Mastering DFARS Cybersecurity Compliance: Key Requirements & Steps for Success
Explore DFARS compliance, new security measures, and streamlined acquisition pathways to help contractors meet DoD standards.
The Top GRC Tools and Software for 2025
Art Clomera Vice President, Operations Most organizations succeed (or falter) based on the information they keep and the sophistication with which they can manage it. It’s why having the right GRC tools in place to help manage governance, risk management, and compliance (GRC) issues around information has become a standard organizational strategy. While CISOs […]
Cloud Readiness Assessment: Is Your Organization Ready to Move to the Cloud?
Art Clomera Vice President, Operations The benefits of migrating mission-critical systems and data to the cloud are many and well-documented: agility, access to cutting-edge technology, cost savings, efficiency, scalability, and resilience. But before diving headfirst, how do you know if your organization is ready for the transition? Enter the cloud readiness assessment. The Cloud […]
Elevating Efficiency with RPA: Five Real-World RPA Examples
How did IPKeys develop and deploy over 100 RPA use cases across the Defense Logistics Agency’s (DLA) departments? How did we contribute +130,000 mission hours to DLA with Robotic Process Automation? How did we help the DLA achieve unattended automation architecture? Looking for RPA examples and process steps? We’re revealing our blueprint.
GRC in Cybersecurity: Why is it Important?
Art Clomera Vice President, Operations Simply put, Governance, Risk, and Compliance (GRC) in cybersecurity fosters a culture of transparency, accountability, and trust by promoting good governance, effective risk management, and regulatory compliance. It originated from the Open Compliance and Ethics Group (OCEG) in 2002 and has become indispensable due to the increasing complexity of cybersecurity […]
Mastering POA&M Management: Strategies for Effective Continuous Monitoring and Success
Art Clomera Vice President, Operations Plan of Action & Milestones (POA&M) management is the act of compiling a must-do list outlining the actions and milestones needed to address security vulnerabilities and weaknesses within an information system. To this end, a POA&M is a potent management tool because deadlines are assigned for each task, and team […]
Clarifying SSDF: An Overview of the Secure Software Development Framework
Art Clomera Vice President, Operations In response to President Biden’s Executive Order on “Improving the Nation’s Cybersecurity (14028)“, the National Institute of Standards and Technology (NIST) designed the Secure Software Development Framework (SSDF). The creation of the SSDF was a strategic move to bolster the cybersecurity posture of Federal agencies. NIST also developed the Risk […]
Demystifying POAM: Definition, Template & Example Walkthrough
Art Clomera, CTO, Federal Services – Wouldn’t perfection be great? Everyone, every organization, every system working exactly the way they should with inexhaustible, flawless precision from the word “Go.” Never worrying about something not going exactly as planned. It sounds pretty great but also pretty impossible… (even boring). Perfection in the world of cyber security […]
NIST 800-53: What is it and What are the Control Families?
Art Clomera, Vice President, Operations Ensuring the security of information systems is a complex but necessary task that virtually every modern organization must undertake to some degree or another. One effective method of tackling information system security is to use the Risk Management Framework (RMF) developed by the National Institute of Standard and Technology (NIST). […]
Cybersecurity Automation: How to Strengthen Defense While Reducing Manual Work
Art Clomera Vice President, Operations India, the US, Indonesia, and China alone account for almost half of the total reported cyberattacks in the government sector. Threats, ranging from espionage to malware designed to disrupt critical national infrastructure, are a defining feature of modern geopolitical relations. This barrage demands always-on, predictive, continuously improving advanced cybersecurity measures. […]
