A new model for cyber risk management

A new model for cyber risk managementBy Sara Friedman Jul 20, 2018

What:  “Managing Cybersecurity Risk in Government: An Implementation Model,” a report from the IBM Center for The Business of Government

Why: While federal agencies are required to comply with the National Institute of Standards  and Technology’s Risk Management Framework and Cybersecurity Framework, they still must develop their approaches to managing cybersecurity risk. A single model for risk assessment, mitigation and monitoring allows agencies to tailor approaches for particular cyber challenges and creates an opportunity to harmonize approaches across agencies.

Findings: To improve agencies' cyber risk management, this report proposes a five-step decision matrix called PRISM, for Prioritize, Resource, Implement, Standardize and Monitor. The cybersecurity evaluation model will help cyber decision-makers create tailored approaches to risk management and better communicate the impact of investments in security resources on reducing targeted cyber risks.

Implementing PRISM  is a multi-step process:


NASA launches Remote Sensing Toolkit

NASA launches Remote Sensing ToolkitBy GCN Staff Jul 19, 2018

To help commercial users more easily take advantage of NASA's remote sensing data, the space agency created the Remote Sensing Toolkit, a website that lets users unfamiliar with aircraft and satellite data and image analysis browse or keyword search through sensing data, existing applications and software that can be used to build tools.

NASA collects petabytes of data each year from its constellation of Earth-orbiting satellites, but both the datasets themselves and the tools for processing them have been spread across dozens of sites, making it difficult for potential users to access and use the data, officials said.

This new comprehensive collection assembled by NASA's Technology Transfer program offers users an easy way to tap into both near-real-time and archived data and imagery from satellites and aircraft monitoring a wide variety of natural and man-made phenomena. 

Tools include those for

5 use cases for smart city IoT

5 use cases for smart city IoTBy Matt Leonard Jul 17, 2018

Cities across the world are running internet-of-things pilots to gain insights that will them run more efficiently. A new white paper from the Georgia Institute of Technology's Center for the Development and Application of Internet of Things Technologies  takes an exhaustive look at promise of these burgeoning technologies.

The paper, “Driving New Modes of IoT Facilitated Citizen/User Engagement,” dives into multiple aspects of IoT technology including implementation, data ownership, security, business models and road maps. Five use cases are used to highlight the different opportunities and challenges of connected devices: municipal service management, utilities, public safety, transportation and health care. Each of these areas has its own considerations for IoT planning and execution, the report said.

1. Municipal services management. IoT technology could provide novel ways to engage with citizens and improve effectiveness and efficiency with IoT-based data

Bonds on the blockchain: Streamlined, low-cost, transparent funding

Bonds on the blockchain: Streamlined, low-cost, transparent fundingJul 16, 2018

Berkeley, Calif., is getting ready to test using blockchain to issue micro bonds to raise money for city projects, such as affordable housing.

City staff are fine-tuning plans for a pilot test of a program the city council unanimously approved on May 2 that would let the city issue micro bonds in amounts of $10 to $25 -- much lower than the current minimum of $5,000. That would make bonds more accessible to more people.

“These bonds -- we call them micro bonds because they’re small -- are really cool because you can target them to make one building,” said Ben Bartlett, the city’s vice mayor. “They’re extremely flexible like that because the cost is so low, and they’re fast, too. The micro bond proposal is leveraging the blockchain to crowdfund bonds, essentially. You can also do geotargeting to the

Last chance to submit Government Innovation Awards nominations

Last chance to submit Government Innovation Awards nominationsBy Troy K. Schneider Jul 16, 2018

The deadline for Government Innovation Awards nominations is fast approaching.  All submissions must be received by midnight ET on Wednesday, July 18, so please be sure to get yours in before the calendar flips to July 19. 

These awards focus on Public Sector Innovations -- transformative tech that is truly reinventing government at the federal, state or local level. That potentially mission-critical impact can stem from a new technology itself or from the innovative ways established tech is being leveraged to make government function better.  There are also awards for individual innovators and for the industry partners that power much of the technology involved. 

As you put the finishing touches on your nominations, please be sure to keep the following questions in mind:

What type of innovation is it?

Any tech-driven innovation in government is eligible, but the 2018 Government Innovation Awards

Using encryption to help fight data breaches


Using encryption to help fight data breaches By Nick Jovanovic Jul 13, 2018

The question seems simple, “What will it take to stop the breaches?”

Cybersecurity continues to be a priority in all branches of government as well as for businesses, to academic institutions and everyone in between. Despite this attention and an increase in resources, the number of data breaches continues to escalate, with federal agency data under siege. Seventy-one percent of government respondents to a recent survey report their organization was breached sometime in the past. Our Federal Edition of the 2018 Thales Data Threat Report reports that of those organizations, 57 percent have been breached in the last year – a number that is three times the rate just two years ago. More alarmingly, perhaps, is that 67 percent of all enterprises have been breached with many of those having been breached more than once.


Delivering citizen-centric state government


Delivering citizen-centric state government By James (JJ) Foster Jul 12, 2018

Every CIO, but especially those in state government, worries about delivering more with less.  According to the National Association of State CIOs, state government CIOs are working with the same technologies as their counterparts in industry and in the federal government.  Cloud services, security, consolidation, digital government, shared services, broadband, data management, governance and agile delivery demand their attention.  Citizens, however, have a very different set of priorities.  They want services that are simple, easy to use, personalized and available anywhere, any time and on any device – just like the services they get from the broad commercial market.

At first, these two priorities may seem like two sides of the same coin, but in fact they are not.  CIOs are concerned with technologies that can be used to provide citizen-centric services but which are not guaranteed to

Can machine learning make sense of government's IT spend?

Can machine learning make sense of government's IT spend?By Troy K. Schneider Jul 11, 2018

The Trump administration wants the Technology Business Management framework -- a detailed system for tracking IT investments and measuring the business outcomes they deliver -- to be embraced governmentwide by 2022.   But since most agencies lack clean and consistent data on the IT they buy, tackling TBM often starts with a tedious and time-consuming inventory process.

"We want to streamline the reporting of IT," Federal CIO Suzette Kent said at a July 11 event hosted by the TBM Council, and " we want to use technology to do that."

Deputy Federal CIO Margie Graves elaborated on that point, noting that the Office of Management and Budget is working with federal contractors to ensure their bills to federal agencies come with detailed data in a TBM-friendly format.  "Our vision is that this becomes more automated [so

Delaware to test blockchain for corporate filings

Delaware to test blockchain for corporate filingsBy Sara Friedman Jul 10, 2018

With over a million companies incorporated in Delaware, the Department of State’s Division of Corporations earns $1.3 billion a year processing corporate transactions.  To make the process more efficient, Delaware officials are exploring incorporating blockchain into different components of corporate filing processes.

One proof of concept will be creating a system for notifications of changes to unified commercial code filings. A second will explore streamlining management of records related to company incorporations and stock ownership. The projects are the result of enabling legislation passed in 2017 that promoted the use of distributed-ledger technology to improve government efficiency and a workshop with IBM that collected ideas from relevant stakeholders.

The UCC filings prototype will examine whether blockchain can improve the notification process when files are changed or deadlines come due and allow ways to query UCCs in real-time as

3 considerations before moving to the cloud


3 considerations before moving to the cloud By Charles Fullwood Jul 09, 2018

Despite the urgency of IT modernization and the federal government's cloud-first mandate, many agencies unfortunately still find themselves lagging when it comes to cloud adoption. While cloud migration is a massive endeavor, it doesn’t have to be unmanageable, let alone impossible. Indeed, much of the hassle and potential complications can be mitigated, if not altogether avoided, by developing a comprehensive strategy for migrating mission-critical applications to the cloud. Here are three recommended best practices agencies should consider when developing their cloud migration strategy.

1. Assessing current workloads

It would be nice if agencies could simply lift and shift their applications to the cloud, but in the majority of cases, this will not be practical. There are multiple factors to consider, from priorities and objectives, to timing, resources, architectural considerations and more. These competing factors must be