The AI Revolution: Transforming Technology and Reshaping Cybersecurity

Artificial Intelligence (AI) is revolutionizing government and technology, driving an urgent need for innovation across all operations. Although historically, local and state government systems have seen only incremental changes with limited AI adoption, today, a significant shift is occurring as AI is integrated across all government sectors.

Benefits of AI Integration

The benefits of these changes are evident. AI-powered systems analyze vast amounts of data, offering insights for better decision-making. Public services become more personalized and efficient, reducing wait times and enhancing citizen satisfaction. Security is significantly bolstered through AI-driven threat detection and response. Consequently, governments are adopting AI and advanced software applications to provide secure, reliable, and resilient services to their citizens, enhancing digital engagement and communication within their communities.

With this rapid growth, cybersecurity operations are among the areas most significantly impacted by advancements in artificial intelligence. CyberOps is at a unique intersection, needing to leverage advanced AI capabilities to enhance effectiveness and resiliency. However, numerous applications and connections are simultaneously challenging it by utilizing emerging AI capabilities to improve their effectiveness and resilience. Despite historically being rigid and resistant to change, CyberOps must adapt to the challenges of an AI-driven digital world.

Whole-of-State / Agency Cybersecurity Approach

Whole-of-State cybersecurity and zero trust governments can be challenged with maintaining digital operations while ensuring sensitive information’s privacy and security. Cisco’s technology allowed agencies to easily meet these requirements through advanced AI-powered security solutions and privacy-preserving AI models. Thanks to techniques like federated learning and differential privacy, sensitive information could be processed and analyzed without compromising individual privacy.

Adopting AI-Driven Services

Adopting AI-driven, easily consumable, on-demand services provides a secure, sustainable, and reliable foundation to build on. Investing in an infrastructure that is secure and flexible allows governments to quickly pivot to the emerging opportunities that the AI revolution brings. No one person could have predicted or prepared for such a transformative shift. Still, the ability to rapidly adapt to the challenges it brought and continue to serve the community and citizens in the ways they deserve is key.

Challenges and Adaptation

Don’t be mistaken, change is often hard. Humans are creatures of habit and comfort and rarely like to be pushed outside our comfort zone. Unfortunately, the AI revolution is doing just that. It is forcing us to adapt and discover new ways to operate and provide what are now seen as even the most basic digital services. The drive and demand for AI-powered services in the government sector are rapidly expanding. We are experiencing one of the most significant catalysts for technological adoption in the state and local government space since the internet became mainstream.

This revolution is driving the necessity for a whole-of-state cybersecurity and zero trust approach. The goal is no longer maintaining the status quo but rather achieving a level of service that provides the foundation for how things can be in an AI-enabled world. Providing enhanced, secure services and support to the community has become the resounding focus of state and local governments.

Cisco’s Role in Supporting Governments

As we navigate this AI revolution, Cisco stands ready to support governments in their journey towards whole-of-state cybersecurity and zero trust adoption. Our comprehensive suite of AI-powered solutions provides the building blocks for a secure and efficient AI-enabled government infrastructure. The shift to a more inclusive, AI-driven government began with specific applications but is rapidly expanding to all sectors and offerings in the state and local government spaces.

Source: cisco.com

Continue reading

Funding a Whole of State Approach for your Community

The funds are incentivizing states to provide cybersecurity services to local governments rather than the usual method (passing-through cash). At present, at least thirty states are providing cybersecurity services to local and Tribal governments with more states expected to announce the rollout of whole of state cybersecurity.

As you consider how to leverage SLCGP grants for a whole of state approach, there are five things I suggest Cisco account managers and partners should be aware of.

1. Understanding SLCGP funding

Cisco customers, account managers, and partners should be familiar with how the SLCGP allocates funding to states and how states distribute funds or services to local governments. The “whole of state” approach aims to ensure that cybersecurity funding is not just allocated to states for state use; instead, at least 80% of funds must benefit local governments and rural communities. Local government cost-share or matching funds begin at 10% in year one and rises to 40% in year four. SLCGP funds must supplement existing cybersecurity expenditures and may never supplant or replace approved and budgeted expenditures.

2. States select the vendors and cybersecurity services provided to local governments

Cisco account managers and partners should communicate to state customers why Cisco products and services ought to be available to local and rural governments. If a state creates a list of SLCGP-funded products and services for local governments, Cisco customers benefit most if Cisco products and services are on the list. States are not publishing the names of local governments awarded subgrants, nor details of cybersecurity services provided to named local governments.

3. Customer Cybersecurity Planning and Strategy

Development of comprehensive cybersecurity plans that include risk assessments, resource allocation, and incident response strategies is an eligible expense for state and local governments. Cisco account managers and partners should be prepared to contribute to these plans by offering their expertise in cybersecurity and by understanding the specific needs and challenges faced by their public sector clients.

4. Compliance and Best Practices

Recipients of SLCGP funds will be required to adhere to specified cybersecurity best practices and standards. Cisco account managers and partners need to be well-versed in these requirements, which may include frameworks like NIST (National Institute of Standards and Technology), to ensure that the solutions they are offering are compliant and can be funded by the grant.

5. Educational and Workforce Development

A portion of the grants may be allocated to cybersecurity education of the customer’s workforce. Cisco account managers and partners should be aware of Cisco’s own training and certification programs, such as the Cisco Networking Academy, which can be integrated into broader educational initiatives.

As you research funding for whole of state and other needs, it’s also important to stay updated on the latest announcements by state governments of state grant programs, competitive subgrants, and application deadlines. For the most current information, Cisco account managers and partners should reach out to your Cisco Public Funding Advisor. They’ll be glad to help answer any questions you may have about whole of state or other funding opportunities.

Source: cisco.com

Continue reading

Cisco Defense Orchestrator’s Path to FedRAMP Authorization

Cisco Defense Orchestrator is a cloud-based multi-device manager that enables consistent policy implementation across highly distributed environments. CDO’s centralized management allows rapid deployment of policy changes when minutes matter, and reusing policy objects across all firewall form factors reduces both administrative effort and organizational risk. Security teams that adopt CDO spend less time deploying and maintaining their firewalls and more time optimizing policies and managing threats.

Moving forward on FedRAMP

Cisco has made great progress in moving a variety of our solutions through the FedRAMP process. Created to encourage use of cloud computing, FedRAMP serves to streamline the exchange of information and accelerate services within federal agencies, plus improve their interaction with the public. In 2023, the FedRAMP Authorization Act was passed, codifying the FedRAMP program as the authoritative standardized approach to security assessment and authorization for cloud products and offerings.

With FedRAMP, federal agencies are provided a uniform framework for evaluating, approving, and continually overseeing cloud services. This includes procedures for security assessments, authorizations, and ongoing surveillance of cloud services utilized by federal entities. In addition, you should understand the following:

• The US General Services Administration (GSA) administers FedRAMP in collaboration with the Department of Homeland Security (DHS) and the Department of Defense (DoD).
• The compliance parameters set by FedRAMP are in alignment with the National Institute of Standards and Technology (NIST) Special Publication 800-53, which outlines technical standards for cloud computing.
• FedRAMP also promotes adherence to the Federal Information Security Management Act (FISMA) and the OMB Circular A-130 by federal agencies.

The FedRAMP process and Cisco Defense Orchestrator

FedRAMP Authorization can be pursued with an individual agency sponsor or multi-agency authorization. For CDO, Cisco is working with the United States National Institute of Health (NIH) as the individual agency sponsor.

Preparation Phase

The initial phase with individual agency sponsorship is known as the Preparation Phase. It consists of two key steps if no sponsor agency is available: conducting a Readiness Assessment and engaging in Pre-Authorization activities.

Preparation Step 1: Readiness Assessment

The Readiness Assessment is an optional stage aimed at helping cloud offerings obtain a sponsor. Readiness assessments are performed by certified Third-Party Assessment Organizations (3PAOs), who produce a Readiness Assessment Report (RAR) that shows potential sponsoring agencies that the solution is ready to meet the federal government’s security standards.

Preparation Step 2: Pre-Authorization

If sponsoring agency is available, you can go straight to Pre-Authorization, skipping the Readiness Assessment stage. Cisco has completed Pre-Authorization with NIH. This means the CDO team has implemented the requisite technical and procedural requirements and compiled the security documentation necessary for the authorization process.

During this phase, Cisco accomplished the following tasks:

• Demonstrated that the CDO for government solution is fully built and functional.
• Completed a CSP Information Form.
• Determined the security categorization of the data that will be placed within the system utilizing the FIPS 199 categorization template along with the appropriate guidance of FIPS 199 and NIST Special Publication 800-60 Volume 2 Revision 1 to correctly categorize the CDO system based on the types of information processed, stored, and transmitted.

After the successful completion of a kickoff meeting with NIH on February 22, 2024, CDO achieved the In Process status on the FedRAMP Marketplace.

Authorization Phase

The next step is the Authorization Phase, which has two parts: Full Security Assessment and Agency Authorization Process.

Authorization Step 1: Full Security Assessment

The first authorization step is a full security assessment by a certified 3PAO. Before this assessment, Cisco completed the Site Security Plan (SSP) and reviewed it with NIH. Schellman Compliance, LLC is the 3PAO responsible for the Security Assessment Plan (SAP) for CDO and the Security Assessment Report (SAR) that will document test findings and suggestions relevant to attaining FedRAMP Authorization.

Once the 3PAO assessment is finished, Cisco develops a Plan of Action and Milestones (POA&M) outlining the plan to address the test findings in the SAR.

Authorization Step 2: Agency Authorization Process

The second authorization step is Agency Authorization, in which NIH will review the complete authorization package and may hold a SAR debrief with the FedRAMP Project Management Office. NIH will also implement, test, and document the customer-responsible controls during this phase. Then the NIH will perform a risk analysis and issue an Approval to Operate (ATO) when identified risks are sufficiently addressed.

At this point, CDO will have agency authorization to operate but still require review by the FedRAMP PMO to be included in the FedRAMP Marketplace. When finished, the FedRAMP PMO will update the Marketplace listing to reflect FedRAMP Authorized Status and the date of Authorization. The security package will then be made available to agency information security personnel, who can issue subsequent ATOs, by completing the FedRAMP Package Access Request Form.

Post-Authorization

Once CDO receives Authorization status in the FedRAMP Marketplace, it will enter a continuous monitoring phase to ensure ongoing protection of the system and government data. In this phase, Cisco submits regular security documentation—including vulnerability scans, refreshed Plans of Action and Milestones (POA&M), yearly security evaluations, reports on incidents, and requests for significant changes—to each of their agency clients. Cisco will make use of the FedRAMP secure repository to upload continuous monitoring content for all agencies that deploy CDO to review.

Leveraging the Cisco Federal Ops Stack

Cisco is leveraging the Cisco Federal Operational Security Stack (Fed Ops Stack) as a core component of the CDO FedRAMP process to speed future FedRAMP development and assessments. The Cisco Fed Ops Stack is a centralized set of tools and services that cover approximately 50% of FedRAMP Moderate requirements. Once Fed Ops Stack has received authorization to operate, along with CDO, Cisco can leverage these shared services in future SaaS products to make audits and continuous monitoring simpler for Cisco and federal agencies.

Pushing forward on CDO FedRAMP compliance

Our team at Cisco is fully committed to getting CDO FedRAMP compliant, so federal agencies can simplify their management of distributed security policies. We are pleased to have completed the Agency Review with our agency sponsor NIH and achieved In Process status. Watch for more updates as we get closer to full FedRAMP Authorization for CDO, the Cisco Fed Ops Stack, and additional SaaS offers from Cisco.

    

Source: cisco.com

Continue reading

Synchronizing Technology and Organizational Culture for Optimal Outcomes

Understanding the Challenge of Martec’s Law and Strategically Adopting Technology

Martec’s Law states that technology changes faster than organizations can adapt and poses a critical challenge to government agencies. To make the most of rapid technological advancements and maximize their impact, agencies need a well-planned approach for prioritizing, adopting, and integrating the most significant of these technologies. This is where the role of an experienced customer success-focused partner becomes crucial to guiding agencies through the maze of strategic technological change.

Effective Application of Martec’s Law to Enhance Organizational Outcomes

The strategic application of Martec’s Law can help agencies orchestrate and align their technology adoption leveraging both Moore’s Law, highlighting the rapid growth in computing power, and Metcalfe’s Law, focusing on the exponential impact and value of network connected entities. This approach encourages agencies to synchronize their tech adoption, enabling them to fully leverage the fast pace of tech advancements to boost their results. Handling this challenge successfully is key to enhancing enterprise visibility and analytics, enabling automation and orchestration across their enterprise, thereby contributing to superior government mission and business success.

Figure 1. Technology changes vs organizations change

Leveraging Cisco’s Insights and Best Practices

Cisco, one of the world’s leading technology companies, has successfully navigated these challenges over the last several decades. The insights and best practices we have gained can greatly assist our clients in their digital transformations, thereby maximizing outcomes, and preventing major disruptions within their culture and organization.

Orchestrating Technological and Cultural Change: A Customer Success Focus

To successfully navigate digital transformation complexities, agencies can benefit from a seasoned ally to optimize their technology choices and management. Cisco’s innovative approach, which includes a customer-experience organization and Customer Success Executives (CSE), helps customers adopt technology effectively within their specific cultural and organizational environments. This collaboration helps accelerate network and infrastructure modernization, automation, and security, ensuring future-ready enterprises.

Addressing Current (and Future) Federal Mandates with an Integrated Multi-Architecture Approach

The increasing requirements of federal mandates are driving a digital transformation of our government.  A customer success executive can assist government agencies in prioritizing technologies to achieve these required outcomes and be prepared to deliver on requirements in future federal directives.  An integrated, multi-architectural viewpoint can help agencies make a dramatic leap up the technological change curve to achieve their digital transformation better and address mandate requirements.  Cisco offers focused strategy and training to clients, guiding them towards a digitally-enabled future from their analog past.

Figure 2. Adoption changes accelerate your outcomes

Conclusion: Seizing the Opportunity to Shape the Future

The time is ripe for federal agencies to take advantage of Martec’s Law. With guidance from Cisco customer success executives, agencies can maximize the value from their tech investments, modernize networks, automate processes, and enhance cross-architecture orchestration. Now is the time to accelerate your agency’s transformative journey toward technological and organizational evolution.

In a Nutshell

Federal agencies are on the cusp of a technology-driven transformation that can optimize their mission outcomes. The challenge lies in keeping pace with rapid tech advancements and aligning these with the organization’s strategic goals. Expert guidance from your Cisco Customer Success Executive can help you navigate this journey, modernize your networks, and successfully adopt digital transformation strategies. Reach out today and start your transformation.

Source: cisco.com

Continue reading

Enhancing Government Outcomes with Integrated Private 5G

Enhancing Government Outcomes with Integrated Private 5G

Private 5G is now ready to be part of your enterprise wireless communications transformation strategy. While there has been extensive focus on ultra-wideband gigabit speeds from public Mobile Network Operators, there are even greater government expectations for 5G capabilities to assure the quality of service and empower new mission-critical use cases. 3GPP standards are enabling delivery of capabilities in three strategic 5G areas: enhanced Mobile Broadband (eMBB), Ultra-Reliable and Low Latency Communications (URLLC), and massive Machine Type Communications (mMTC). Private 5G is uniquely capable of addressing critical communications requiring interference-free spectrum, high throughput and/or low latency deterministic data delivery, and the ability to transfer terabytes of data without a metered service plan. The result will be a wide range of advanced public and private network wireless capabilities for high-definition video, advanced command and control, autonomous vehicles, and addressing previously overwhelming quantities of sensor data.

Private 5G Fundamentals

Cisco’s Private 5G solution is built on service provider class technology, tailored and optimized for enterprise consumption. For decades, Cisco has powered cellular networks around the world through advanced IP transport and 3GPP standards-based components, including our industry-leading Mobile Packet Core. Our new Private 5G solution delivers Wi-Fi-like simplicity through a cloud-native platform built on a services-based architecture and micro-services infrastructure. The solution offers a zero-touch delivery approach to on-premises elements that provide wireless connectivity between user devices and applications, while ensuring organizational and local data sovereignty. Cisco’s proven IoT platform manages the on-premises elements allowing for rapid turn-up and delivery of services, reducing government 5G learning curves and on-boarding burdens.

Better Together – An Enterprise Wireless Approach

An integrated private wireless strategy for Private 5G and Wi-Fi6 working together can deliver near-term transformative innovation as well as optimal user experiences and new mission-critical capabilities for the next generation of government mobility.

Bringing Private 5G enterprise mobility together with Enterprise IT and existing wireless infrastructures will ensure optimal quality of service, ubiquity of access, and enhanced security for mobile users. This integrated enterprise wireless approach, as depicted in the above picture, also enables the alignment and delivery of enterprise operational and security policies across your entire communications ecosystem. This “better together” story makes even more sense when you consider the vast majority of current 5G connections for voice and data access occur indoors, often where an existing Wi-Fi environment can be leveraged.

Better Together Outcomes – Optimized Experience / Minimized Costs

“Better Together” is a commonsense approach for government organizations that are bringing 5G into existing communications environments and complements the significant wireless investments that most government organizations have already made. And what could be more important in this age of hybrid work? A recent example: working in partnership with Dish Wireless, Cisco has teamed with Internet2 and Duke University to integrate Duke’s campus wireless network with Internet2’s upgraded fifth-generation national research and education network. “Rather than providing two separate infrastructures throughout campuses for cellular and Wi-Fi, the holy grail has always been for a single, common network delivering both cellular and high-speed private Wi-Fi,” said Tracy Futhey, VP and CIO at Duke University.”

This ability to deliver the right wireless technology to optimize overall experience and performance and to ensure enhanced and cost-effective mission and business outcomes are essential for government enterprises focused on user experience and security (and also meeting multiple Executive Orders and President’s Management Agenda requirement mandates).

Key Zero Trust and Security Considerations

Comprehensive, real-time visibility is needed across the wireless enterprise for optimal automation, orchestration, and performance and more importantly, delivering zero trust security. The “better together” approach fully supports Zero Trust mandates to continuously verify trust as called out in both federal mandates and the Cybersecurity and Infrastructure Security Agency’s (CISA) Zero Trust Maturity Model. This integrated Private 5G and Wi-Fi 6 approach:

◉ Enables optimal Visibility & Analytics and Automation & Orchestration to better protect workloads, applications, and data;

◉ Ensures access control is as granular as possible to isolate user environments, applications, and data;

◉ Provides richer data for more effective anomalous activity mitigation.

Source: cisco.com

Continue reading

Broadband Planning: Who Should Lead, and How?

As new Federal funding is released to help communities bridge the digital divide, you’ll need to gain a strong understanding of the solutions and deployment options available. Often overlooked, however, is the need to develop and commit to a realistic and inclusive broadband planning process. One that acknowledges the broad variety of stakeholders you’ll encounter and offers a realistic timeline to meet funding mandates. You’ll also need a strong leader. But who should lead and what should the process look like?

Why broadband planning is critical

As a licensed Landscape Architect and environmental planner, I’ve had the opportunity to work with state and local government leaders on a variety of infrastructure projects. In each case, we created and adhered to a detailed planning process. The projects ranged from a few acres to 23,000 acres, from roadways and utilities to commercial and residential communities. Even campuses and parks. In each case, sticking to a detailed planning process made things go smoother, resulting in a more successful project.

As critical infrastructure, broadband projects should adopt the same approach. You’ll benefit greatly by leveraging a well thought out collaborative planning model. Your stress levels will be reduced, your stakeholders happier, and the outcome more resilient and sustainable.

Using a collaborative planning model helps accomplish this by:

◉ Establishing a clear vision and goals

◉ Limiting the scope of the project, preventing “scope-creep”

◉ Creating dedicated milestones to keep you on track

◉ Providing transparency for all stakeholders

◉ Setting a realistic timeline to better plan and promote your project.

Using a collaborative broadband planning process also creates a reference source for media outreach and promotion as milestones are reached. Lastly, by having a recorded process, funding mandates or data reporting can be more easily reported, keeping you and your team in compliance.

Who should lead broadband planning?

My involvement in traditional infrastructure planning has allowed me to experience first-hand how comfortable government personnel are in leading large-scale projects. Why are they? Because:

◉ They’re well versed in local ordinances, regulatory laws, and community standards

◉ They understand their community and its people

◉ They have established relationships that cross the public and private sector.

That’s why I, and many others in the IT industry, feel these same state and local government leaders can offer the most success leading broadband planning in their communities.

In addition, those in planning-specific positions are especially suited to do so, having unique skill sets that address:

◉ What type of infrastructure is needed and where to locate it

◉ Gathering realistic data via surveys, GIS mapping, and canvassing

◉ Construction issues that may serve as potential roadblocks or opportunities

◉ Understanding potential legal and maintenance issues.

A realistic broadband planning process

To help our partners in the public and private sectors achieve greater success in their broadband efforts, we’ve created a new guide. It outlines a realistic, inclusive broadband planning process, including suggested timelines and milestones.

By leveraging our new guide, titled Powering a Future of Inclusive Connectivity, your team can increase the comfort level among stakeholders, increasing buy-in to your project. Moreover, you’ll learn:

◉ Key questions to ask when seeking funding

◉ Considerations when building public/private partnerships

◉ The five steps you need to implement a strong and transparent planning process (including suggested timelines and associated milestones)

◉ Use cases.

Funding for broadband

Up to $800 billion in direct and indirect investment is available over the next 5-10 years to fund broadband. This includes the Federal Coronavirus Aid, Relief and Economic Security Act (CARES) and the American Rescue Plan Act (ARPA). Plus, the Infrastructure Investment and Jobs Act (IIJA).

Each program is unique, so understanding them can be a challenge. As you start your broadband planning process, I encourage you to reach out to the Cisco Public Funding Office. Their experts will be glad to help answer questions and guide you through the funding opportunities that best fit your needs.

Source: cisco.com

Continue reading

EIS in Transition: Impacts on Digital Transformation for Federal Networks

For Federal agencies, Enterprise Infrastructure Solutions (EIS) has provided a comprehensive, solution-based method to address their IT telecommunications and infrastructure needs. Over the years, EIS has seen many changes that directly impact stakeholders. But its primary purpose as a key driver for the digital transformation of enterprise telecommunications and networking solutions remains unchanged. Yet many agencies, such as Networx and WITs, face contract expirations on May 31, 2023. To maintain momentum for digitization, Federal agencies must begin the transition now by strategically mapping how and where it should start.

What’s next for Federal Digital Transformation?

For decades, Cisco has built a strong relationship with the U.S. Federal Government. Our portfolio of products, solutions, and services provide Federal agencies with the critical technology and support they need to enable the transformation of their networks within the EIS contract.

By leveraging these existing contracts, agencies are reducing costs and acquisition time. They’ve been able to digitize aging systems and catch-up to the private sector in capabilities. But now what? Which direction should Federal agencies go as they transition contracts within EIS? The simple answer: Cisco SD-WAN.

Beyond EIS with SD-WAN

Cisco SD-WAN is the premier choice for replacing expensive and aging legacy WAN. Federal agency networks leveraging Cisco’s SD-WAN solution can benefit from:

◉ Enhanced user experience

◉ Reduced costs

◉ Simplified operations

◉ Improved performance

◉ And robust security.

Cisco SD-WAN enables more efficient bandwidth allocation, powering critical applications to faster, smoother performance. This capability is now a necessity as Federal agencies move to cloud services and witness an explosion of app-wielding users connecting remotely.

Wi-Fi6 for the Federal Government

The transition in EIS contracts also provides Federal agencies with the opportunity to rethink their adoption of new and emerging technologies. One example is Wi-Fi 6. It builds on earlier Wi-Fi standards to provide Gigabit Ethernet Access – but with the reliability and predictability that comes from a licensed radio.

Cisco Wi-Fi 6 Solutions let users of modern, more agile networks benefit from new capabilities while connecting wirelessly. Cisco’s Wi-Fi 6 gives access points the power to support more clients in dense environments, plus it provides a better experience for users of typical wireless LAN networks.

Partnering for the future of EIS

In late 2021, the General Services Administration (GSA) issued a Request For Information (RFI) seeking comments to modify the EIS contract so that agencies can more quickly obtain mobility-as-a-service (MaaS) offerings (starting in late 2022). This expansion of EIS would allow for the use of 5G and bring the benefits of edge compute to the government workforce.

At Cisco, we’re also planning to provide additional capabilities to the U.S. Government, including 5GaaS capabilities. This could be a game-changer, enabling the U.S. Government to take advantage of mobility services.

For Federal agencies, the transition in EIS contracts provides a unique opportunity to leverage innovative technologies that can maximize network agility and security while enhancing workforce productivity.

At Cisco, we understand this and are helping shape the future of government with products, solutions, and services that empower agile networks, enhanced collaboration, and a holistic security approach. By preparing now, your agency can leverage the upcoming EIS transition to help shape that future.

Source: cisco.com

Continue reading