Risk Management

DHS should assess the benefits of a risk management sharing tool, GAO says

A new report found that the department’s guidance for risk management practices in acquisition programs isn’t specific enough for all programs and could be helped by information-sharing tools.

  • By Carten Cordell

NIST Debuts Long-Anticipated AI Risk Management Framework

With the launch of the AI RMF 1.0, federal researchers focused on four core functions to structure how all organizations evaluate and introduce more trustworthy AI systems.

  • By Alexandra Kelley

Expert Analysis of Dangerous Artificial Intelligences in Government

The “real risks” of AI come from a lack of governance and risk understanding, according to Navrina Singh, CEO of Credo AI and a member of the Department of Commerce’s National AI Advisory Committee.

  • By John Breeden II

3 Strategies for Securing the Supply Chain, Security’s Weakest Link 

Today, no vendor or agency is safe—and just as importantly, no single organization can address all these threats independently.

  • By Brandon Shopp

DARPA Needs Help Securing Its Programs From Foreign Influence and Malicious Insiders

The agency works on the most advanced tech research on the planet, often with critical national security implications.

  • By Aaron Boyd

It's When Not If with Ransomware: How Agencies Can Prepare

Agencies must acknowledge this threat and take steps to prepare, defend and remediate.

  • By Rick Vanover

NIST Seeks Small Business to Help Develop Cybersecurity Standards

The agency is looking for consultation on crucial cybersecurity issues.

  • By Mariam Baksh

Data Privacy and Data Governance Will Be Top Business Priorities for 2021

Building the right foundation to highly secure and protect your company includes several fundamentals that are critical to supporting the infrastructure from the ground up.

  • By Zachary Curley

5 Ways to Improve Emergency Preparedness for Next Time

A permanent team that is focused solely on national preparation and ensuring that the relevant federal agencies are all on the same page should coordinate all five of these components.

  • By Matt Shipman, Futurity

ICAM, CDM Put Identity-Based Security Front and Center

Agencies must be able to identify, monitor and manage all people, applications and devices that access government resources.

  • By Craig McCullough

Audit: HUD Doesn’t Ensure Sensitive Data It Shares Is Secure

A Government Accountability Office pointed to high turnover rates for top privacy and IT security officials as a reason for the agency's poor performance.

  • By Mila Jasper

When You Can’t Add Cybersecurity Staff, Build Cyber-Resiliency Instead

But organizations should be careful that they aren’t just throwing additional, sophisticated tools at existing employees to solve the problem.

  • By Ray DeMeo

Diving into Government’s Trusted Internet Connections Standard 3.0 

The policy lays out the framework for security, but allows agencies to fill in the details based on their unique missions.

  • By John Breeden II

How to Head Off Public Assistance Fraud Before Dollars Go Out the Door

Opting to chase and recover money fraudsters steal from government agencies is not a sustainable strategy.

  • By Shawn Kingsberry
Featured eBooks
AI in the Workplace
Read Now

CX in Action

Read Now

Next Steps for CMMC

Read Now

DISA to Release Zero-Trust Model This Year

Vice Adm. Nancy Norton said the Defense Department must take a data-centric approach to protecting its networks.

  • By Mila Jasper

Pentagon’s Enterprise DevSecOps Initiative Presents an Ambitious Model for the Future of Software

The Air Force’s chief software officer provided insights into the operation of Platform One, a project at the beginning of what could be a profound transformation for cybersecurity.

  • By Mariam Baksh

We Need Mission-focused Risk Management Programs to Adapt to Changing Circumstances

In the midst of a global pandemic, it is more important than ever to know which systems are critical to our operations.   

  • By Gianna Price

How Agency CIOs Can Enable Business and Reduce Risk

Visibility is essential for CIOs to accomplish their mission and meet compliance.

  • By Terry Milholland

Why Companies Should Be Open About Cybersecurity

Companies that are open about their cybersecurity risk management fare significantly better with investors than peers that don’t disclose those efforts, new research shows.

  • By Matt Shipman, Futurity

How to Manage Risk Along the Federal Government Supply Chain 

Even the most sophisticated federal agencies have found it difficult to effectively measure and evaluate the cyber risk of their contractor base.

  • By Jake Olcott

CISA Chief Unveils Vision for Federal Cybersecurity

Civilian agencies shouldn’t all be forced to manage their own cyber risks, Chris Krebs said.

  • By Jack Corrigan