Risk Management
NIST Debuts Long-Anticipated AI Risk Management Framework
With the launch of the AI RMF 1.0, federal researchers focused on four core functions to structure how all organizations evaluate and introduce more trustworthy AI systems.
Expert Analysis of Dangerous Artificial Intelligences in Government
The “real risks” of AI come from a lack of governance and risk understanding, according to Navrina Singh, CEO of Credo AI and a member of the Department of Commerce’s National AI Advisory Committee.
3 Strategies for Securing the Supply Chain, Security’s Weakest Link
Today, no vendor or agency is safe—and just as importantly, no single organization can address all these threats independently.
DARPA Needs Help Securing Its Programs From Foreign Influence and Malicious Insiders
The agency works on the most advanced tech research on the planet, often with critical national security implications.
It's When Not If with Ransomware: How Agencies Can Prepare
Agencies must acknowledge this threat and take steps to prepare, defend and remediate.
NIST Seeks Small Business to Help Develop Cybersecurity Standards
The agency is looking for consultation on crucial cybersecurity issues.
Data Privacy and Data Governance Will Be Top Business Priorities for 2021
Building the right foundation to highly secure and protect your company includes several fundamentals that are critical to supporting the infrastructure from the ground up.
5 Ways to Improve Emergency Preparedness for Next Time
A permanent team that is focused solely on national preparation and ensuring that the relevant federal agencies are all on the same page should coordinate all five of these components.
ICAM, CDM Put Identity-Based Security Front and Center
Agencies must be able to identify, monitor and manage all people, applications and devices that access government resources.
Audit: HUD Doesn’t Ensure Sensitive Data It Shares Is Secure
A Government Accountability Office pointed to high turnover rates for top privacy and IT security officials as a reason for the agency's poor performance.
When You Can’t Add Cybersecurity Staff, Build Cyber-Resiliency Instead
But organizations should be careful that they aren’t just throwing additional, sophisticated tools at existing employees to solve the problem.
Diving into Government’s Trusted Internet Connections Standard 3.0
The policy lays out the framework for security, but allows agencies to fill in the details based on their unique missions.
Featured eBooks
How to Head Off Public Assistance Fraud Before Dollars Go Out the Door
Opting to chase and recover money fraudsters steal from government agencies is not a sustainable strategy.
DISA to Release Zero-Trust Model This Year
Vice Adm. Nancy Norton said the Defense Department must take a data-centric approach to protecting its networks.
Pentagon’s Enterprise DevSecOps Initiative Presents an Ambitious Model for the Future of Software
The Air Force’s chief software officer provided insights into the operation of Platform One, a project at the beginning of what could be a profound transformation for cybersecurity.
We Need Mission-focused Risk Management Programs to Adapt to Changing Circumstances
In the midst of a global pandemic, it is more important than ever to know which systems are critical to our operations.
How Agency CIOs Can Enable Business and Reduce Risk
Visibility is essential for CIOs to accomplish their mission and meet compliance.
Why Companies Should Be Open About Cybersecurity
Companies that are open about their cybersecurity risk management fare significantly better with investors than peers that don’t disclose those efforts, new research shows.
How to Manage Risk Along the Federal Government Supply Chain
Even the most sophisticated federal agencies have found it difficult to effectively measure and evaluate the cyber risk of their contractor base.
CISA Chief Unveils Vision for Federal Cybersecurity
Civilian agencies shouldn’t all be forced to manage their own cyber risks, Chris Krebs said.
