Mastering DFARS Cybersecurity Compliance: Key Requirements & Steps for Success
Explore DFARS compliance, new security measures, and streamlined acquisition pathways to help contractors meet DoD standards.
Adversarial Machine Learning: What NIST’s Latest Report Means for AI Security
Shawn Elliott President, Operations AI systems now shape decisions from grid stability to national security—making them prime targets. Adversaries aim not only to breach systems, but also to manipulate the decision-making process at scale. In response, NIST’s latest report on adversarial machine learning (NIST AI 100-2e2025), finally provides a standardized framework for identifying AI vulnerabilities, […]
The Top GRC Tools and Software for 2025
Art Clomera Vice President, Operations Most organizations succeed (or falter) based on the information they keep and the sophistication with which they can manage it. It’s why having the right GRC tools in place to help manage governance, risk management, and compliance (GRC) issues around information has become a standard organizational strategy. While CISOs […]
Cloud Readiness Assessment: Is Your Organization Ready to Move to the Cloud?
Art Clomera Vice President, Operations The benefits of migrating mission-critical systems and data to the cloud are many and well-documented: agility, access to cutting-edge technology, cost savings, efficiency, scalability, and resilience. But before diving headfirst, how do you know if your organization is ready for the transition? Enter the cloud readiness assessment. The Cloud […]
Elevating Efficiency with RPA: Five Real-World RPA Examples
How did IPKeys develop and deploy over 100 RPA use cases across the Defense Logistics Agency’s (DLA) departments? How did we contribute +130,000 mission hours to DLA with Robotic Process Automation? How did we help the DLA achieve unattended automation architecture? Looking for RPA examples and process steps? We’re revealing our blueprint.
GRC in Cybersecurity: Why is it Important?
Art Clomera Vice President, Operations Simply put, Governance, Risk, and Compliance (GRC) in cybersecurity fosters a culture of transparency, accountability, and trust by promoting good governance, effective risk management, and regulatory compliance. It originated from the Open Compliance and Ethics Group (OCEG) in 2002 and has become indispensable due to the increasing complexity of cybersecurity […]
Mastering POA&M Management: Strategies for Effective Continuous Monitoring and Success
Art Clomera Vice President, Operations Plan of Action & Milestones (POA&M) management is the act of compiling a must-do list outlining the actions and milestones needed to address security vulnerabilities and weaknesses within an information system. To this end, a POA&M is a potent management tool because deadlines are assigned for each task, and team […]
How to Apply the 7 Risk Management Framework (RMF) Process Steps
Art Clomera, Vice President, Operations We’ve all heard the adage: “Nothing ventured, nothing gained.” In essence, you have to risk something if you want to get things done. So much of our lives involves assessing risk and intelligently managing those risks to meet our needs and achieve our goals. It’s why a motorcyclist wears a […]
Clarifying SSDF: An Overview of the Secure Software Development Framework
Art Clomera Vice President, Operations In response to President Biden’s Executive Order on “Improving the Nation’s Cybersecurity (14028)“, the National Institute of Standards and Technology (NIST) designed the Secure Software Development Framework (SSDF). The creation of the SSDF was a strategic move to bolster the cybersecurity posture of Federal agencies. NIST also developed the Risk […]
Building ROMs for Cybersecurity Needs: A Guide for Federal Agencies
R. Shawn Elliott President and LLC Manager IPKeys Technologies, LLC | Chickasaw Nation Industries (CNI) Cybersecurity budgeting is rarely straightforward, since threats evolve faster than procurement cycles. That’s why Rough Order of Magnitude (ROM) estimates are so valuable. Whether you’re managing FedRAMP authorizations or preparing for next year’s funding cycle, a solid ROM gives you […]
