From Risk to Authorization: Understanding What ATO Means in Cybersecurity
Art Clomera Vice President, Operations The Authorization to Operate (ATO) is crucial for the US Federal Government and the Department of Defense (DoD). It represents an official management decision granted by a senior organizational official. The ATO Cybersecurity decision authorizes the operation of an information system and explicitly acknowledges the associated risks to agency operations, […]
Mastering NIST 800-30: A Guide to Effective Risk Assessments
Art Clomera Vice President, Operations In the aftermath of several high-profile breaches and attacks on federal agencies this year, NIST 800-30 helps to translate the intricate vulnerabilities and countermeasures in ways that executive leadership overseeing the agency’s policy implementation can understand. Sharing information enables decision-makers to understand the full extent of the threat landscape in […]
Mastering POA&M Management: Strategies for Effective Continuous Monitoring and Success
Art Clomera Vice President, Operations Plan of Action & Milestones (POA&M) management is the act of compiling a must-do list outlining the actions and milestones needed to address security vulnerabilities and weaknesses within an information system. To this end, a POA&M is a potent management tool because deadlines are assigned for each task, and team […]
Exploring the NIST CSF Categories and Subcategories: A Comprehensive Overview
Art Clomera Vice President, Operations Cybersecurity and Infrastructure Security Agency Director Jen Easterly confirmed that a cyberattack on U.S. government networks had affected several Federal agencies. In light of the events when hackers gained access through a security flaw in the widely used file-transfer software, MOVEit Transfer, this article will explore the NIST Cybersecurity Framework […]
Demystifying Software Bill of Materials (SBOM): A Comprehensive Guide
Art Clomera Vice President, Operations It’s hard to believe that until recently, organizations lacked a reliable method to know what components were in their software – imagine opening a medicine bottle and not finding the ingredients label. While the Software Bill of Materials (SBOM) has been around for a decade, it’s gained traction in the […]
Common Cybersecurity Threats and How to Protect Your Government Agency
Shawn Elliott, President, Federal Solutions Cyber threats have become mainstays in the modern news feed. Nearly every day we learn about the latest ingenious digital tool that maliciously exploits its victims to steal their information or money and disrupt legitimate activities. The frequency and severity of these threats are increasing. Cybersecurity sensors recorded approximately 5.3 […]
What is Cybersecurity? (And Why It’s Important)
Art Clomera, Vice President, Operations It’s a simple question with a somewhat complicated answer – at a time when understanding its meaning couldn’t be more important. In a recent industry report, a series of digital trackers stationed across the globe logged more than 5.3 trillion – yes, “trillion” – cyber attacks worldwide in 2021. That’s […]
Risk Management Framework (RMF): The Complete Guide for 2025
Art Clomera, Vice President, Operations Every organization has to manage risk in one form or another. Suppliers manage the risk of having too much or too little product in stock, legal risks are present in virtually every contract negotiation, and of course, insurance companies are built entirely on the principle of managing risk for their […]
What is OSCAL in Cybersecurity? (And Why it Matters)
Art Clomera, Vice President, Operations Developing software to support any federal agency’s mission is a multi-faceted task today. Cyber threats, development complexity, and meeting operational mission requirements including security boundary continuous monitoring, is growing in complexity and resources. Additionally, achieving or maintaining an authorization to operation (ATO) remains a resource intensive task, burdened by very […]
Is Zero Trust the Answer to the Federal Government’s Cybersecurity Woes?
Shawn Elliott, President, Federal Solutions We all know that cybersecurity is a top priority for all federal agencies. In Executive Order (EO) 14028, Improving the Nation’s Cybersecurity, the President initiated a sweeping government wide effort to ensure that baseline security practices are in place. A key component of this EO was to “develop a plan […]
