Ideas

Accountability in cybersecurity: Why government agencies must raise the stakes

Promoting better cybersecurity in an organization might mean doing things like locking user machines when they don't complete cyber training because accountability is not optional.

Good luck, Department of Government Efficiency

COMMENTARY | It sounds like a federal agency, but its job is to get rid of them.

White House, cyber leaders to talk priorities, road ahead

The GovExec Cybersecurity Futures Forum Wednesday will feature cyber leaders from across government.

EDR and cyber logging: Preparing for the next big cybersecurity guidance

Insufficient logging hampers an organization’s ability to detect intrusions, mitigate those in progress and determine the extent of an incident.

The Wild West of space: Can government IT tame the risks?

A multi-pronged strategy to deal with the risks is a good idea.

America’s defense contractors are failing basic cybersecurity and China is exploiting it

COMMENTARY: The gap between what Americans believe about the security of our defense contractors and the grim reality should alarm everyone.

Securing open source software is a team sport

COMMENTARY: Public-private partnerships offer a path to solving the persistent problem of open source software security.

VA acquisitions asks vendors to show their work

COMMENTARY: The principle of "do, don't say" could be catching hold at the Department of Veterans Affairs.

Cyber meets warfare in real time

COMMENTARY: Why Hezbollah's exploding pagers signal a dangerous new era for global businesses.

Organizing to meet the most urgent threats

COMMENTARY: The government’s recognition of the need for asset visibility has kickstarted the process by which agencies have begun to focus on contextualizing assets in their environments, prioritizing threats and then taking action to stay protected.

The migration challenge

COMMENTARY: Upgrading legacy systems to modern infrastructure is critical, but migrating workloads and applications introduces potential vulnerabilities that must be addressed.

How FedRAMP is evolving to meet the challenges of the cloud computing market

Updates to federal cloud security policy are laying the foundation for a more secure and resilient cloud ecosystem.

Why human-centered design is the key to better CX

COMMENTARY: Better, more thoughtful technology can spark innovation in delivery of citizen services.

Why the IRS needs a new accountability program

COMMENTARY: The tax agency should borrow from the Social Security Administration's SecurityStat effort to measure performance and promote internal transparency.

Lessons from the CrowdStrike outage

COMMENTARY: Agencies can mitigate impacts of future outages by putting IT risks front and center and by understanding the incident response requirements of their vendors.