Federal agencies purchasing cryptographic-based security systems must confirm an associated FIPS 140-2 certificate exists. This procurement “check-box” item is a deal-breaker. Vendor claims of “designed for FIPS” or “FIPS ready” are not sufficient to pass this hurdle. There is an advantage in selecting a product with a FIPS 140-2 certificate over a solution that has not undergone the rigorous approval process.
As IT and cybersecurity become increasingly involved in contracts, project managers looking to improve project performance need to consider using ITIL®. In today’s world of tight budgets, delayed projects, and constant staff reductions, project managers are looking for different ways to run their projects. Having foundational technical competence is not enough when working with IT departments on a project. Project Managers must focus not only on technology, but people and process as well. ITIL is the most widely accepted approach to IT service management and is relevant to any Project Manager working with IT services on a project. Here is an introduction to ITIL and it's importance in improving project performance.
Whether you are staying in the military or getting out, there are DOD baseline certifications that can translate military experience to a civilian resume. The certifications and credentials that really count depend on where you are coming from and where you plan to head. In many situations there are COOL programs based on the branch of military you are serving that can offer certification or credentialing assistance.
In August of 2004 the US Department of Defense (DoD) implemented DOD Directive 8570 certification requirements, which requires every part-time or full-time military member or defense contractor with privileged access to a DoD information system to carry an approved certification for their particular job classification.
Government agencies are increasingly finding themselves as targets for cyberattacks. Summarizing some of the best practices these agencies can use to stay secure and highlight some of the possible consequences to having vulnerabilities. Our elections systems have been a strong focus in recent years; we are drawing upon lessons learned in that realm and extending them across the government IT infrastructure. Above all, this should be reference architecture for Security Officers and CIOs, for all government entities and departments.