Tag Archives: Interoperability

TechNet Cyber 2025: Top 5 Insights on Zero Trust, Interoperability and More 

Posted on by
Reply

Technology is a vital part of the United States Department of Defense (DoD)’s capabilities, making security and enhancements essential to the nation’s stability and growth. AFCEA International’s flagship event, TechNet Cyber, emphasizes the role of cybersecurity and IT within the DoD. Alongside its partners, such as such as Amazon Web Services (AWS), Everfox and Ciena, Carahsoft attended TechNet Cyber to support DoD mission objectives. Carahsoft maintains a unique position in the defense industry with the ability to connect DoD and intelligence community (IC) personnel, Government IT decision-makers, thought leaders and industry and vendor partners. At this year’s conference, leaders and operators in the IT and Defense Department joined to network, facilitate problem solving and explore ways to expedite and secure the procurement process.

Expanding Zero Trust: “Flank Speed” is Ready to Scale 

To safeguard against potential cybersecurity attacks, the DoD is working to secure its networks with Zero Trust, a security strategy focused on identity, credential and access management. In the session “DoD Zero Trust Success Stories,” David Voelker, Zero Trust Architecture Lead for the Department of the Navy, discussed recent initiatives to bolster Zero Trust within Flank Speed, the Navy’s single enterprise Microsoft 365 solution that provides productivity tools, collaboration tools and OneDrive storage. The Department of the Navy is planning to conduct autonomous penetration testing to determine the quality of Zero Trust capability implementation. Last year Flank Speed met 151 of 152 Zero Trust activities, meeting target far ahead of schedule. Flank Speed is the Navy’s single enterprise Microsoft 365 solution that provides productivity tools, collaboration tools and OneDrive storage.

Another speaker, Ian Leatherman, the Zero Trust Strategy Lead for Microsoft U.S. Federal, discussed key takeaways from Microsoft’s work with Flank Speed. Visibility into agency networks is critical to emboldening existing Zero Trust strategies. Mr. Leatherman stated, “When in doubt, collect the telemetry: you never know what new or novel adversary techniques you may find.” Knowing exactly how many endpoints, applications and users are on the network at any given time positions the DoD to swiftly deal with incoming threats. 

Leatherman also discussed recent initiatives to involve all Navy personnel in a cybersecurity strategy; security is more than a technology solution, but a way to ensure safety within the agency. David Voelker, Zero Trust Architecture Lead at the Department of the Navy echoes this statement. While the Zero Trust Portfolio Office set their DoD-wide Zero Trust adoption target as the end of fiscal year 2027, Flank Speed is already operational. Voelker notes that the Flank Speed configuration could be lifted and shifted to other customers in the DoD, with a quick deployment time of under 24 hours. Mr. Voelker also recommends automating this shift.  

Carahsoft and our vendor partners offer several cybersecurity solutions to help Government agencies implement Zero Trust architectures that protect critical information and reduce national security risk. Our offerings align with Public Sector Zero Trust maturity models developed by NIST, the DoD and CISA.  

Carahsoft, TechNet, blog, embedded image, 2025

How Mission Objectives Drive Acquisition  

Acquiring powerful, up-to-date technology enables the DoD to protect against persistent and increasingly sophisticated cyber-attacks. The DoD aims to streamline its procurement process to maintain pace and safeguard against attacks. In the session “DoD Software Modernization Senior Steering Group,” speaker Sean Brady, Senior Lead for Software Acquisition Enablers at the Office of the Undersecretary of Defense (Acquisition and Sustainment), explained that there are two key drivers to this transformation. The first is mission objectives; software should be tailored to allow the DoD to adapt its systems to rapidly changing threats. The second is access to commercial innovation, which allows the DoD to access products in weeks or months rather than years.  

Digital Transformation for Operational Effectiveness 

Digital transformation in the DoD is crucial for maintaining pace with an increasingly technology-driven security environment. Thomas W. Simms, Principal Deputy Executive Director for Systems Engineering and Architecture at the Office of the Under Secretary of Defense for Research and Engineering, discussed the major digital transformation efforts within the DoD. 

The main four are: 

  1. Modular Open Systems Approach (MOSA), a congressional requirement that integrates technical and business strategies to promote acquisition and drives modular designs 
  1. The DoD’s Digital Engineering Instruction, which requires programs to use digital engineering in their design process 
  1. Application Program Interfaces (APIs), a ruleset that allows communication between software applications and is driven by the DoD’s API guidebook, which enables the DoD to become more data-centric   
  1. The DoD’s System Engineering Guidebook, which is currently undergoing an update to incorporate guidance from the Secretary of Defense’s latest memos  

By modernizing legacy systems and enabling the DoD to acquire the newest and greatest in IT, these initiatives enhance operational effectiveness and improve decision-making speed.

Fast-Tracking Authority to Operate (ATO) 

In the defense industry, technology must be approved to mitigate security risks. The Software Fast Track (SWFT), a process that expedites software verification within the U.S. Government, is changing the way the DoD manages risks and conducts Authority to Operate (ATO). Contractors can get involved with the latest software acquisition and risk management changes by participating in the three recently released requests for information (RFIs).  

These RFIs, which close May 20th, are: 

Katie Arrington, the Acting DoD Chief Information Officer (CIO), also discussed the Software Fast Track (SWFT) set to launch on June 1st of this year. The initiative will replace the traditional Authority to Operate (ATO) structure and add a few requirements, such as third-party Software Bill of Materials (SBOM), third-party risk assessments and the population of Enterprise Mission Assurance Support Service (eMASS) with artifacts. Once these guidelines are in place, contractors will gain a Provisional ATO. 

Ms. Arrington attests that these changes will revolutionize the Risk Management Framework (RMF) by allowing industry experts to provide feedback to the DoD. Paper compliance isn’t enough anymore, Ms. Arrington says. The DoD is looking for “continuous monitoring, red-teaming and people to continually evaluate their capability.”  

She also added that the DoD will be sunsetting the Approved Products List (APL). Additional sponsor additions are no longer being accepted. Instead, the SWFT initiative will take over, establishing a “trust, but verify” procedure, promoting both security and swift ATO action.

Using Interoperability to Pitch to DoD 

As operations increasingly move online, interoperability becomes increasingly important to efficiency and accessibility. Venice Goodwin, the outgoing CIO for the Department of the Air Force, offered advice to industry professionals on navigating changes within DoD. Goodwin recommends that the industry practice “extreme teaming;” rather than service each department individually: vendors should focus on servicing the DoD as a whole. As the DoD prioritizes capabilities that have cross-departmental benefits, industry experts should demonstrate the effectiveness of their capabilities and solutions in every domain across land, sea, air and space. With this collaboration, both the Private and Public Sector can get the results they need.

The digital transformation journey within the Department of Defense represents not just an evolution of systems, but a commitment to defending interests at home and abroad. Acquisition, ATO and Zero Trust are all valuable assets to maintaining pace with the current, constantly evolving technological climate, ensuring the United States carries out its mission of protecting the nation. 

To learn more about mission-critical technology, visit Carahsoft’s defense portfolio to explore solutions showcased at TechNet Cyber. For additional research into the key takeaways that industry and Government leaders presented at TechNet Cyber, view Carahsoft’s full synopsis of key sessions from the tradeshow.  

Healthcare Program Executive: HIMSS 2025: Top 5 Insights

Posted on by
Reply

At the Healthcare Information and Management Systems Society (HIMSS) Global Health Conference and Exhibition 2025, health IT professionals, healthcare personnel and Government leaders joined to connect on the latest trends in the healthcare industry. As a provider and distributor of health IT solutions, Carahsoft and its partners are equipped to communicate recent trends and connect care providers, agencies and companies with the technology they need to embrace the future of healthcare. 

Here are the top 5 insights for the technology industry and Government from this year’s conference.  


1. Utilizing Artificial Intelligence in Healthcare  

Healthcare must ensure all provided tools are safe, effective and ethical to ensure the best outcomes for patients. As the widespread adoption of artificial intelligence in the healthcare industry is relatively new, providers and public health officials should employ risk management practices, strong governance and transparency with their usage of the tool.  

Providers should employ best practices for AI usage:  

  • Understand AI’s risk profile 
  • Ensure that data is representative of patients 
  • Address potential biases  

With continuous monitoring, providers can mitigate any potential model drifts and gain better oversight of the dynamic nature of AI systems. By highlighting the areas of risk, the healthcare system can make informed decisions on which tools, solutions and personnel to deploy to mitigate risk.  

Carahsoft HIMSS AI Interoperability Tradeshow Recap Blog Embedded Image 2025

There are many opportunities for AI in Healthcare. In the session “HL’s Ride on the AI Train,” the Chief Executive Officer of HL7 International, Charles Jaffe, discussed how AI can enable healthcare providers to promote interoperability. AI can also help providers address industry concerns, such as data provenance and data lineage. In the session “Shaping the Future of healthcare: A Collaborative Care Journey Where Technology and Humanity Coexist,” speakers Seung Woo Park and Meong Hi Son, respectively the President and Chief Medical Information Officer and Associate Professor at Samsung Medical Center (SMC), mentioned that SMC reduced the nurse turnover rate from 9.3% to 5.9% by assisting their workflow with AI and automation. In the session “Disruptive Technologies: Examining the Challenges and Opportunities of Cyber, AI and Beyond,” the Former Commander and U.S. Cyber Command and Former Director at the National Security Agency, Paul Nakasone, noted that AI-driven behavior changes could transform healthcare and prevent chronic diseases. Using AI to get suggestions on sleep, meditation, diet and stress management can all help in between doctor visits to chip away at chronic diseases. Through the collaboration of providers and technology, service in healthcare can be reshaped for the better, providing a gateway into personal medicine. 


2. Improving Healthcare Quality through Interoperability  

Another point of discussion at HIMSS was the role of digital technology and standards in improving healthcare quality. The National Committee for Quality Assurance (NCQA) has several initiatives, such as the Healthcare Effectiveness Data and Information Set (HEDIS) Fast Healthcare Interoperability Resources (FHIR) data model and the Bulk FHIR Quality Coalition, aimed at enhancing digital quality measurement by enabling end-to-end FHIR data exchanges. Quality measurement has evolved, and standardized clinical data helps accelerate that evolution. With modern computing platforms and technologies, such as Bulk FHIR, healthcare institutions can utilize real-time, continuous data processing, improving data encryption, data security and quality measurement. With comprehensive and timely data sharing among healthcare stakeholders, patients can get results from labs and pharmacies quicker, and can share their data across different healthcare offices, improving the affordability and quality of services.   


3. Addressing Veteran Needs in Collaboration with CMS 

On average, patients have their medical data located at 5.6 different locations, making interoperability, the ability of information to be exchanged between different health systems or technology systems, instrumental in helping patients and providers alike to improve the healthcare experience. 

In the session “A Discussion: Transforming Care Through Interoperability,” members of the Department of Veteran Affairs (VA) and University of Oklahoma discussed the benefits of interoperability for veterans. Data sharing between the VA and the Center for Medicare and Medicaid Services (CMS) can address healthcare challenges, such as dementia, suicidal ideation, traumatic brain injury (TBI) and oncology by enabling the two agencies to collaborate to achieve actionable approaches for real-world cases. For example, improving care coordination, optimizing resource utilization and driving better outcomes for veterans and other patients. 

Data sharing and collaboration is key to achieving efficient and effective healthcare delivery in the modernized health data infrastructure. In modernizing the infrastructure of the healthcare industry through interoperability, providers and patients can alleviate the work burden and work towards finding solutions at an expedited and swifter rate. The need for remote patient monitoring tools (RPM) is key to assist physicians and clinicians with increased data collection to support real-time treatment of these chronic illnesses for our veterans. 

HIMSS_Day 1_Case Study - Missouri Mission to Transform Digital Health


4. Leveraging Data to Improve Service 

Digital health increases the speed of learning, helps patients and providers overcome health inequity and increases the effectiveness of virtual care. In the session “Case Study: Missouri’s Mission to Transform Digital Health,” speakers Joshua Wymer, the Chief Health Information and Data Strategy Officer of the Missouri Department of Health and Senior Services (DHSS), and Natasha Ramontal, the Digital Health Strategist in Community Outcomes for HIMSS, discussed the DHSS’ journey to transform digital health. To address the needs of businesses, HIMSS and the DHSS teamed up, eliminating duplicate data sets, reducing volumes of data entry and improving regulatory oversight. Through their collaboration in improving the handling of data, the Missouri Department of Health and Senior Services became the first state level organization to successfully implement HIMSS’ Digital Health Indicator model.  


5. Bolstering Cybersecurity Mitigation with OCR and HIPAA 

In the session “Preparing for OCR’s Revived HIPAA Security Audits,” speaker Nadia Faheem Coster, the Executive Vice President of Permit Intelligence Services, discussed the Department of Health and Human Services’ Office of Civil Rights (OCR) 2025 audit program, which applies to fifty entities and business associates. The audit focuses on decreasing hacking and ransomware attacks.  

HIMSS_Day 1_Preparing for OCR Revived HIPAA Security Audits

To combat bad actors, Coster recommends:  

  1. Maintaining a risk management plan 
  1. Conducting annual secure risk assessments 
  1. Ensuring all policies and procedures are up to date 

Coster also emphasized the need for segmentation and asset inventory under the proposed Health Insurance Portability and Accountability Act (HIPAA) Security 2.0 rule. All related health systems and the IT industry should ensure their software and hardware are compliant under the proposed ruling. System resiliency is the gold standard for health systems looking to comply with the HIPAA Security 2.0 ruling. 


Data sharing, cybersecurity awareness, interoperability and artificial intelligence all enable cheaper and quicker work, whether it is sharing information between healthcare providers or on internal day-to-day operations, while ensuring quality care. By enabling the latest solutions in healthcare technology, health systems can create a better work environment for providers and a seamless experience for patients.  


To learn more about interoperability, legislation, cybersecurity and AI in healthcare, visit Carahsoft’s Healthcare Technology solutions portfolio to explore solutions showcased at HIMSS. For additional research into the key takeaways thought, industry and Government leaders presented at HIMSS, view Carahsoft’s extensive market research brief for a deeper dive.