The Top 5 Insights for Government from HIMSS 2026

Posted on by Tim Boltz

Healthcare and technology leaders convened at the Healthcare Information and Management Systems Society (HIMSS) 2026 conference with a shared sense of urgency as the Federal health ecosystem is undergoing one of its most significant transformations in decades. Across panel sessions, discussions highlighted both the structural challenges and strategic investments shaping Government health agencies, from modernizing public health data infrastructure to addressing long-standing interoperability barriers that have fragmented care delivery.

Five critical insights emerged that define a path toward a more connected, data-driven and patient-centered Federal healthcare system.

Federal AI Policy Is Being Rebuilt Around Coordination, Not Fragmentation

Leaders from the Department of Health and Human Services (HHS) emphasized that agency-by-agency artificial intelligence (AI) experimentation is ending. With dozens of programs across its divisions, HHS has restructured its AI strategy around three coordinated pillars: regulation, reimbursement and research/development.

Historically fragmented efforts created conflicting signals and limited cross-agency innovation. Now, the Secretary’s office serves as an alignment layer, ensuring regulatory decisions at the Food and Drug Administration (FDA), reimbursement policies at the Centers for Medicare and Medicaid Services (CMS) and research investments at the Advanced Research Projects Agency for Health (ARPA-H) are coordinated. The goal is not to expand Government roles, but to remove barriers and accelerate adoption of existing technologies.

The FDA is rethinking how AI-enabled medical technologies are regulated. After authorizing more than 1,000 AI and machine learning products, primarily in radiology but expanding into other domains, the agency recognizes the limits of a pre-market framework designed for static hardware, not continuously evolving software. Leaders described a shift toward lighter pre-market review paired with stronger post-market surveillance, focusing on real-world performance, model drift and patient outcomes. This approach requires new regulatory frameworks and enhanced data-sharing between developers, providers and regulators.

ARPA-H complements this work by funding high-risk, high-reward innovations not supported through traditional mechanisms. Notably, no generative AI (GenAI) technology capable of providing clinical care has received FDA authorization, a gap the agency aims to close. One flagship initiative supports AI systems capable of performing comprehensive physician functions, developed alongside the FDA to establish new regulatory pathways. Additionally, ARPA-H is investing in “supervising agents,” systems that monitor and control deployed AI, addressing the scalability limits of human oversight.

The VIP Sets a New National Standard for Health Data Exchange

The Department of Veterans Affairs (VA) positioned itself as a national convener for interoperability through the Veteran Interoperability Pledge (VIP), which unites leading health systems to improve care coordination for veterans regardless of where they receive care.

Grounded in the Elizabeth Dole Act, the initiative mandates rapid adoption of national interoperability standards across care coordination, benefits, identity matching, quality measurement and public health. VA leaders outlined a layered interoperability model—from foundational standards such as X12, Fast Healthcare Interoperability Resources (FHIR) and Bulk FHIR, to data quality frameworks like Patient Information Quality Improvement (PIQI) and ultimately to advanced analytics and decision support. The key message: interoperability is foundational, but value is created through what is built on top of it.

Operationally, the VIP is already enabling real-world capabilities. The Veteran Confirmation Application Programming Interface (API) allows Electronic Health Records (EHRs) to verify veteran status in real time, supporting eligibility recommendations under the Promise to Address Comprehensive Toxics (PACT) Act and the Comprehensive Prevention, Access to Care and Treatment (COMPACT) Act. Two workgroups are developing recommendations for identity verification and care coordination workflows, targeting submission by the end of March. A structured cadence of monthly plenaries and bi-weekly workgroups ensures continuous alignment between policy, standards and implementation.

Seamless Collaboration Requires Breaking Down Technical and Cultural Barriers

Federal, State and Local leaders underscored that populations served by multiple programs cannot be effectively supported by siloed agencies. Both technical and cultural barriers must be addressed simultaneously.

At the Federal level, CMS, VA and the Indian Health Service (IHA) are advancing shared infrastructure and lowering redundancy. CMS is transitioning from Government-developed systems to commercial platforms, accelerating innovation and enabling AI tools that now reach approximately 80% of its workforce, saving an estimated 5.5 hours per employee weekly. The agency is also adopting a multicloud strategy for resilience and fostering talent pipelines through partnerships with institutions like the University of Maryland.

IHS is undergoing a similar transition to commercial platforms, improving AI integration and expanding access to advanced tools in rural and tribal communities. Enterprise services help ensure equitable access where local technical resources are limited. The VA is modernizing security processes to reduce delays in technology adoption and leveraging physical locations to support identity verification, improving access for veterans struggling with digital enrollment.

Bridging the digital divide also requires workforce and literacy solutions. Baltimore City panelists highlighted the need to translate Federal data into local action, particularly around social determinants of health, including housing and economic mobility. Community health workers were cited as essential connectors and should be integrated into digital strategies from the outset.

Public Health Data Infrastructure Must Shift from Detection to Prediction

The Center for Disease Control (CDC) acknowledged that current public health infrastructure is designed for detection, not prediction. While improvements have been made since COVID-19, a broader transformation is still underway.

The One CDC Data Platform (1CDP) serves as a central hub, enabling flexible data exchange, reusable capabilities and advanced analytics. Its purpose is to shift focus from manual data processing to proactive analysis and decision making. Leaders envision disease forecasting becoming as routine as weather forecasting, with real-time modeling to guide early intervention.

State-level examples illustrate this shift. Illinois is consolidating siloed systems into a unified cloud platform, while addressing cultural resistance to data sharing. Louisiana is focusing on targeted, use-case-driven improvements tied to Medicaid and public health outcomes. Mississippi is prioritizing foundational infrastructure and workforce readiness before scaling analytics. Across all three states, the consensus is clear that interoperability only delivers value when tied to actionable outcomes.

The VA’s NextGen CCN Redesigns Care Delivery at National Scale

Community care is one of the fastest-growing components of the VA healthcare system. Of the 17 million veterans served, roughly 6.3 million use VA healthcare annually, with 2-3 million accessing community providers. Programs introduced through the Choice Act and Maintaining Internal Systems and Strengthening Integrated Outside Networks (MISSION) Act expanded access but created operational and financial complexity.

The Next Generation Community Care Network (NextGen CCN) addresses these challenges through a comprehensive redesign of how the VA manages external care. Expected to launch in early 2027, the program introduces a more competitive ecosystem involving insurers, providers and technology partners.

Key capabilities include improved care coordination, real-time data exchange, standardized quality benchmarks and outcomes-based reimbursement. Interoperability is foundational to these goals, enabling performance measurement and accountability. The program also prioritizes transparency and trust across stakeholders, ensuring a shared understanding of care delivery. Together, these efforts are designed to position the VA to deliver high-quality, fiscally responsible care while continuing to expand access for a veteran population whose demographics and care needs are rapidly evolving.

Charting the Course for Federal Health IT Modernization

HIMSS 2026 reinforced that progress in Federal healthcare requires aligned investment across AI governance, interoperability, cross-agency collaboration, data infrastructure and care delivery redesign. Government health agencies are not simply adding new technologies onto existing systems; they are rethinking how they organize, share data and operate as an integrated ecosystem. Sustained success will depend on aligned standards, cultural transformation and technologies that translate strategy into measurable outcomes.

As Carahsoft, The Trusted Government IT Solutions Provider™, continues supporting Federal health IT modernization, these insights inform how industry can partner with Government to deliver a more connected, data-driven and patient-centered healthcare system.

Explore Carahsoft’s Healthcare Technology portfolio of leading solutions that support Federal healthcare modernization priorities including AI, interoperability, cloud infrastructure and advanced analytics.

Contact the Health IT Team at Healthcare@Carahsoft.com or (571) 591-6080 to learn more.

Why Supply Chain Risk Management is Now a Public Sector Resilience Priority

Posted on by Jeff Ladner

From ransomware disrupting city services to vendor failures impacting school operations, supply chain failures seem to be dominating the headlines lately. Naturally, whether your organization is in the Private or Public Sector, you’ll want to avoid attracting attention for the wrong reasons.

The best way to do that is to prioritize implementing best practices to safeguard critical vendors and services from cybersecurity risks and operational disruptions. In this guide, we’ll cover the NIST framework, how it applies to Public Sector organizations and how you can use NIST best practices to reduce risk and maintain public trust. Even private sector teams increasingly rely on NIST supply chain risk management practices when working with Government partners, especially across information technology environments.

Why Is Supply Chain Risk Management Important?

Managing supplier risk should be a fundamental part of any data-based businesses’ operations, but it’s all the more important for Public Sector organizations, whether that means Federal, State or Local services.

Why? Without clear practices for identifying, assessing and mitigating vendor and operational risk, you could expose your organization to a whole host of potential issues, including:

Financial losses: Even nonprofit organizations depend on reliable financial backing from Governments and other entities. Those revenue streams can be endangered when an overlooked security risk becomes an operational blockage.
Reputational damage: Eroded consumer trust can be as costly as any disruption in service or productivity. When your organization attracts the wrong kind of attention, like for suffering a data breach or failing to fulfill obligations, earning that trust back can be a difficult feat.
Regulatory violations: In worst-case scenarios, failing to catch a supply chain risk before it becomes a major problem can lead to your organization falling afoul of relevant regulations and facing stiff consequences like fines or legal fees.

Learn more: Quick Guide: What is Operational Risk Management?

When Does an Organization Need a Supply Chain Risk Management Framework?

The purpose of using a risk management framework is to standardize the process of identifying, assessing and mitigating potential threats and vulnerabilities to your organization’s supply chain. If your organization’s ability to provide services, attract new users and secure funding would be severely impacted by a potential data breach or supply chain disruption, then you’d most likely benefit from using a framework to ensure consistent supplier security.

State, Local and education (SLED) entities are all the more likely to need a framework for regulating risk assessments and mitigation steps. Since the services provided by such entities are typically essential to a community, it’s that much more important that you take all the necessary actions to secure your supply chain and prevent service interruptions whenever possible.

What Is the NIST Risk Management Framework?

The National Institute of Standards and Technology (NIST) Risk Management Framework (RMF) is the go-to solution public service organizations have been using to mitigate vendor, technology and cybersecurity risks for the last decade. The result of a Federal task force established in 2014 under the Federal Information Security Modernization Act (FISMA), this framework for risk management processes can be used to set standards across Federal agencies and the organizations that work with them.

Today, the NIST framework is a main point of reference for any organization looking to implement a secure and reliable process for managing cybersecurity risks and other potential supply chain issues. The framework is a living document regularly updated to meet the latest challenges in the data privacy space.

Learn more: What is NIST RMF? Risk Management Framework

What Are the NIST Best Practices for Supply Chain Management?

The 2022 revision NIST SP 800-161 offers comprehensive guidelines for handling supply chain risks related to information and communications technology. These recommendations are divided into three main categories: foundational practices, sustaining practices and enhancing practices.

Think of these categories as sequential stages. You’ll need to implement foundational practices before you move on to sustaining practices, and sustaining must come before enhancing.

1. Foundational Practices: Establishing a Process for Supply Chain Risk Management

Some of the best practices recommended in NIST SP 800-161 for creating a foundation for a supply chain risk management process include:

Dedicate a multidisciplinary team to your vendor and technology risk oversight
Create and fill dedicated roles for risk oversight procedures
Gain support from senior leadership to ensure adequate resources
Implement a governance hierarchy and a governance structure
Codify processes for identifying and assessing the criticality of your suppliers, products and services and conducting formal risk assessments, preferably using FIPS 199 impact levels
Establish internal checks and balances for compliance
Integrate risk oversight practices into your policies regarding supplier selection
Raise internal awareness and understanding of the importance of supply chain risk management
Create processes and practices for quality control and consistent development practices

Learn more: Guide: Risk Management Strategies To Future-Proof Your Organization

2. Sustaining Practices: Improving the Efficacy of Your Supply Chain Risk Management

Some of the best practices recommended in NIST SP 800-161 for building on your foundational risk management processes include:

Implement third-party risk assessments
Create a program for monitoring suppliers
Define and quantify levels of acceptable risk
Determine key supplier risk metrics and create procedures for tracking and reporting them
Formalize your information sharing procedures
Establish a training program for vendor risk practices
Integrate supply chain risk management practices into your supplier contracts
Solicit supplier participation in contingency planning and incident response
Collaborate with suppliers to address risk factors
Expand supply chain risk management training to all applicable roles across your organization

Learn more: How to Mitigate Third-Party Risks in Your Supply Chain

3. Enhancing Practices: Predicting Supply Chain Issues Before They Impact Your Business

Some of the best practices recommended in NIST SP 800-161 for building a structured supply chain risk management program include:

Codify processes for quantitative risk analysis, optimize risk response resources and measure your return on investment
Use insights gained over time to identify key risk factors and create predictive strategies to address risks before they arise
Introduce automation into your cybersecurity oversight procedures whenever possible
Join a community of practice where you can improve your cybersecurity risk management practices

Learn more: 5 Reasons Your Company Should Automate Third-Party Risk Management – Onspring

Additional NIST Resources

Organizations implementing a supply chain risk management program often reference several complementary NIST publications, including:

NIST Special Publication (SP) 800-39
NIST SP 800-30r.1
Federal Information Processing Standards (FIPS) Publication 199
NIST SP 800-53

How to Future-Proof Your Vendor Risk Program

It’s impossible to overstate the importance of recognizing and addressing risk factors in your supply chain when your organization is responsible for providing or securing local and state services. The best guide to follow when establishing or enhancing your supplier risk program is the NIST Risk Management Framework. A structured platform can help Public Sector teams manage these challenges more effectively while taking advantage of AI advancements without exposing their organizations to unnecessary risk.

See how Onspring’s platform supports these efforts and get a demo today.

How AI is Reshaping Courts and Legal Operations

Posted on by Michael Shrader

The conversation around artificial intelligence (AI) in the legal system has fundamentally shifted from courts and legal organizations debating whether it belongs in legal environments to how to integrate AI responsibly into daily operations. For courts facing expanding caseloads, staffing shortages and budget constraints, AI-powered legal technologies have become operational tools for improving efficiency, access to justice and administrative effectiveness across the legal lifecycle. While AI can significantly enhance legal workflows, responsibility for judgement, accuracy and decision-making must remain with human professionals.

From Policy Discussion to Practical Adoption

The American Bar Association’s (ABA) Year 2 Report on the Impact of AI on the Practice of Law makes clear that AI adoption in the legal profession has entered a new phase. Early concerns centered on ethics, confidentiality and professional responsibility. Today, the focus has shifted toward responsible deployment, governance and workflow integration where efficiency gains are immediate and measurable. These applications allow courts to redirect limited staff resources toward higher-value legal and judicial work rather than routine manual processes.

Common AI-enabled courtroom use cases already in practice include:

Organizing and searching large volumes of filings, briefs and evidence

Creating unofficial or preliminary real-time transcriptions

Summarizing motions, exhibits and prior case materials

Supporting scheduling, workload analysis and calendar management

This is especially important for Federal, State and Local courts that must maintain service levels despite limited resources. AI-enabled legal technologies provide a validated path to modernizing court operations while preserving judicial independence, transparency and accountability.

Real-World Applications Delivering Value

AI adoption is already producing tangible operational benefits across court systems.

Administrative and workflow automation applications include drafting routine administrative orders and standard court notices, managing scheduling and calendar coordination, conducting workload studies and organizing court documents and filings for improved retrieval. These implementations reduce administrative burden while improving consistency in standard legal processes.

Document review and case support capabilities allow legal teams to summarize briefs, motions, pleadings, depositions and exhibits at scale. AI systems create timelines of relevant events across large case records and assist with legal research when trained on reputable legal authorities. Some implementations identify misstated law or omitted legal authority in filings, though human verification remains mandatory for all outputs.

Transcription, translation and accessibility services are also being rapidly adopted. Courts are generating unofficial or preliminary real-time transcriptions to accelerate case documentation. Systems provide preliminary translations of foreign-language documents and support accessibility services for self-represented litigations navigating complex court procedures. These applications expand access to justice by reducing cost barriers and improving navigation of legal systems for citizens.

Scaling Court Operations Under Budget Constraints

Rising caseloads combined with constrained budgets make AI adoption particularly relevant for Government legal operations. Technology adoption has emerged as the primary driver of scalability for courts that cannot expand head count. By automating manual processes such as transcription, document review, evidence management and research, AI allows existing staff to handle higher volumes while maintaining or improving service quality.

This approach aligns with broader access-to-justice goals highlighted in the ABA report. AI-enabled tools are already helping courts improve case management, streamline dispute resolution processes and support self-represented litigants through better access to information and court services. These gains are particularly impactful for jurisdictions seeking to modernize legacy systems while preserving fairness, transparency and judicial independence.

Human Oversight and Accountability

While AI delivers meaningful efficiency gains, the ABA report stresses that AI-generated outputs may appear authoritative while containing factual or legal inaccuracies. The risk of hallucinations has not been fully resolved in any current generative AI (GenAI) tools. As a result, AI should not replace judges or court staff, nor should it be treated as an authoritative source of truth. Instead, AI should serve as an assistive technology that augments human expertise, improving documentation quality, accelerating research and making information more accessible.

Judicial guidelines outlined in the report reinforce several critical principles:

Judges and attorneys remain fully responsible for accuracy and legal reasoning

AI-generated content must always be reviewed for correctness and relevance

Overreliance on AI can introduce risks such as automation bias or misinformation

Courts adopting AI must establish clear governance frameworks that address privacy, security, transparency and oversight. Human verification of AI outputs is essential to ensuring that AI enhances documentation quality and accelerates legal research without compromising accuracy, professional responsibility and public trust.

Responsible Adoption Through Trusted Procurement

The ABA emphasizes that responsible AI adoption is not optional; it is a leadership responsibility. Human oversight, ethical use policies and ongoing evaluation remain essential to ensuring AI strengthens, rather than undermines, trust in the justice system.

Carahsoft, The Trusted Government IT Solutions Provider®, works with leading legal tech software providers to help Federal, State and Local courts modernize legacy systems, reduce administrative burden and implement AI responsibly at scale. By making these technologies accessible through trusted procurement vehicles, Carahsoft enables courts and Government legal organizations to adopt AI while aligning with established legal, ethical and operational requirements.

AI is not a substitute for legal expertise, but it is quickly becoming an indispensable tool for courts seeking efficiency, consistency and scalability. By procuring AI solutions through Carahsoft, Government courts can ensure their modernization demands will be met while maintaining legal and ethical standards. As AI continues to reshape legal operations, organizations that pair technology deployment with clear governance, training and accountability frameworks will be better positioned to deliver improved services to the public.

Ready to explore AI-enabled legal technology solutions? Explore Carahsoft’s Legal & Courtroom Technology Solutions portfolio or take a Self-Guided Tour.

Contact Carahsoft’s team at LegalTech@carahsoft.com to discuss AI solutions tailored for your organization’s needs.

Unified Financial Intelligence: Why Government Finance Teams Have a Data Foundation Problem, Not a Data Problem

Posted on by Rolf Heimes

How Incorta, Google and Carahsoft help State, Local, education and Federal civilian agencies move from slow close cycles to real-time, AI-ready financial insight

I spend a lot of my time talking with Government finance leaders—CFOs, comptrollers, budget directors—and the conversation almost always starts with AI and ends with data. Almost every agency I talk to eventually runs into the same wall: their data isn’t ready. As we move toward agentic AI—AI that takes actions and makes decisions on its own, not just answers questions—the demands on that foundation multiply fast. Until it’s right, AI remains a slide in a strategy deck. That’s the problem Incorta was built to solve.

Nowhere is this more obvious than in Public Sector financial management, where the stakes are high, the infrastructure is often decades old and the expectation for transparency has never been greater. If we want to talk seriously about Unified Financial Intelligence in Government, we have to talk seriously about the data brain underneath it—the trusted, real-time, contextual foundation that AI agents depend on to make accurate, explainable decisions. Without it, you don’t have an AI problem. You have a data problem dressed up as one.

The Real Bottleneck: Government Finance Needs a Data Brain

Public Sector finance teams are under more pressure than ever: leaner budgets, post-pandemic fiscal gaps, enrollment volatility and a mandate to do more with less. New White House and OMB directives are accelerating the AI timeline—agencies are being asked to demonstrate AI-ready infrastructure now, not in a future budget cycle.

For CFOs, comptrollers and finance teams, that pressure is concrete. Close cycles still take days or weeks. Analysts spend more time gathering data than using it. When leadership questions a number, the answer is “let me pull it manually”—because the system shows aggregates, not the transactions behind them.

The root cause isn’t a lack of tools or talent. Financial data is scattered across GL, procurement, grants, payroll and project systems—each with its own codes and timing—and traditional ETL strips out the very context that makes it useful. That’s the data brain problem.

What the Data Brain Has to Deliver

For finance, AI isn’t about prettier dashboards. It’s about answering hard questions: why did this variance occur? Where are the early signals of fraud, waste or abuse? What does next quarter look like if this assumption changes? To answer those credibly, AI needs a data brain.

That data brain has to deliver three things: granularity (100% transactional detail), timeliness (near real-time, not last week’s batch) and context (preserved relationships—purchase orders to vendors, funds to appropriations, payroll to projects).

Traditional ETL gives you the opposite of a data brain: summarized, stale data stripped of business logic. When you layer AI on top of it, the model fills in the gaps—and for Government finance, that’s not a technical problem. If an AI-assisted answer can’t be traced back to the exact transaction, your auditors and oversight bodies won’t accept it.

That’s how you get hallucinations instead of financial intelligence.

The “AI problem” and the “data problem” in Government finance are actually the same problem. Build the data brain, and Unified Financial Intelligence follows.

What Changes When You Have a Data Brain

Take a Federal civilian agency we worked with: 24-hour data refresh cycles, manual reconciliation, spreadsheets and email chains just to close the books. Analysts spent most of their time getting data into a usable format—not using it.

After implementing Incorta with Google Cloud, that agency went from 24-hour to 15-minute data refreshes for key financial subject areas.

From periodic close to continuous audit. Anomalies surface in near real-time—before they snowball, not after month-end.
From “check the dashboard” to “follow the data.” The CFO questions a number; the analyst drills to the exact transaction, in the same environment.
From data gathering to value creation. Analysts shift from reconciliation to scenario modeling and real decisions.

That’s Unified Financial Intelligence with a data brain underneath it: full, timely, contextual access to the truth—and the time to actually use it.

How Incorta Builds the Data Brain

The traditional path to modernizing financial data in Government is measured in years and eight-figure budgets—and most of us have seen how that story ends. At Incorta, we took a different approach: build the data brain for Government finance on Google Cloud without requiring agencies to tear out what’s already there. Three pillars make that possible:

Direct access to ERP data in its native form – Incorta connects directly to Oracle EBS, Oracle Fusion, SAP and Workday, ingesting data in its native schema—no heavy transformation, no lost business context.
Prebuilt blueprints for Public Sector financial systems – A library of prebuilt blueprints captures how ERP tables relate, how funds and projects are structured and how to translate that into analytics-ready models—removing months of data engineering work.
Landing it all in Google BigQuery for AI-ready analytics – The result is a production-ready financial data brain in Google BigQuery—granular, near real-time and fully contextualized—standing up in weeks, not months or years, with Gemini for Government and agentic AI tools ready to operate on top.

On top of this, Incorta layers AI-powered insights with built-in hallucination mitigation, role-based access controls, audit trails and mirrored source system permissions—so agencies can scale AI without sacrificing governance.

Carahsoft plays a crucial role in this story by making it easy for agencies to get started—through existing contract vehicles and the Google Cloud Marketplace—without embarking on another risky, bespoke IT project.

Where State, Local, Education and Federal Civilian Finance Teams Are Starting

State budget offices need real-time visibility into appropriations and fund balances—so leadership responds to revenue shifts, not monthly reports. Local Governments want to move from reactive spreadsheets to proactive scenario planning and cleaner audits. Education finance teams need unified views of budgets, grants and financial aid to navigate enrollment volatility. Federal civilian CFO offices are pursuing continuous close and early AI-driven detection of fraud, waste and abuse. In every case: build the data brain first, and the downstream AI use cases become operational, not experimental.

Getting Started Doesn’t Have to Be a Multi-Year Commitment

One of the most consistent concerns I hear is: “We’ve been burned by big data projects before. We can’t sign up for another multi-year transformation.” That hesitation is completely rational—and it’s exactly why we’ve structured our approach with Google and Carahsoft to deliver value in weeks, not years.

A practical entry point is a Unified Financial Intelligence Modernization Assessment—a focused engagement to assess your ERP landscape, map how your data lands in BigQuery (secure, governed, auditable) and define a 60- to 90-day outcome that shows what the data brain delivers in your environment.

Incorta is available through Carahsoft on the Google Cloud Marketplace—most agencies can use existing contracts and cloud commitments to get started, no new RFX required.

The Bottom Line

State, Local, education and Federal civilian finance teams don’t need another dashboard. They need the data brain that makes Unified Financial Intelligence possible—access to all of their financial data, in near real-time, with full business context, so they can shift from gathering data to actually using it.

That’s what Incorta, Google and Carahsoft are building together for Government. In an environment where agencies are being asked to do more with less, standing up that data brain in weeks rather than years isn’t just a nice-to-have. It’s the difference between a finance function that’s keeping up and one that’s falling behind.

→ Request a live Agentic AI demo — see Incorta + Google in action on your mission data.

→ Try free for 30 days on Google Cloud Marketplace — software free; infrastructure costs may apply.

→ Get started with the Unified Financial Intelligence Modernization Assessment — map your data brain and define a 60- to 90-day outcome.

Ready to explore what real-time financial intelligence looks like for your agency? Learn more about Incorta’s Government solutions on Carahsoft’s Incorta microsite. Watch our joint Incorta + Google session on AI-ready financial data for Public Sector.

Contact the Carahsoft Team ☎ (703) 871-8548 | ✉ incorta@carahsoft.com

Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, including Incorta, we deliver solutions for Geospatial, Cybersecurity, MultiCloud, DevSecOps, Artificial Intelligence, Customer Experience and Engagement, Open Source and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Explore the Carahsoft Blog to learn more about the latest trends in Government technology markets and solutions, as well as Carahsoft’s ecosystem of partner thought-leaders.

Integrated Threat Hunting: A Smarter Path for Stretched Federal SOCs

Posted on by Richard Verwers

Why visibility, automation and collaboration are now mission-critical

Federal Security Operations Center (SOC) teams are under relentless pressure. Teams are increasingly stretched thin as agencies grapple with AI-enhanced threats, Zero Trust requirements and operational mandates like FISMA 2.0. Despite limited staff and growing workloads, though, the mission remains clear: defend critical infrastructure, secure sensitive data and maintain compliance.

For split-second contexts in the face of critical alerts, fragmented tools and siloed data only make matters worse. Analysts lose time switching between platforms. Revalidating and responding to quickly escalating threats takes time away from mission continuity.

Federal SOCs require integrated, intelligence-driven platforms that support end-to-end threat visibility, rapid response and secure information sharing.

Modern Federal SOCs Face Mounting Challenges

Staffing shortfalls are now a systemic issue. The cybersecurity talent gap currently exceeds 5.5 million unfilled roles globally, with Federal agencies competing for a shrinking pool of qualified professionals.

Meanwhile, tool sprawl and console fatigue complicate workflows. Analysts must juggle multiple platforms to correlate data, validate incidents and track lateral movement all while meeting increasingly complex compliance reporting mandates.

Agencies must also contend with:

AI-generated malware that evades signature-based detection
Expanding attack surfaces from hybrid environments and remote endpoints
Escalating compliance expectations tied to FISMA modernization, OMB M-24-14 and Zero Trust architecture maturity

To keep pace, teams need tools that consolidate, correlate and streamline.

Real-time Response Enhances SOC Agility

Threat impact is defined by the time it takes to respond properly. Delayed containment leads to higher costs and increased exposure. That’s why real-time response is now essential to any defensible cybersecurity posture.

Modern endpoint detection and response (EDR) platforms allow teams to:

Isolate compromised endpoints instantly
Terminate malicious processes at the source
Prevent data exfiltration in-flight
Apply automated playbooks for repeatable, standards-based remediation

These capabilities reduce manual intervention and align with CISA’s SOAR guidance, enabling SOCs to act swiftly within a Zero Trust model. For Federal teams, this also supports audit-readiness with timestamped forensic records that meet FISMA and OMB compliance requirements.

Unified Telemetry Accelerates Threat Hunting

Siloed data weakens an analyst’s ability to detect patterns and perform deep investigations. By unifying endpoint telemetry across devices and environments, teams gain access to richer datasets and longer retention windows for root cause analysis.

Carbon Black EDR captures high-fidelity endpoint activity and retains up to 180 days of telemetry, letting teams uncover threats that may have originated weeks or months prior.

With behavior-based analytics, SOCs can move past static signatures and detect anomalies faster. This involves pinpointing lateral movement, privilege escalation and indicators of compromise before damage escalates.

Collaboration and Data Sharing Reduce Operational Risk

Cybersecurity is a team sport, but without integrated data sharing, even the best defenses can fall short. Fragmented environments limit visibility, making it difficult to act on shared intelligence across tools and agency teams.

Integrated platforms streamline threat intelligence sharing through features such as:

The Carbon Black Data Forwarder, which simplifies integration with SIEM/SOAR platforms
API-driven data sharing that supports automation and collaboration
Compatibility with Zero Trust frameworks, particularly the Device Pillar of OMB M-24-14

With cross-environment visibility and collective learning, SOC teams can improve incident response while advancing cybersecurity maturity across the agency.

Work Smarter, Not Harder

Federal SOCs face high-stakes situations where time and clarity are critical and impact lives in real time. Every alert demands focus. Every decision must be defensible. To operate effectively under pressure, teams need platforms that reduce noise, unify workflows and enable smart action.

Carbon Black and Carahsoft help Federal teams do more with less. We empower analysts with the real-time insights and interoperability they need to protect what matters most.

Contact us to learn how your agency can simplify threat detection, response and collaboration with Carbon Black EDR.

Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, including Broadcom, we deliver solutions for Geospatial, Cybersecurity, MultiCloud, DevSecOps, Artificial Intelligence, Customer Experience and Engagement, Open Source and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Explore the Carahsoft Blog to learn more about the latest trends in Government technology markets and solutions, as well as Carahsoft’s ecosystem of partner thought-leaders.

Top 10 DevSecOps Events for Government in 2026

Posted on by Rich Savage

As Federal, State and Local agencies accelerate their modernization initiatives, DevSecOps has evolved from an emerging practice to a mission-critical capability. Integrating security at the speed of development is a foundational requirement for agencies seeking to deliver innovative services while maintaining rigorous compliance and protecting sensitive data. Carahsoft Technology Corp., The Trusted Government IT Solutions Provider®, has been at the forefront of this transformation, serving as the central hub connecting Government agencies with the industry’s leading DevSecOps solutions, platforms and expertise. Through our extensive partner ecosystem and Government contract vehicles, we enable Public Sector organizations to operationalize secure software delivery at scale. The events below represent essential opportunities for Government IT leaders, developers, security professionals and acquisition teams to explore cutting-edge DevSecOps methodologies, connect with mission-focused innovators and gain actionable insights that can be immediately applied to their agency’s secure delivery transformation.

RSA Conference

March 23-26 | San Francisco, CA | In-Person Event

In 2026, the theme “The Power of Community” underscores that effective DevSecOps is a collaborative effort between people, processes and technology. As Government agencies work to meet modern mandates, integrating security at the speed of development is now a mission requirement. The RSA Conference provides a vital forum for Public Sector professionals to explore how automation, artificial intelligence (AI) and community-driven innovation can secure the software supply chain and accelerate digital transformation.

Sessions to look out for:

How to Secure Containerized Applications from Supply Chain Attacks

Chainloop: Inside Modern Software Factory: Why Bolted-On Security Fails in the AI Era

Techstrong Seminar: AI NativeDev and the Next Evolution of DevSecOps

Carahsoft serves as the central hub for the Public Sector community at RSA, beginning with the 13^th Annual RSA Public Sector Day on Monday, March 23^rd. Sessions will focus on FedRAMP cloud architectures, Cybersecurity Maturity Model Certification (CMMC) compliance and modernizing state cyber defenses. We invite our partners and Government customers to join us at this dedicated forum to discuss mission-specific challenges and network with the leaders shaping the future of Public Sector security. To facilitate cross-agency networking, Carahsoft will host our signature Public Sector Reception on Tuesday evening, March 24^th, providing a dedicated venue for Federal, State and Local officials to connect with peers and explore tailored solutions for their specific mission requirements.

F5 AppWorld Public Sector Symposium

April 8-10 | McLean, VA | In-Person Event

This event serves as a dedicated gathering for IT, DevSecOps, cloud and application delivery professionals in the Government community. Hosted by F5, the symposium brings together Public Sector leaders, solution architects, engineers and ecosystem partners to explore strategies for securing, scaling and optimizing modern applications, Application Programing Interfaces (APIs), hybrid networking and cloud environments. Attendees will experience hands-on labs, customer success stories and deep-dive sessions led by F5 experts that cover topics such as AI-driven application protection, hybrid multicloud networking, Zero Trust strategies and modernizing legacy systems. This symposium provides Government professionals with the opportunity to sharpen technical skills, engage with real-world use cases and connect with a community focused on advancing mission outcomes through secure, high-performing application infrastructure.

Carahsoft is proud to serve as the host sponsor of F5 Public Sector Symposium 2026, bringing together Government IT, DevSecOps, networking, cloud and application delivery professionals with the experts and technologies that enable mission success. As F5’s trusted Public Sector distributor and a long-standing partner, Carahsoft connects Federal, State and Local agencies with F5 solutions that secure, scale and optimize application delivery across hybrid and multicloud environments. Attendees are encouraged to visit Carahsoft and our ecosystem of partners on the symposium floor to explore Government-ready tools, engage with technical demonstrations and discuss how secure delivery practices can be operationalized within agency programs.

Team ’26 by Atlassian

May 5-7 | Anaheim, CA | In-Person Event

This conference brings together the global community of practitioners and leaders at the Anaheim Convention Center to explore the future of modern teamwork. For DevSecOps professionals, this conference is a vital touchpoint for learning how to bake security and compliance directly into the developer experience. As agencies scale their collaborative environments, this conference highlights the tools and methodologies needed to bridge the gap between building software and maintaining a rigorous security posture. Attendees can expect interactive learning sessions with hands-on guided exercises, demos, best practices and Q&A with Atlassian product experts designed to deepen practical knowledge on agile planning, workflow automation and modern delivery practices, as well as breakout sessions and panels on scalable teamwork exploring how teams solve real-world challenges with Atlassian tools.

Carahsoft serves as the primary Government aggregator for Atlassian‘s full suite of collaboration, agile and development tools, enabling Public Sector organizations to modernize teamwork and software delivery practices. Through our dedicated Atlassian team, Carahsoft works closely with Federal, State and Local agencies to streamline access to Atlassian solutions via a wide range of Government contract vehicles, helping agencies maximize the value of their Atlassian investments highlighted at Team ’26.

Red Hat Summit

May 11-14 | Atlanta, GA | In-Person Event

Registration for Red Hat Summit 2026 is now live. The event will convene thought leaders, practitioners and IT pioneers to explore innovations in DevSecOps, AI, hybrid cloud, automation and emerging technologies. For Public Sector agencies, this event is the premier destination to learn how to operationalize DevSecOps through hybrid cloud and automation. The 2026 agenda is built around providing technical depth and “beyond the basics” insights to help agencies maximize their investments in secure, scalable infrastructure. Key areas of focus will include application of Red Hat Technologies, AI and emerging tech, community and team innovation and development best practices.

As a continued sponsor for 2026, Carahsoft will host a 10×10 exhibit in the expo hall. Public Sector attendees can connect with Carahsoft’s Red Hat team throughout the week to explore how open source, hybrid cloud and secure platforms are enabling modernization across their agencies. Planning to attend? Contact the Red Hat team at redhatmarketing@carahsoft.com for strategies to support your IT initiatives and make the most of your time onsite.

Offset Symposium by Second Front Systems

May 14 | Washington, D.C. | In-Person Event

This symposium brings together Government leaders, technologists and mission-focused innovators to explore how emerging software capabilities can be securely delivered to the warfighter at speed and scale. Through expert-led discussions, real-world use cases and collaborative conversations, this symposium highlights how Government and industry can work together to accelerate outcomes while maintaining compliance, security and mission alignment. This event serves as a critical forum for defense and civilian agencies seeking to understand how modern DevSecOps practices can support national security objectives and operational readiness.

Carahsoft is proud to serve as a sponsor of this event, supporting meaningful collaboration between Government and industry to advance mission-ready software solutions for the Department of War (DoW) and Federal agencies. As a leading aggregator of innovative DevSecOps technologies for the Public Sector, Carahsoft connects defense and civilian agencies with the platforms, tools and expertise needed to accelerate secure software delivery in mission-critical environments. We encourage Government attendees to engage with Carahsoft representatives and our ecosystem of partners at the symposium to explore how our Government contract vehicles and technical expertise can help operationalize the secure delivery practices and emerging capabilities discussed throughout the event.

DevOpsCon by devmio

June 1-5 | San Diego, CA | Hybrid Event

This premier global conference series brings together IT professionals, software engineers, cloud architects and DevSecOps practitioners to explore the forefront of modern software delivery. Attendees will gain deep insights into DevSecOps best practices, Continuous Integration/Continuous Delivery (CI/CD), cloud and Kubernetes adoption, platform engineering, observability and automation workflows through expert-led sessions, hands-on workshops, bootcamps and interactive learning experiences. With tracks covering DevSecOps and cloud security, CI/CD pipeline optimization, Kubernetes ecosystem advancements and leadership strategies for scaling DevOps in enterprise environments, this conference equips Public Sector and industry teams with the knowledge needed to accelerate secure software delivery and operational excellence.

Sessions to look out for:

From Perimeter Security to Continuous Trust: Practical DevSecOps for Cloud-Native Platforms

CI/CD Workshop: From Zero to Continuous Integration and Continuous Delivery

AI-Driven Observability for Reliable Kubernetes Systems: From Incidents to Self-Healing Infrastructure

Through our deep relationships with DevSecOps technology partners and solutions providers that participate in DevOpsCon, Carahsoft helps Public Sector agencies engage with the latest methodologies in CI/CD automation, Kubernetes orchestration, cloud-native security and platform engineering. Our extensive partner ecosystem and contract vehicles make it easier for Government IT leaders to adopt the innovations showcased at DevOpsCon and accelerate their secure delivery transformations.

Carahsoft’s DevSecOps Conference

July 28 | Reston, VA | In-Person Event

Carahsoft is excited to announce the fourth annual DevSecOps Conference, an in-person forum dedicated to advancing secure software delivery across the Public Sector. As Government agencies continue to modernize their digital infrastructure, this event serves as a critical meeting point for Government leaders, systems integrators and industry thought leaders to discuss the latest updates in the evolving DevSecOps landscape. By bringing together diverse perspectives, this conference ensures that agencies are equipped to implement security and compliance at every stage of the development lifecycle. Attendees will benefit from a full day of keynote addresses, panel discussions, lightning rounds and networking opportunities focused on mission-critical DevSecOps topics, including secure automation pipelines, DevSecOps and AI integration, cloud security and compliance and cross-agency software delivery transformation. The program will feature a robust agenda of supporting panels and technical sessions designed to provide attendees with a comprehensive look at modern software development, from exploring cloud-native architectures to refining CI/CD pipelines.

Carahsoft proudly hosts the DevSecOps Conference 2026 as a signature event designed specifically for the Government DevSecOps community. As the premier Government IT solutions provider and trusted aggregator for DevSecOps technology partners, Carahsoft convenes Public Sector leaders, industry specialists and integrators to share insights, explore innovations and advance secure software delivery practices. Through this conference, Carahsoft showcases the breadth of capabilities available through our partner ecosystem and contract vehicles, helping agencies accelerate their DevSecOps journeys and operationalize secure, scalable software development across mission environments. Check out our event site closer to the date for more information. If you are a vendor interested in sponsorship opportunities, please reach out to us at DevSecOpsMarketing@Carahsoft.com.

Black Hat USA

August 1-6 | Las Vegas, NV | In-Person Event

Black Hat USA 2026 remains the world’s leading stage for cutting-edge information security research and highly technical training. For DevSecOps professionals, this event is vital for maintaining the integrity of the Software Factory against emerging vulnerabilities. While many events focus on building and deploying applications, Black Hat offers a unique “hacker’s eye view,” enabling Public Sector attendees to identify better, understand and remediate risks across CI/CD pipelines and cloud-native environments before they can be exploited. Attendees can expect hands-on security trainings for developers and engineers, technical briefings on application, cloud and infrastructure security and Arsenal tool demonstrations.

Throughout Black Hat week, Carahsoft brings together members of the Government community and industry partners to foster collaboration and knowledge sharing. A major highlight for the Government community is the Carahsoft Public Sector Reception held on Wednesday, August 5^th. This exclusive event provides a dedicated venue for Federal, State and Local officials to network with industry peers and discuss how to apply the conference’s research findings to their specific mission requirements.

Conf42 DevSecOps Conference

October 15 | Online Event

Conf42 DevSecOps 2026 is a free, online conference dedicated to advancing secure software delivery practices. It brings together DevSecOps practitioners, engineers and security advocates from around the world to share practical insights and technical lessons learned across cloud security, automation, CI/CD pipeline practices, governance, identity management and vulnerability remediation. The event is designed for anyone involved in balancing speed and safety in modern DevSecOps workflows and emphasizes community-driven, thoughtful content over sales-focused presentations. Last year’s highlights included thoughtful DevSecOps keynotes and talks featuring expert insights on embedding security into development pipelines, practical technical content across tracks spanning AI, cloud, infrastructure, security and transformation and community and industry perspectives showcasing real-world examples from practitioners in diverse environments.

Carahsoft recognizes Conf42 DevSecOps 2026 as an accessible and valuable virtual forum for Government DevSecOps professionals to engage with a global community focused on secure software delivery at scale. Through our broad partner ecosystem, Carahsoft enables Public Sector teams to connect with expert insights and community-led innovation showcased at Conf42. Government attendees can leverage these engagements and Carahsoft’s Government contract offerings to adopt, implement and scale DevSecOps practices within their mission environments.

Gartner IT Symposium/Xpo

October 19-22 | Orlando, FL | In-Person Event

The Gartner IT Symposium/Xpo is one of the most influential global conferences for Chief Information Officers (CIOs), senior IT executives and technology leaders shaping enterprise and Government IT strategy. The North America event convenes thousands of attendees each year to explore Gartner’s latest research, frameworks and guidance across digital transformation, cloud adoption, cybersecurity, AI, data and modern software delivery. For Public Sector DevSecOps leaders, this symposium provides strategic insight into how secure software development, platform engineering and cloud-native practices align with broader agency modernization goals. Attendees gain executive-level perspectives on scaling technology initiatives, managing risk and operationalizing innovation across complex environments, making the event particularly valuable for leaders responsible for Software Factories and enterprise DevSecOps programs.

Carahsoft highlights Gartner IT Symposium/Xpo 2026 as a strategic forum for Government technology and DevSecOps leaders to connect with research-driven insights and hands-on solution innovation. With a broad ecosystem of Carahsoft partners sponsoring, exhibiting and presenting across the IT Xpo, Government attendees will have the opportunity to engage with technologies that support secure collaboration, cloud modernization, automation, threat-aware delivery and scalable software engineering. Carahsoft’s Government contract vehicles and expert partner network make it easier for Public Sector agencies to adopt and operationalize the solutions and strategic guidance featured throughout the week.

OWASP Global AppSec USA

November 2-6 | San Francisco, CA | In-Person Event

OWASP Global AppSec USA 2026 is the flagship U.S. conference hosted by the Open Web Application Security Project (OWASP). This multi-day event brings together application security professionals, developers, researchers and DevSecOps practitioners to explore the latest strategies, tools and community-driven innovations that improve software safety and secure development practices. Attendees can engage with leading experts, participate in technical workshops, explore the latest open source security tools and collaborate with peers on addressing critical application security challenges.

Carahsoft highlights OWASP Global AppSec USA 2026 as a must-attend event for Government DevSecOps and secure development teams because it brings together the leading community, open source project maintainers and solution providers shaping modern application security practices. With an active roster of Carahsoft partners sponsoring and exhibiting on the expo floor, Government attendees can explore hands-on demos, engage in technical discussions and discover tools that help integrate security throughout the software delivery lifecycle. Through Carahsoft’s ecosystem and Government contract vehicles, agencies can more easily adopt and operationalize the innovative AppSec solutions and insights featured at Global AppSec.

KubeCon + CloudNativeCon North America

November 9-12 | Salt Lake City, UT | In-Person Event

This event remains the premier gathering for Kubernetes and cloud-native practitioners across the global open source ecosystem. Hosted by the Cloud Native Computing Foundation (CNCF), this multi-day conference brings together thousands of developers, Site Reliability Engineers (SREs), platform engineers and DevSecOps professionals to share real-world learnings, explore emerging technologies and collaborate on advancing secure, scalable cloud-native application delivery and operations. Attendees will benefit from deep-dive technical talks, maintainer-led breakout sessions, lightning talks, co-located project days and hands-on workshops focused on Kubernetes, microservices, observability, CI/CD, automation and cloud-native security. Last year’s highlights included hands-on trainings and workshops providing practical, instructor-led learning opportunities focused on Kubernetes operations, technical breakouts and maintainer-led talks showcasing the latest advancements across the CNCF ecosystem and the Project Pavilion and Expo Hall serving as a central hub for collaboration.

Carahsoft encourages Government DevSecOps and cloud engineering teams to engage with our extensive ecosystem of cloud-native and DevSecOps partners exhibiting and sponsoring KubeCon + CloudNativeCon North America 2026. Across the expo floor, Carahsoft partners will showcase solutions that support Kubernetes security, containerized application delivery, observability, CI/CD automation and platform engineering. By connecting with these partners onsite, Public Sector attendees can explore how trusted, Government-ready technologies within the CNCF ecosystem can help modernize and secure cloud-native environments.

As DevSecOps continues to mature across the Public Sector, these events represent essential opportunities for Government IT leaders, developers, security professionals and acquisition teams to stay at the forefront of secure software delivery innovation. From hands-on technical workshops to strategic executive briefings, each gathering offers unique value tailored to different aspects of the DevSecOps journey. Whether you are just beginning to build out your software factory, refining CI/CD pipelines or leading enterprise-wide DevSecOps transformation, these events provide the insights, connections and solutions needed to advance your agency’s mission. Carahsoft is committed to supporting the Government DevSecOps community through our extensive partner ecosystem, Government contract vehicles and active participation at each of these events. We encourage you to attend, engage and leverage these opportunities to accelerate your secure delivery capabilities.

To learn more or get involved in any of the above events, please contact us at DevSecOpsMarketing@Carahsoft.com.

For more information on Carahsoft and our industry-leading DevSecOps technology partners and events, visit our DevSecOps solutions portfolio.

The Federal 100 Signals Optimization in Federal IT

Posted on by Craig Abod

The Federal 100 reflects more than individual achievement; it reveals how technology is fueling great things in Federal Government. Serving as a judge this cycle provided a front-row view of the work happening across agencies and the priorities shaping it.

Optimization had been a stated priority for years. Over the past cycle, it became visible in day-to-day decisions. Leaders were recognized for tightening how technology environments operate: setting clearer enterprise direction, reinforcing shared standards and embedding modernization into routine governance.

That shift showed up across security, acquisition, data strategy and workforce systems. Programs moved beyond isolated efforts and began operating with greater cohesion across components.

That pattern was especially visible in national security organizations.

Many of this year’s honorees came from Defense, DHS and Energy. When agencies responsible for the nation’s most demanding missions lead in enterprise alignment, platform standardization and structured governance, it signals that these practices are no longer experimental. They are operational. They are institutional. And they are delivering measurable mission impact.

Enterprise Leadership Drove Alignment

The leaders who stood out had enterprise reach. They worked across organizational boundaries and aligned components around shared priorities.

That leadership showed up in measurable ways: faster ATO approvals, stronger FedRAMP execution and authorization built into delivery rather than added at the end. Identity now anchors security strategy, reinforcing Zero Trust and allowing bureaus to operate on common foundations.

What this means for the vendor community:
Agencies are aligning at the enterprise level and across organizations. Solutions that integrate across components and scale cleanly will move more easily.

Optimization Became the Operating Model

Optimization is now part of how agencies operate. Leaders are simplifying architectures, cutting duplicated data and strengthening shared platforms so systems connect without unnecessary friction. Unnecessary data movement and storage are being designed out of the system rather than absorbed as the cost of doing business.

The impact was measurable:

Identity consolidation lowered integration complexity
Multi-cloud strategies improved resilience
Enterprise data fabrics reduced duplication
Shared platforms supported multiple bureaus

What this means for the vendor community:
Agencies need solutions built to integrate cleanly and minimize unnecessary data movement.

AI Moves from Pilot to Program

AI is no longer confined to experimentation. Programs that began as pilots are gaining executive ownership and defined accountability.

For the first time, Chief AI Officer roles were recognized, reflecting formal accountability for the deployment and governance of AI. That shows AI is maturing into the same category as cybersecurity and cloud: a capability that requires strategy, standards and sustained leadership.

What this means for the vendor community:
Fast Proof-of-concepts with a plan to move into production is important. Solutions must support enterprise integration and sustained use.

The Rules of Government Buying Are Changing

Several of this year’s leaders are literally rewriting the rules of Government buying. The FAR rewrite reshapes the governing framework, and OneGov pushes a long-promised goal into practice: aligning agencies around shared buying strategies instead of fragmented procurements. Expanded use of OTAs and CSOs rounds out the shift by speeding access to new technology.

The combined effect is a more coordinated, more flexible acquisition environment.

What this means for the vendor community:
Vendors who understand enterprise procurement strategies, regulatory shifts and alternative purchasing pathways will be best positioned to support their customers effectively.

Workforce Modernization Is Delivering Results

Workforce systems are undergoing substantive modernization. Agencies are eliminating long-standing backlogs and delivering near real-time workforce data to leadership.

Modernization is extending into core business operations and strengthening how agencies hire, manage and support their people.

What this means for the vendor community
Demand is strong for secure, scalable workforce platforms that integrate with enterprise systems and deliver timely insight.

Emerging Technologies Are Strengthening the Mission Edge

Advanced capabilities are being deployed with clear mission impact. Autonomous systems are extending operational reach. Operational technology security efforts are hardening critical infrastructure. Post-quantum planning is addressing future cryptographic risk. High-performance computing is accelerating analysis and modeling tied directly to national priorities.

These efforts reflect growing confidence in deploying advanced technology within demanding mission environments.

What this means for the vendor community:
Government is embracing new and emerging technologies. This shift creates significant opportunities for vendors prepared to innovate and adapt to changing procurement models.

What This Signals for the Year Ahead

Federal IT is operating with greater urgency and focus, with speed and mission impact as top priorities.

Enterprise leadership coordinates large organizations. Optimization shapes architecture decisions. AI has named accountability. Acquisition frameworks are being revised. Workforce and emerging technologies are delivering measurable outcomes.

The leaders recognized this year are shaping how Government will function over the next decade, not just how it will deploy the next tool. Congratulations to all the winners.

Securing AI Adoption in Government: From Mandates to Implementation

Posted on by Liz Burrows

One of today’s top trends is artificial intelligence (AI), specifically how the Public Sector can adopt it while maintaining the security, governance and oversight essential for mission-critical operations. With AI jumping from number three to one on Federal Chief Information Officers’ (CIO) priority lists and 80% of CIOs under explicit cost savings mandates, the question is no longer whether to deploy AI but how to do so securely at scale.

The recent overhaul of the Federal Acquisition Regulation (FAR) marks the most significant rewrite in over 40 years, fundamentally shifting how Federal agencies operate and procure technology. As generative AI (GenAI) deployments move into mission-critical environments, agencies need practical frameworks that balance speed with verification.

Moving From Speed to Velocity

As The Public Sector enters the age of AI, with $4 trillion in Private Sector investment in data centers, agencies face a fundamental design challenge: design AI systems that adapt to human workflows rather than forcing humans to adapt to systems. This distinction matters most in Government and defense contexts where lives depend on maintaining human oversight for deliberate decisions.

The Department of War’s (DoW) Acquisition Transformation Strategy (ATS) offers a proven model of buying outcomes in increments. Instead of funding calendar time through traditional program structures, agencies should fund missions through portfolios that deliver outcomes in weeks or months. This approach structures procurement in modular increments that integrate with evolving architecture while funding capability and delivery, not timelines.

Velocity differs from speed in its directional precision. Agencies can accelerate procurement through fast-lane processes while maintaining governance through evidence gates that verify operational performance, user adoption, cyber risk posture and sustainment realities. This framework preserves ethical obligations while delivering measurable results.

Prerequisites for Secure AI Implementation

Before deploying AI tools in production environments, agencies need foundational elements in place:

GitLab, Securing AI Adoption in Government blog, embedded image, 2026

Policy frameworks that define where AI can be a part of the process and establish clear boundaries for all personnel. Training and enablement programs ensure teams understand governance requirements and security policies. Several Federal agencies have already created AI centers of excellence to help establish standards and create processes around how they are implementing AI.

End-to-end visibility across the entire software delivery process enables agencies to track where AI agents operate and what actions they perform. Without comprehensive visibility, governance becomes theoretical rather than operational.

Contextual accuracy determines output quality, AI systems deliver accurate, usable results only when provided with the right context, making data quality and integration critical prerequisites.

Built-in guardrails must exist before AI implementation. Security scans on every code change and controls preventing critical vulnerabilities from merging into production branches become essential as agencies move into the agentic AI era.

Practical AI Use Cases That Deliver Value

GitLab’s most recent DevSecOps survey reports that AI currently handles about 25% of the work in Public Sector organizations, with leadership targeting 50% automation. The most successful implementations focus on code generation, testing and documentation, areas where AI delivers immediate, measurable impacts.

Federal customers using GitLab’s AI capabilities report significant efficiency gains in code review processes. AI-powered first-pass reviews reduce time while maintaining quality standards. Test generation and legacy code modernization have proven particularly effective.

Compliance automation represents an emerging high-value use case. GitLab teams are developing compliance agents that access code repositories, Continuous Integration/Continuous Deployment (CI/CD) pipelines and security vulnerability data to automatically populate Security Technical Implementation Guide (STIG) checklists. Security team leaders review and adjust outputs as necessary, reducing administrative burden while allowing teams to focus on strengthening application security posture.

Prioritizing AI Governance Frameworks

With 35% of Public Sector professionals using unofficial AI tools at work, agencies governance frameworks that address shadow IT risks without stifling innovation. A risk-based approach identifies high-impact systems within critical infrastructure and implements controls that prevent systemic failures.

Effective governance prioritizes AI adoption around innovation while maintaining public trust. Agencies must identify high-impact areas and understand system interdependencies, as more systems connect, understanding how one system impacts another becomes essential for appropriate segmentation and risk management.

Building on Secure Foundations

Agencies cannot build on a shaky foundation. Federal AI and cybersecurity strategies must align around building responsibility into the process from the start. This requires shifting from governing static systems to engineering systems that can evolve safely, integrating assurances, accountability and human judgment as foundational design constraints instead of downstream checks.

Before deploying advanced AI capabilities, agencies should strengthen foundational practices, standardizing workflows, implementing security by design and ensuring basic guardrails are in place. AI cannot compensate for weak foundations in the software development lifecycle. The path forward requires doubling down on fundamentals while strategically adopting AI where it delivers clear value.

To learn more about implementing secure AI solutions, watch GitLab’s full webinar, “Cyber in the AI Era: Building Foundations for Secure Adoption.”

Carahsoft Technology Corp. is The Trusted Government IT Solutions Provider, supporting Public Sector organizations across Federal, State and Local Government agencies and Education and Healthcare markets. As the Master Government Aggregator for our vendor partners, including GitLab, we deliver solutions for Geospatial, Cybersecurity, MultiCloud, DevSecOps, Artificial Intelligence, Customer Experience and Engagement, Open Source and more. Working with resellers, systems integrators and consultants, our sales and marketing teams provide industry leading IT products, services and training through hundreds of contract vehicles. Explore the Carahsoft Blog to learn more about the latest trends in Government technology markets and solutions, as well as Carahsoft’s ecosystem of partner thought-leaders.

Top 10 Quantum Events for Government in 2026

Posted on by Troy Meraw

Quantum computing is an operational reality that is rapidly reshaping national security, cryptography and mission-critical data processing across the Public Sector. As adversaries accelerate their own quantum cryptography standards and explore quantum networking architectures, Carahsoft Technology Corp., The Trusted Government IT Solutions Provider®, is proud to support Government stakeholders at the forefront of this transformation. Together with our network of leading quantum technology partners, Carahsoft is committed to connecting Government agencies with the expertise, solutions and community they need to navigate the quantum landscape with confidence. Below, we highlight the top quantum events of 2026 and how Carahsoft is helping drive the mission forward.

Convening to Act: Accelerating U.S. Post-Quantum Cryptography Adoption

March 17, 2026 | Hyattsville, MD | In-Person Event

Join the National Cryptologic Foundation for an event centered on Quantum-Resistant Cryptography (QRC) adoption where toady’s cyber leaders unite to accelerate the nation’s transition to post-quantum security. This high-impact forum brings together experts from Government, industry and academia to explore best practices for cryptography inventory and modernization, learn how leading organizations are transitioning to QRC standards and experience live demonstrations showcasing advanced migration tools and techniques. Through strategic dialogue and real-world insights, attendees gain clarity and momentum needed to act on emerging standards and mandates.

Carahsoft will have a tabletop presence at Convening to Act. Carahsoft partners in attendance include: Safelogic, SandboxAQ, Qanapi, ISARA, Entrust and QuSecure. Carahsoft’s involvement in this event supports published national security priorities by empowering commercial, defense and Intelligence Community (IC) participants to understand and operationalize newly released Federal guidance on Post-Quantum Cryptography (PQC) deployment. Our team will be present to help organizations strengthen their future-proofing strategies and contribute to securing the nation’s digital infrastructure.

ATARC Quantum Speaker Series: Accelerating Quantum Innovation Through Standardization

March 24, 2026 | 1:30-2:30pm ET | Virtual Event

Join the Advanced Technology Academic Research Center (ATARC) for a high-impact session in its Quantum Speaker Series. This focused 30-minute webinar highlights the work of the Advancing Standardization for Critical and Emerging Technologies (ASCET) Center of Excellence, an initiative dedicated to strengthening U.S. leadership in international quantum standards. Attendees will gain insight into how ASCET is broadening participation in quantum standardization, cultivating the next generation of quantum experts and supporting U.S. Private Sector priorities through training, tools and strategic initiatives.

Carahsoft recommends attending this webinar from the ATARC Quantum Speaker Series, reinforcing our dedication to advancing U.S. quantum competitiveness. The webinar format provides a platform that enables quantum experts to share their experiences and insights with a broad Government audience, making PQC knowledge accessible to agencies regardless of their location or resources.

Golden Dome: Quantum Proofing America’s Shield

April 23, 2026 | 3:00-5:00pm ET | Virtual Event

The “Golden Dome” for America has moved from vision to reality, creating a massive, interconnected architecture of space-based sensors, kinetic interceptors and Command and Control (C2) networks. However, this “system of systems” is only as strong as the data paths that connect it. As adversaries accelerate their quantum computing capabilities, the encryption protecting on-orbit capabilities, satellite links, ground-based systems and decision-support chains faces an existential threat.

Quantum-Proofing the Golden Dome is a practical, mission-focused deep dive into hardening the nation’s shield. The architects of the initiative will come together with the builders of the technology to define a clear path for quantum-resilient security in the next 12–24 months.

Sessions to Look Out For:

The Golden Dome Architecture: Security at Every Segment – A high-level view of the interoperability requirements across the Golden Dome segments. Bob Gourley, CTO at OODA LLC, will outline why the single attack surface of missile defense, space and C2 demands quantum-resilient security. From radar feeds to firmware signing, the specific data paths that are most at risk today will be identified.

Carahsoft is proud to host Golden Dome: Quantum Proofing America’s Shield at the Carahsoft Conference & Collaboration Center in Reston, VA, bringing together the architects and builders of the nation’s most critical missile defense initiative to chart a clear path toward quantum-resilient security. We are excited to provide a platform for experts in the quantum community to share their critical, real-world insights with Government leaders, defense professionals and technology innovators.

Quantum Tech World

June 25-26, 2026 | Boston, MA | In-Person Event

Step into the future at Quantum Tech World 2026, the premier global summit where quantum computing, artificial intelligence (AI) and high-performance computing (HPC) converge to redefine what is possible. This event unites more than 1,000 innovators, industry leaders, policymakers and researchers from 40+ countries to explore the breakthroughs shaping the next era of technology. Attendees will have the chance to listen to expert speakers, participate in trainings and earn certifications that will provide the insights, tools and connections needed to drive quantum adoption at enterprise scale.

Sessions to Look Out For:

Aerospace & Defense: Mission-Critical Quantum Innovation – Quantum technologies are revolutionizing the mission landscape for aerospace and defense, unlocking capabilities in sensing, navigation and secure communications. This panel gathers global leaders from Government, research and industry to discuss how quantum breakthroughs are enhancing resilience, accelerating innovation and securing critical infrastructure in an increasingly complex world.

Many of Carahsoft’s leading quantum technology partners will be in attendance—including IBM, QuintessenceLabs and ClassIQ—offering attendees direct access to cutting-edge solutions and expertise spanning PQC, quantum networking and quantum sensing. As Carahsoft deepens its engagement with the quantum ecosystem, this event represents a valuable opportunity for Government stakeholders to connect with our partner community and explore solutions best suited to their agency’s mission needs.

2026 Quantum Computing User Forum

July 20-24, 2026 | Oak Ridge, TN | In-Person Event

Get ready to join the global community at the 2026 Quantum Computing User Forum, taking place at Oak Ridge National Laboratory, one of the nation’s premier centers for advanced computing and scientific innovation. The Forum will feature interactive sessions, allowing attendees to explore emerging best practices in quantum application development, software frameworks and simulation techniques. Designed for both current users of the Quantum Computing User Program (QCUP) and the broader research ecosystem, this event offers the opportunity to connect directly with the scientists, developers and technologists shaping the future of quantum computing devices and systems.

Carahsoft’s expanding quantum portfolio includes a number of partners focused specifically on quantum computing hardware, software and integration, making this an ideal environment for agencies to explore the breadth of available solutions. This forum aligns with our commitment to linking Government agencies with the solutions they need to prepare for the quantum era.

DoDIIS

August 9-12, 2026 | Tampa, FL | In-Person Event

The Department of Defense Intelligence Information System (DoDIIS) is the premier intelligence and defense technology forum hosted by the Defense Intelligence Agency (DIA), convening quantum scientists, engineers and innovators dedicated to shaping how quantum will secure, empower and transform the U.S. defense ecosystem. This year’s theme, “DIA Next: Intelligence Technologies for Battlespace Lethality,” places groundbreaking quantum capabilities at the center of national defense modernization. As intelligence technologies increasingly rely on quantum-inspired algorithms, advanced sensing, secure communications and next-generation computational architectures, DODIIS 2026 offers the opportunity for quantum leaders to engage directly with the mission owners shaping the future of global security.

Carahsoft is proud to host an expansive partner pavilion at DoDIIS 2026, reinforcing our commitment to connecting Government customers with meaningful connections and a deeper understanding of the solutions available to support their mission. Attendees are encouraged to visit our pavilion, which will feature interactive demo kiosks, exhibitor booths and speaking opportunities, providing access to our broad ecosystem of quantum and intelligence-focused technology partners.

TechNet Augusta

August 17-20, 2026 | Augusta, GA | In-Person Event

TechNet Augusta 2026 is at the center of the nation’s cyber operations dialogue. This principal Armed Forces Communications and Electronics Association (AFCEA) event, developed with assistance from the U.S. Army Cyber Center of Excellence (CCoE), brings together military leaders, Government decision makers and industry innovators to explore the evolving challenges and advances shaping the cyber domain. Across four days of mission-focused programming, attendees will dive deep into the technologies, strategies and operational imperatives driving modern cyber electromagnetic activities and unified land operations. Designed to open the lines of communication between defense stakeholders and the commercial sector, TechNet Augusta provides the opportunity to connect and collaborate with leaders and operators at every level as they chart the future of U.S. cyber superiority.

Carahsoft is proud to support the Government and defense community at TechNet Augusta, hosting demo kiosks where attendees can explore our partners’ quantum and cybersecurity solutions. Carahsoft’s involvement reflects our ongoing dedication to ensuring Government customers have direct access to the expertise and solutions needed to advance their mission-critical technology strategies.

Quantum World Congress

September 22-24, 2026 | College Park, MD | In-Person Event

Quantum World Congress (QWC) is the gathering where leaders across science, industry, Government, finance and education are shaping the future of quantum technology. Since 2022, QWC has served as an international platform for unveiling innovations, accelerating commercialization and forging the partnerships that move quantum from the lab into the real world. Attendees will explore advancements in communications, computing, sensing, materials, security and cross-sector applications. With the National Quantum Initiative Act (NQIA) Reauthorization signaling long-term Federal momentum, QWC delivers the insights, strategy and connections organizations need to lead in the era of quantum advantage.

Carahsoft is exploring opportunities to expand our presence for QWC 2026 as we continue to deepen our engagement with the quantum community and expand the resources available to our Government customers and vendor partners. Carahsoft’s growing quantum portfolio spans a broad range of mission-aligned solutions, and the QWC represents an ideal opportunity for attendees to engage directly with tools best suited to their needs.

TechNet Indo-Pacific

October 27-29, 2026 | Honolulu, HI | In-Person Event

AFCEA International and AFCEA Hawaii have re-named their signature event TechNet Indo-Pacific. As the largest strategic defense and technology event in the Indo-Pacific Rim, the conference brings together U.S. and allied military leaders, Government technologists, researchers and industry experts to address the region’s most pressing challenges. For quantum professionals, this is an incredible opportunity to explore quantum-enhanced sensing for maritime and space domain awareness, PQC for resilient communications, secure distributed computing at the tactical edge and hybrid quantum-classical tools for intelligence fusion. With exhibitor showcases, mission-focused technical sessions and direct access to decision makers responsible for shaping regional defense strategy, the event provides a powerful platform to influence the future of secure, high-performance capabilities across the Indo-Pacific.

Carahsoft will have a tabletop presence at TechNet Indo-Pacific, continuing our engagement with military and Government leaders at one of the most strategically important cybersecurity and technology events in the Pacific region. Attendees will have the opportunity to connect with our team and explore our partners’ exhibits, which will feature hands-on demonstrations and mission-aligned solutions designed to meet the specific requirements of military and defense agencies operating in the region.

Super Computing 2026

November 15-20, 2026 | Chicago, IL | In-Person Event

Join the global leaders of HPC, networking, storage and advance analytics at Super Computing 2026 (SC26), an annual gathering that will define the next generation of computational innovation. Attendees can immerse themselves in a technical program built to accelerate discovery, featuring groundbreaking research in architectures, algorithms, machine learning at scale, distributed systems, visualization, data analytics and emerging technologies. The expansive exhibit floor will feature major industry innovators, national laboratories, universities and startups showcasing advanced systems, tools and solutions driving the fastest supercomputers and tomorrow’s exascale-to-quantum workflows. Whether shaping compute-intensive science, engineering extreme-scale systems or advancing quantum-ready architecture, SC26 provides unmatched opportunities to learn, collaborate and lead within the global HPC ecosystem.

Carahsoft will be an exhibitor at the SC26, showcasing the latest advancements in quantum computing and HPC solutions from our technology partners, including D-Wave, Quantinuum and IBM. Attendees are encouraged to visit Carahsoft’s exhibit to engage with our quantum-focused partner community, gain hands-on experience and learn how quantum computing technologies are transforming operations and driving breakthroughs across scientific and Public Sector missions.

The quantum era presents both extraordinary opportunities and significant challenges for Government agencies committed to maintaining strategic advantage and protecting sensitive data. The events highlighted above represent the most critical forums for policy dialogue, technical education and cross-sector collaboration as the Public Sector works to operationalize quantum-ready solutions. Whether your agency is just beginning to assess its quantum posture or actively implementing PQC standards, Carahsoft and our trusted partner ecosystem are here to support every stage of that journey.

To learn more or get involved with any of the above events, please contact us at QuantumComputing@carahsoft.com.

For more information on Carahsoft and our industry-leading quantum technology partners’ solutions, visit our quantum solutions portfolio.

Top 10 FedRAMP Events for Government in 2026

Posted on by Drew Myklegard

As Federal agencies modernize IT infrastructure through cloud adoption, navigating the FedRAMP authorization process while meeting stringent security standards remains essential. FedRAMP provides a standardized approach to security assessment, authorization and continuous monitoring, enabling agencies to adopt cloud technologies with confidence. Carahsoft Technology Corp., The Trusted Government IT Solutions Provider™, provides expertise and a broad portfolio of FedRAMP-authorized Cloud Service Providers (CSPs), helping both agencies and vendors manage cloud security compliance. Throughout 2026, the FedRAMP community will gather at key events nationwide to discuss evolving requirements, implementation strategies and solutions that accelerate secure cloud modernization. Below are FedRAMP-focused events where Carahsoft and our partners will be present, offering opportunities to connect and explore authorized solutions designed for Federal security needs.

GovRAMP Symposium

March 9, 2026 | Washington, DC | In-Person Event

The GovRAMP Symposium convenes senior Federal, State and Local leaders to explore how secure innovation, policy and procurement intersect to advance trusted modernization across Government agencies. Hosted in partnership with Billington CyberSecurity, the half-day program serves as the opening session of the Billington State and Local Cybersecurity Summit, setting the stage for collaboration and framework harmonization as a national security strategy. Attendees will gain insights from sessions exploring how harmonizing the NIST, FedRAMP and GovRAMP, Department of War (DoW) and other regulatory frameworks can create a secure, interoperable innovation base for artificial intelligence (AI) and other emerging technologies. The event concludes with a fireside chat held in conjunction with Billington CyberSecurity and a networking reception.

As the Exclusive Government IT Solutions Partner for this event, Carahsoft is committed to supporting agencies navigating the path to FedRAMP and GovRAMP compliance through our extensive portfolio of authorized cloud solutions and trusted technology partners. We are dedicated to connecting Public Sector agencies with the FedRAMP-authorized solution providers and compliance expertise they need to simplify their authorization journey and accelerate secure modernization. Through our deep partner ecosystem and longstanding presence in the FedRAMP marketplace, Carahsoft helps Government leaders identify the right solutions to meet their unique security and operational requirements.

Billington State and Local CyberSecurity Summit

March 9-11, 2026 | Washington, D.C. | In-Person Event

Billington CyberSecurity is the recognized leader in Federal cybersecurity education events. Following the success of its inaugural State and Local CyberSecurity Summit in 2024, the 3rd Annual Summit will bring together top Federal, State, Local and Tribal Government officials along with industry experts to learn from one another and bolster future defenses. Attendees can expect expert panels examining emerging threats, evolving regulations and best practices for ensuring transparency, trust and resilience across the technology landscape. The event features critical sessions on protecting digital supply chains and navigating cybersecurity for multiple sectors, including healthcare, infrastructure and education.

Carahsoft and NightDragon are proud to co-sponsor the State and Local Billington CyberSecurity Summit, reflecting our ongoing commitment to strengthening the cybersecurity and FedRAMP compliance posture of State and Local agencies across the nation. By co-sponsoring the All-Attendee Reception in the Exhibit Hall on Tuesday, March 10th, we are creating valuable opportunities for Government cybersecurity leaders to connect with Carahsoft’s partner vendors, share compliance challenges and discover solutions designed to meet the rigorous standards of Federal and State security frameworks. Our participation underscores Carahsoft’s dedication to ensuring that State and Local agencies have access to the authorized technologies and trusted partnerships needed to protect critical infrastructure and citizen data against evolving threats.

FedRAMP Community Working Group – Rev5

April 1, 2026 |1:00-2:00pm ET | Virtual Event

Join the FedRAMP Community Working Group (CWG) for updates to National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53, Revision 5 (Rev5) – Security and Privacy Controls for Information Systems and Organizations. These public working groups interact primarily through GitHub discussions and are supported by monthly meetings on specific topics. FedRAMP CWG – Rev5 meetings will be held the first Wednesday of every month throughout 2026 and are open to anyone in the community.

Carahsoft supports Federal agencies by leveraging our expertise in Federal cloud security and compliance. Our team helps Federal agencies identify and acquire secure solutions from our portfolio of FedRAMP authorized CSPs. Additionally, Carahsoft provides support for our vendor partners navigating the FedRAMP authorization process, offering guidance on compliance requirements and best practices. These CWG sessions will feature discussions on updates to Rev5, vital information for professionals in the FedRAMP community.

FedRAMP Community Working Group – 20x

April 8, 2026 | 1:00-2:00pm ET | Virtual Event

FedRAMP’s other CWG meeting will focus on the FedRAMP 20x program, a modernization initiative designed to streamline the Federal cloud authorization process through increased automation, reuse and community-driven approaches. The CWG will take place one week after the Phase 2, Cohort 2 FedRAMP 20x application period ends. Participants will learn more about new opportunities and approaches for CSPs when it comes to navigating the authorization process for Government cloud services. These meetings will be held on the second Wednesday of each month throughout 2026.

As a trusted partner to Government agencies, Carahsoft facilitates access to our extensive network of FedRAMP authorized CSPs while ensuring solutions align with evolving Federal security standards. Utilizing our extensive industry expertise, Carahsoft provides critical insights and resources throughout the authorization journey to streamline the path to FedRAMP compliance. These CWG sessions offer essential updates on program developments, technical requirements and implementation strategies for secure cloud environments.

Cloud Security Summit

April 16, 2026 | Reston, VA | In-Person Event

As Government agencies embrace cloud transformation, the need for secure, compliant and resilient environments has never been greater. The Public Sector Cloud Security Summit brings together Federal leaders and industry experts to share strategies for protecting sensitive data, modernizing cloud architectures and navigating evolving cybersecurity requirements. Attendees will discover practical approaches to FedRAMP modernization, alignment with Office of Management and Budget (OMB) guidance, Zero Trust implementation, automated monitoring and managing shared responsibility in multicloud and hybrid environments. Sessions will address strengthening cloud supply chain security through enhanced vendor risk management, software assurance and greater visibility across cloud service providers.

Carahsoft is a tabletop sponsor for the Public Sector Cloud Security Summit and a proud partner of the Advanced Technology Academic Research Center (ATARC). Our team will be available throughout the event to discuss how our comprehensive portfolio of FedRAMP authorized CSPs can help agencies accelerate secure cloud modernization while maintaining compliance.

DGI Virtual Workshop

May 7, 2026 | 1:00-3:00pm ET | Virtual Event

The Digital Government Institute’s (DGI) virtual workshop, Embracing Private Cloud: A Strategic Shift for Government Agencies, explores how Public Sector IT leaders can leverage private cloud architectures to drive digital transformation and modernize legacy systems. Through expert-led discussions and real-world uses cases, attendees will learn how to enable seamless migration, optimize workloads and build resilient hybrid environments tailored to Government needs. Whether planning a cloud transition or refining an existing deployment, this free workshop provides actionable guidance and best practices for IT leaders, architects and program managers driving innovation in Government.

Carahsoft is partnering with DGI for this event to support Federal cloud security education and compliance initiatives. With an extensive portfolio of FedRAMP authorized solutions, Carahsoft is committed to assisting these educational opportunities that empower Government decision makers to confidently pursue cloud modernization. Our team will be available throughout the event to help connect attendees with the right technology for seamless, secure cloud migration.

Offset Symposium 2026

May 14, 2026 | Washington, DC | In-Person Event

The Offset Symposium, hosted by Second Front, is the premier defense and GovTech event that convenes leaders from Government, the Department of War (DoW) and industry to examine how software-defined capabilities are reshaping national security. Through keynote discussions, expert panels and live technology demonstrations, Offset explores evolving cyber threats, operational challenges and emerging technologies. Sessions emphasize practical lessons learned from real deployments, offering attendees insight into how organizations are overcoming accreditation barriers, integrating commercial technology and delivering capability at scale. The symposium also spotlights FedRAMP and Government cloud compliance, underscoring FedRAMP’s role in enabling secure cloud adoption across the Federal landscape. Offset showcases FedRAMP-compliant solutions, demonstrating how accredited platforms and Development, Security and Operations (DevSecOps) pipelines are being used to deploy resilient, scalable software that supports mission-critical Government operations.

Carahsoft partner Second Front returns with one of the year’s most anticipated events focused on accelerating defense innovation and technology adoption. As a gold sponsor, Carahsoft will showcase our broad portfolio of FedRAMP authorized CSPs and engage with defense decision makers seeking to accelerate cloud modernization while maintaining rigorous security standards. Registration for this event is now open!

GovForward: The ATO and Cloud Security Summit

July 23, 2026 | Washington, DC | In-Person Event

The Authority to Operate (ATO) and Cloud Security Summit is where Government innovation meets cloud security excellence. Our eighth annual forum brings together Federal, State and Local Government leaders, alongside industry experts and solution providers, to address the evolving security, compliance and modernization challenges facing the Public Sector. The Summit offers a collaborative environment for exploring strategies to streamline the ATO process, advance secure cloud adoption and strengthen cybersecurity posture. The program features engaging keynote presentations and interactive panel discussions, designed to provide attendees with actionable insights into the latest policies, technologies and best practices shaping secure cloud adoption across the Public Sector.

Carahsoft is proud to host GovForward: The ATO and Cloud Security Summit for the eighth consecutive year, a testament to our long-standing commitment to advancing secure cloud adoption across the Public Sector. Over the years, this summit has grown into one of the most trusted forms for Federal, State and Local leaders navigating the intersection of cloud modernization and compliance, and 2026 promises to be our most impactful year yet. GovExec is pleased to offer continuing professional education (CPE) credits through the National Association of State Boards of Accountancy (NASBA) for qualified attendees, providing valuable professional development opportunities. To get a sense of the depth and quality of programming this summit delivers, explore last year’s resources at our resource hub. Vendors interested in sponsorship opportunities are encouraged to contact us at GovForward@Carahsoft.com. Stay tuned for a detailed agenda!

Black Hat USA

August 1-6, 2026 | Las Vegas, NV | In-Person Event

Black Hat USA 2026 is the premier global gathering where cybersecurity professionals, researchers and industry leaders come together to learn, share research and help shape the future of information security. The event features a comprehensive program of hands-on trainings, expert briefings and keynote sessions. Attendees will have the opportunity to explore ground-breaking research covering applied security, exploit development, malware analysis and more. Black Hat USA 2026 encourages collaboration, critical thinking and practical skill building, making it an essential event for professionals committed to staying at the forefront of information security.

Carahsoft will be hosting a networking reception at Black Hat USA 2026, providing a great opportunity to connect with Government cloud security professionals, industry peers and FedRAMP experts. Join us for meaningful conversations about the evolution of FedRAMP and explore Carahsoft’s portfolio of secure, compliant cloud technologies. Stop by and speak with our team about the cutting-edge solutions in our portfolio that ensure sensitive Government information is secure.

Billington CyberSecurity Summit

September 8-10, 2026 | Washington, DC | In-Person Tradeshow

The Billington CyberSecurity Summit 2026 is the 17th annual gathering of Government and industry cyber leaders, serving as a premier forum for Federal, State and Local cybersecurity professionals to discuss critical threats, policy developments and defense strategies. This three-day summit brings together thousands of attendees and hundreds of expert speakers across more than 40 sessions and breakout discussions to explore topics like AI integration in cybersecurity, Zero Trust architecture, threat intelligence, operational resilience and emerging defense capabilities. The event offers extensive networking opportunities, solution showcases and deep-dive sessions that address the most pressing cybersecurity challenges facing the Public Sector. Sessions have not yet been released for 2026, but previous years have covered topics ranging from AI-driven threat detection to securing critical infrastructure and implementing proactive cyber defense strategies.

Carahsoft is committed to supporting DoW and Federal cybersecurity professionals at the Billington Cybersecurity Summit 2026 with a comprehensive resource presence featuring educational materials, expert consultations and technology demonstrations. Our cybersecurity specialists will be available throughout the three-day event to provide guidance on implementing Zero Trust frameworks, securing defense networks, addressing compliance requirements and exploring innovative solutions to combat evolving cyber threats. Visit our space to access resources tailored to DoW cybersecurity challenges, connect with solutions providers who understand defense mission requirements and engage in discussions about strengthening your organization’s cyber resilience and operational readiness.

GovRAMP Cyber Summit

November 15-17, 2026 | San Antonio, TX | In-Person Event

The GovRAMP Cyber Summit brings national thought leaders, cybersecurity practitioners, policymakers and industry experts to address the most pressing security, compliance and modernization challenges facing Government today. Designed as a collaborative forum, the Summit focuses on aligning and operationalizing cybersecurity frameworks, such as FedRAMP, GovRAMP, Criminal Justice Information Services (CJIS) and more, to help agencies reduce duplication, strengthen compliance and accelerate the secure adoption of cloud and emerging technologies. Through keynote presentations and in-depth discussions, attendees will gain insight into how Government and industry leaders are working to improve reciprocity, streamline authorization processes and balance risk management with operational efficiency. The Summist also features collaborative learning labs on topics such as AI and machine learning (ML), procurement considerations, authorization timelines and available industry tools. By bringing together voices from across Government and the Private Sector, the GovRAMP Cyber Summit empowers participants to advance secure, scalable technology adoption and strengthen cybersecurity outcomes across State and Local Government environments.

Carahsoft will serve as the presenting sponsor of the GovRAMP Cyber Summit. With Carahsoft’s extensive portfolio of both FedRAMP and GovRAMP authorized solutions, we are uniquely positioned to support agencies navigating multi-level cloud security requirements. We look forward to connecting State and Local Government leaders with the industry-leading solutions needed to secure and strengthen their agencies’ environments.

AWS re:Invent

November 30-December 4, 2026 | Las Vegas, NV | In-Person Event

Join AWS for a week of innovation, collaboration and global representation at AWS re:Invent, the company’s flagship annual conference that brings together tens of thousands of cloud professionals from around the world, including developers, architects, security leaders and business decision makers. This event serves as the stage for major AWS announcements, offering attendees early insight into the latest advancements across cloud infrastructure, AI and ML, security, compliance, data and application modernization. A series of in-depth technical sessions allows participants to explore through strategic, hands-on learning. AWS re:Invent features high-impact keynotes, targeted breakout sessions and an expansive expo floor, where attendees can engage directly with AWS partners and solution providers.

Carahsoft partner AWS returns with re:Invent, the most impactful cloud computing event of the year. Carahsoft will be hosting a Public Sector networking reception at re:Invent 2026, providing an exclusive opportunity for Government cloud leaders to connect with peers, AWS experts and our network of FedRAMP authorized CSPs. Our team will be present, offering best practices, expert guidance and more!

RAMPCon: Coalfire

Date TBD | Location TBD | In-Person Event

RAMPCon: Coalfire is a two-day, forward-thinking event filled with keynotes, expert panels and candid conversations. Bringing together leaders from Government and industry, the event will examine the evolution of FedRAMP alongside other frameworks such as CMMC and GovRAMP. Attendees will explore the growing role of automation, continuous monitoring and AI-driven security, gaining practical insight into what the next chapter Federal cloud adoption holds, from policy and authorization strategy to operational scale and resilience.

Coalfire, a Carahsoft partner, returns in 2026 with their impactful FedRAMP event RAMPCon. With our FedRAMP expertise, Carahsoft is here to back this essential gathering of the cloud compliance community. Our team will be at the event, connecting Government agencies with the resources and solutions needed for successful FedRAMP authorization.

As cloud technology reshapes Government operations, staying informed on FedRAMP requirements, best practices and authorized solutions is essential to secure, compliant modernization. These events offer valuable opportunities to engage with FedRAMP experts, connect with peers and discover cutting-edge cloud security solutions from authorized providers. Whether you are beginning your FedRAMP authorization, optimizing existing compliance processes or exploring new cloud capabilities, Carahsoft and our portfolio of FedRAMP-authorized CSPs stand ready to support your mission. Join us at these premier 2026 events to gain actionable insights, explore proven compliance strategies and see how Carahsoft can help you achieve secure, efficient cloud adoption that meets the highest Federal security standards.

To learn more or get involved in any of the above events please contact us at FedRAMPMarketing@carahsoft.com.

For more information on Carahsoft and our industry leading partners’ technology, visit our FedRAMP solutions portfolio and FedRAMP events page.