  

Check out the action from San Diego, California in our West 2025 recap video!

Here are the top ten insights for the technology industry and Government from this year’s conference.  

1. Artificial Intelligence (AI) in the U.S. Navy

There are many opportunities for AI in the Navy, such as the OpenShip Tool and its usage of OpenAI’s Whisper model to translate incoming communications through the Navy’s Very High Frequency (VHF) radios. Remote monitoring can detect issues with technology and support rapid troubleshooting. AI can also be used to predict turnaround time, helping the workforce choose when to prioritize projects and deliver items on time.  

AI can simplify operations. PMS 406 unmanned Maritime Systems runs the Unmanned Maritime Autonomy Architecture (UMAA), whose architecture creates a low barrier of entry for operation. With AI, update 6.0 of the UMAA and the Navy’s “Replicator initiative,” which works to field hundreds of autonomous systems by August 2025,” every soldier could operate a drone.  

In the session “Fleet AI Deployment,” Lieutenant Artem Sherbinin, the Chief Technology Officer for the U.S. Navy ‘s Task Force Hopper, reviewed the three priority areas for the Navy’s AI usage, which are to: 

  • Outthink adversaries 
  • Enhance administrative work 
  • Maintain goal of keeping 80% of combat surge-ready fleet 

By using AI capabilities, the Navy can empower its acquisition force to act efficiently and quickly. Lieutenant Sherbinin also discussed two upcoming projects. Navy warships produce 150TB of data per warship per day. To manage this massive volume of data, the Navy is building a Warfighting Data and AI Ecosystem. This tool’s requirements are being drafted and will be submitted in the upcoming fiscal year, but currently include components such as data extraction, data processing and sensor updates to ships underway. Vendors should keep an eye out for pre-RFPs and RFI opportunities surrounding this capability.  The second project is a new Commercial Solutions Offering (CSO), the Surface Lethality CSO. This soon to be released solution will be released through the Defense Innovation Unit on AI for Surface Lethality, and will expedite decision-making and enable the Navy to keep ahead of adversaries.  

2. Red Teaming to Improve Cybersecurity

In the session “Leveraging Cloud to Accelerate Unmanned and Autonomous System (UAS) Mission Critical Capabilities,” Allen Mcafee, CTO of Fuse Integration, discussed the desire to increase red teaming—a process for testing cybersecurity by having allied hackers conduct non-threatening breaches—amongst autonomous systems to increase the robust quality of existing programs, especially in the electronic and kinetic fields. Vendors that specialize in cybersecurity solutions for autonomous systems should offer red team services to help solidify UAS security.  

3. The Importance of Maritime Trade to Cybersecurity

In the session “Office of Naval Intelligence Brief,” Rear Admiral Mike Brooks, Commander of the Office of Naval Intelligence (ONI), spoke heavily on the criticality of maritime trade and the effect it has on the posture of the Navy. Chokeholds on shipping ports can hinder the economy, and so ONI is placing further emphasis on gathering intelligence in this area to preserve supply chains.   

4. DISA’s New Cloud-Based Mission Partner Environment

To address logistic challenges, the Defense Information Systems Agency (DISA) developed a mission partner environment within the cloud. This tool acts as a joint sustainment decision tool and will feature an application hosting platform. DISA will initially host this environment, but is looking for commercial partners to host the platform and ensure its accessibility to all allies and partners. 

5. Business Initiatives

The Navy has upgraded its approach to doing business, releasing its Information Superiority Vision (ISV) 2.0. In the initial version, the Navy’s framework for business was “Modernize, Innovate and Defend.” The 2.0 System is: 

Optimize – IT teams can integrate new systems and turn off outdated ones 

Secure – Personnel should think proactively in the design phase, rather than the more reactive “defend” 

Decide – Staff places data into the hands of people who need it 

This new system focuses on being proactive and innovative, integrating a focus on the workforce. Vendors should determine how their solutions fit into one or more of these pillars when marketing their technology and solutions. 

Carahsoft WEST 2025 Blog Embedded Image 2025

The Navy can learn from all types of industries and technology. Former Commander of the U.S. Pacific Command and Former Ambassador to the Republic of South Korea Admiral Harry B. Harris Jr. recounts an example from the 1930s where the Marine Corps struggled to field a landing craft. The solution came from examining a small civilian craft in the local area, showcasing a “Higgins Boat Moment” where the Marine Corps were able to learn from civilian technologies, highlighting the importance of dual-use technology that is prioritized by the DoD. 

Business is fulfilled when employees have bandwidth. In the session “Bringing Enterprise IT to the Edge to Accelerate Innovation,” Captain Kevin White of the PEO C4I PMW/A 170 Navy Communications and GPS Navigation Program discussed how bandwidth can fall into three different categories: morale, business applications and tactical services. When sailors have excellent bandwidth for morale and business applications, they are more efficient tactically.  

The DoD is working on a portal that provides information and education on Small Business Innovation Research (SBIR) and Small Business Technology Transfer (SBTT) programs. This portal assists in creating effective proposals and understanding language and resources. This page, while accessible, is still in development and will continue to be fleshed out in the upcoming weeks.   

6. Renewing Technology

In the session “I’m charged with Putting a Flux Capacitor in a 1995 Mazda,” Brigadier General of the U.S. Marine Corps and Commanding General of the Marine Corps Installations West Nick I. Brown mentions that whether it is power systems or IT, infrastructure needs to be in place to accept new technology. Much of the DoD’s infrastructure is build on legacy systems or is out of date and needs to be replaced or upgraded before advanced solutions can be put in place. The U.S. Marine Corps is looking for vendors to help with new technology instillations and upgrading existing infrastructure, especially on the West coast. The U.S. Navy is allocating funds to achieve similar goals.  It aims to improve its outdated infrastructure and systems to carry out technology initiatives by the Program Executive Office Digital and support the Navy’s culture of excellence.  

In the session “Why Have a Lambo if You Don’t Have the Road?”, Col. Jared Voneida discussed five major areas that DISA is working on: 

  • Building commercial and Government data centers 
  • Improving theater transport and host nation infrastructure 
  • Fortifying existing cybersecurity infrastructure and Defensive Cyberspace Operations-Internal Defensive Measures (DCO-IDM) 
  • Maintaining command and control of the network 
  • Completing initiatives by 2027 

The Colonel also emphasized the need to divest from legacy time division multiplexing (TDM) infrastructure. While AI and machine learning (ML) has a plethora of uses, until AI/ML software divests from TDM infrastructure, DISA cannot utilize it effectively to assist with their network and data. With updated networks and hardware in place, the Navy and DoD can utilize the newest advanced solutions.  

7. IT at the Center of the Workforce 

To meet the rising demand in recruitment, the Navy has released its new enlisting agent, Robotics Warfare Specialist. With cybersecurity being more at the center of safety, the Navy aims to train more sailors in IT. Additionally, the Navy has released a new enlisted rating, Robotics Warfare Specialist, a new job that helps ensure effective planning and control of autonomous systems.  

8. Improving Productivity by Decreasing Troubleshooting

IT and software issues can lead to lost productivity. RAND Corporation, a research and development nonprofit, recently released a report regarding the viral LinkedIn post “Fix Our Computers” that highlighted user experience challenges with IT systems in the DoD. Their report estimated, on the conservative side, $2.5 billion in lost productivity due to IT and software difficulties.  The Sea Services aim to increase the user friendliness of software to decrease the time lost to troubleshooting. In the sessions “Bringing Enterprise IT to the Edge to Accelerate Innovation,” Captain White of the U.S. Navy attributed the largest productivity gaps to IT teams relying on command line programing. Captain White encourages industries to develop more user-friendly systems that do not rely on command lines.   

9. Compliance is No Longer Enough

In the session “DON CIO Perspective,” Navy CIO Jane Rathbun states that while Authority to Operate (ATO) tells you how secure a system is at that point in time, it does not encourage the readiness mindset that is optimal for protecting cybersecurity. Rathbun encourages switching to continuous monitoring and authorizations of systems, rather than stopping at ATO compliance. Rathbun specifically noted threat analysis and continuous monitoring as areas vendors might be assessed on in the future.  

10. DevSecOps Products that Improve Marine Corps Productivity 

The Marine Corps showcased 11 different products manufactured by the software factory product line related to development, security and operations (DevSecOps).  

Check out details on the products below: 

  • MyCareer – Supports the Manpower Management Enlisted Assignments (MMEA) and aids Marines by monitoring conversations, providing a virtual queue and matching partners based on data on marine preferences 
  • ItemEyes – Provides marine units with a digitized inventory 
  • Sensor Processing Analysis Radar Translation Application (SPARTA) – Hosts data from radar, automatic identification system (AIS) and unmanned systems all in one user-friendly interface 
  • CRUSADER – Controls, processes and detects radar information in one easy to use library 
  • Real-time Alerting, Interference Detection & Electromagnetic Reporting (RAIDER) – Provides real-time alerts for anomalies detected in the electromagnetic spectrum 
  • All-domain Electromagnetic and Radio Organic Trainer (AeroT) Helps Marines simulate and visualize their electromagnetic signature 
  • EXODUS – Provides evacuees located abroad with personal services, such as mobile passport processing 
  • TAK Design System – Helps Marines navigate and build plugins for Tactical Assault Kit (TAK) 
  • ReserveHub Enables Marines to find ideal areas when relocating, boosting retention rates 
  • SnapDB Analyzes pictures taken by unmanned aerial systems (UAS) 
  • J-Series Message Library, Government Open-Source (JSML) – Translates code into J-Series 

Through the developing partnerships between the technology industry and Government as well as Carahsoft and our partners, the DoD can streamline in areas such as artificial intelligence, cybersecurity, DevSecOps, compliance and more. These insights from West 2025 illustrate the Navy and Sea Service’s commitment to continual innovation and maintaining the safety of the nation.  

To learn more about cybersecurity and the defense industry, visit Carahsoft’s defense portfolio to explore solutions showcased at AFCEA’s WEST 2025. For additional research into the key takeaways industry and Government leaders presented at WEST, view Carahsoft’s extensive market research brief for a recap.  

Better Together: How HPE, AMD and Nutanix Empower Modern Enterprises

Posted on by
Reply

The rapid evolution of enterprise technology has made modernization an urgent priority. Businesses today face challenges ranging from complex infrastructure and escalating costs to the rising demands of artificial intelligence (AI) and hybrid cloud environments. Together, Hewlett Packard Enterprise (HPE), Advanced Micro Devices (AMD) and Nutanix provide unified solutions that simplify operations, strengthen security and deliver unmatched performance, empowering organizations to navigate current demands and prepare for the future.


Addressing Market Challenges with Innovation

In a dynamic market where infrastructure complexity and cost pressures are top concerns, the combined expertise of HPE, AMD and Nutanix is driving transformative solutions. Nutanix’s hyperconverged infrastructure (HCI) simplifies multicloud management, enabling organizations to run workloads across on-premises, public and private clouds or colocation sites. With intuitive tools like Prism, Nutanix delivers flexibility, cost efficiency and robust security.

On the hardware side, AMD’s EPYC Central Processing Units (CPUs) have revolutionized the data center market, achieving a 34% market share through scalability (i.e. higher core count options that help reduce server footprint). Designed for diverse workloads, including analytics and hybrid workforce applications, AMD solutions like the 4th Gen EPYC CPUs provide outstanding performance while optimizing total cost of ownership (TCO).

Meanwhile, HPE’s ProLiant DX Gen 11 servers offer fast deployment, tailored configurations and scalable options for diverse business needs. Supported by OpEx models like GreenLake, HPE ensures financial flexibility, making modernization accessible for organizations of all sizes.


Unlocking the Potential of AI

HPE AMD Nutanix Better Together Modern Enterprises Blog Embedded Image 2025

AI is reshaping industries, and the HPE, AMD and Nutanix partnership enables enterprises to meet these infrastructure demands. Nutanix’s HCI platform, paired with AMD’s EPYC CPUs, deliver optimized performance for AI and machine learning (ML) workloads. The Nutanix DX 385 model supports up to four double-wide Graphics Processing Units (GPUs), providing accelerated compute for AI-driven environments. With features like network microsegmentation and automated lifecycle management, Nutanix ensures secure, optimized environments for AI applications.

AMD’s EPYC processors are tailored for AI applications, from small-scale enterprise large language models (LLMs) to large-scale generative AI. High core density and features like Secure Encrypted Virtualization (SEV) ensure robust performance and security. HPE complements this with ProLiant DX servers designed for AI workloads, including their “GPU in a Box” model, which simplifies deployment and scales with demand, making it easier for businesses to meet the demands of AI-driven applications. Together, these technologies provide enterprises with the computational power and flexibility to unlock AI’s potential within hybrid cloud environments.


Simplifying Modernization Across Infrastructure

Modernization is no longer optional—it is a necessity for businesses navigating an evolving IT landscape. Businesses face the dual challenge of balancing legacy infrastructure needs with the demands of the future. HPE, AMD and Nutanix simplify this transition by addressing performance, security, management and integration, ensuring organizations modernize effectively while maintaining operational continuity.

Performance

Nutanix software on AMD EPYC-powered HPE ProLiant DX servers handles workloads like virtualization, analytics, big data and AI/ML with exceptional performance. The 4th Gen EPYC CPUs deliver high performance across metrics including per core and per server, reducing infrastructure costs. High-frequency CPU options enable the provisioning of more virtual machines and workloads without increasing physical cores, ensuring businesses can scale seamlessly as demands evolve. HPE delivers two high-performance NVMe storage options, designed to boost data center performance while ensuring reliability and security. HPE NVMe Mixed Use (MU) SSDs use Peripheral Component Interconnect Express (PCIe) Gen4 to boost performance for Big Data, high-performance computing (HPC) and virtualization with fast transfers and low latency. HPE NVMe Read Intensive (RI) SSDs optimize read-heavy workloads like web servers, storage and caching with high-speed PCIe Gen3 and Gen4.

Security

Nutanix integrates features like automatic auditing, encryption and network microsegmentation to ensure compliance and safeguard IT environments. AMD EPYC processors add another layer of protection with SEV, isolating virtual machines with memory encryption for silicon-level protection. HPE’s Silicon Root of Trust protects firmware from the boot process and continuously monitors the Basic Input/Output System (BIOS), ensuring server integrity and preventing breaches​.

Management

Managing modern IT environments is simplified with Nutanix’s one-click updates and lifecycle management capabilities, which integrate seamlessly with HPE’s Service Pack for ProLiant. Nutanix Prism offers a unified management plane, enabling centralized control for clusters, applications and data. The intuitive management interface reduces complexity, empowering IT teams to handle hybrid cloud environments with ease and efficiency.

Integration

Pre-installed with Nutanix Acropolis OS (AOS), HPE ProLiant DX servers offer out-of-the-box solutions optimized for AMD EPYC processors. These systems support diverse hypervisors, including Nutanix Acropolis Hypervisor (AHV) and third-party options, giving businesses the flexibility to tailor infrastructure setups to specific needs. This collaboration ensures workload-specific performance and seamless integration across various deployment environments, helping businesses modernize without disruption.


HPE, AMD and Nutanix demonstrate the power of collaboration by offering a unified approach to modernization. By combining high performance, robust security, streamlined management and flexible integration, their solutions provide businesses with the tools they need to meet today’s challenges and prepare for tomorrow’s demands. Collectively, they simplify the journey to modernization, proving that they truly are better together.


Discover how HPE, AMD and Nutanix are better together in delivering powerful, secure and scalable solutions for modern enterprises. Watch our webinar, “Modernize Your Infrastructure with HPE & Nutanix – Powered by AMD,” to explore cutting-edge innovations and actionable strategies that transform IT environments.


Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, including HPE, AMD and Nutanix, we deliver solutions for Geospatial, Cybersecurity, MultiCloud, DevSecOps, Artificial Intelligence, Customer Experience and Engagement, Open Source and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Explore the Carahsoft Blog to learn more about the latest trends in Government technology markets and solutions, as well as Carahsoft’s ecosystem of partner thought-leaders.