When the concept of “continuous” monitoring of computer systems was advanced back in 2010, it was simple. Take the server down the hall and constantly monitor its IT systems and networks to detect security threats. Jump fifteen years into the future. You have systems bombarded with data, complex network configurations that include hybrid networks, and constant security threats.

Today, we assist federal technology leaders in gaining an understanding of how to deploy the (once simple) concept of continuous monitoring.

Challenges such as evolving threats, data quality, and the need for real-time incident response were addressed.

If Zero Trust posits one must restrict access to a system, how do you monitor traffic that is encrypted? Modern CDM systems can capture, decrypt, and examine what is entering a given network.

Jason Ralph from the Department of Labor has a strategic insight. New CDM tools are being introduced with impressive capabilities. He warns that the unintended consequence of some new tools can be to reduce the ability of older tools.

Many lessons are shared in this discussion. Topics include the importance of having a stable network system before adding tools and the value of community groups that can advance knowledge of appropriate ways to deploy CDM in a federal world.

As cyber threats grow more sophisticated, federal agencies need security that can think on its feet. 

This week on Feds At The Edge, we explore how agencies are evolving toward Zero Trust by implementing dynamic security—a flexible approach that adjusts access and authentication in real time based on context and behavior.   

Justin Chin, Director of the Government Solutions Segment at Ping Identity, opens with a relatable example: when your bank flags suspicious login activity and adds a second layer of authentication. That adaptive friction is dynamic security in action. 

Federal agencies face unique challenges based on their IT architectures. Paul Blahusch, CISO at Dept of Labor, explains how a centralized system allows broad, consistent policy enforcement. In contrast, Elizabeth Schweinsberg, Sr. Technical Advisor for CMS, shares how her agency’s federated model requires a more tailored approach to dynamic security. 

Tune in on your favorite podcast platform today for insights into the different paths agencies are taking, why enterprise structure matters, and how collaboration is key to building secure, adaptive systems that support the Zero Trust journey.  

 =

Everyone wants a secure network, but how do you prove it? 

This week on Feds At The Edge, we speak with cybersecurity experts to discuss how to establish meaningful cybersecurity metrics to document that security. 

LtCol Natalie Lamb, Cybersecurity Division OIC, Cyberspace Operations Group in the USMC, and Brian "Stretch" Meyer, Sr. Director of Engineering at Axonius Federal, breaks down three essential areas for leaders to focus on:  

1.     Aligning Investments - With limited time and funding, agencies must prioritize cybersecurity efforts that support their mission.  

2.     Knowing Your Network - From cloud sprawl to remote devices, your attack surface is growing. Understanding what you own and protect is the foundation of effective security. 

3.     Setting Priorities - “Ya can’t measure what you can’t see.” Prioritize detection to make your metrics meaningful. We dive into two key performance indicators: 

·         MTTD (Mean Time to Detect) – How quickly do you identify a threat? 

·         MTTR (Mean Time to Remediate) – Once you detect it, how fast can you fix it? 

Tune in on your favorite podcast platform today to learn why aligning your security metrics with mission outcomes isn’t just good practice, it’s essential for long-term resilience.  

Everyone knows automation is powerful, but it’s also a double-edged sword.  

This week on Feds At The Edge, we speak with cybersecurity experts who share how to securely align automation with Zero Trust principles. We spend the hour diving to importance of shared responsibility models, protecting critical surfaces, and using automation to enhance observability and control, especially in cloud environments. 

Michael Hardee, Chief Architect for Red Hat, shares insights on how automation can reduce social engineering risks by eliminating human override. While Don Yeske, Director, National Security Cyber Division at DHS, highlights how AI can uncover vulnerabilities in outdated enterprise architectures, including a recent zero-day attack. 

Both experts emphasize the “human-in-the-loop" approach, agreeing that automation should augment, not replace, human insight. As Michael Hardee reminds us, “automation is not a license for us to check out.”  

Tune in on your favorite podcast platform today! 

The theme of the current administration is to do more with less. Today, we hear from experts on how they have assisted in implementing Zero Trust by leveraging all resources possible. 

We know implementing Zero Trust is a continuous process; David Bottom from the SEC provides guidelines on what to review constantly. He suggests focusing on decreasing privileges, patching systems, and learning how to extract meaningful signals from the flood of data entering the federal government.

None of this can be done without cooperation across the agency. As an example of working with others, David Bottom references the SEC's EDGAR (Electronic Data Gathering, Analysis, and Retrieval).

Jennifer Franks, GAO, recommends that listeners take advantage of federal guidelines to spend as little as possible while meeting compliance goals. For example, CISA, OMB, and NIST all offer guidance in implementation. She has an excellent eight-word summary of Zero Trust: right users, proper access, at the right time.

Many agencies are understaffed. As a result, one way to meet goals is to leverage the right tools. Brian "Stretch" Meyers believes the most "bang for the buck" will be achieved by using tools to establish visibility. From there, one can identify key items to reach compliance.

Zero Trust is an initiative that is here to stay. Listen to the podcast to get ideas on how to optimize the staff and resources at hand.

One of the greatest promises of modern technology is its ability to streamline complex, paper-based systems - cutting costs, improving access, and eliminating waste, fraud, and abuse.  

These complicated systems are often the biproduct of a complicated network, like the ones you find in the Department of Labor which are handling unemployment insurance claims fifty different ways in fifty different states. Or how military members and their families often have to handle an issue when they are thousands of miles from home and might not easily have access. 

This week on Feds At The Edge, we explore how innovative leaders are leveraging technology to streamline these critical processes to meet their unique and specific needs.  

Akanksha Sharma, Director of Digital Transformation for Dept of Labor, shares how her team built a unified identity verification system that cuts through the complexity of each  state’s unemployment claim systems—reducing fraud and improving access. Meanwhile, Kevin Adler, Digital Transformation Advisor at ServiceNow, discusses how digital tools are empowering military families to easily submit claims and work orders, replacing slow, manual methods with mobile-first efficiency.  

Tune in on your favorite podcasting platform today to hear how smart technology can create seamless systems, empower users, and transform public services for the better.  

Automation is everywhere—but is it helping us, or quietly introducing new risks? 

This week on Feds At The Edge we share a special three-part series that explores the evolving role of automation in cybersecurity- from its promise to its pitfalls. In session one, we lay the groundwork with a high-level view of automation’s true purpose and challenges. We follow up with session two- digging into application security and the critical role of cloud telemetry. And we wrap up this hour with insights into threat intelligence, risk visability ahd how to stay ahead of evolving threats.  

Featuring experts from the Department of Labor, DOD, Peraton, Checkmarx and Team Cymru, tune in on your favorite podcasting platform to hear our grounded, real-world look at what automation means today- and where its headed.    

In recent years, the Department of Defense has been rethinking how it approaches communications technology—shifting from traditional, insular solutions to embracing innovation from the commercial sector. While off-the-shelf cellular devices aren’t suitable for the battlefield, the underlying technologies powering 5G and emerging 6G networks are becoming too valuable to ignore.  

This week on Feds At The Edge, we explore how the military can harness advanced commercial technologies like 5G, 6G, and AI to enhance battlefield operations. The discussion centers on three critical considerations:  

• Edge Computing for Resilience: In combat zones where communication links are vulnerable to disruption, processing data at the edge is essential. 

• Agile Networks for Rapid Response: Battlefield conditions evolve quickly. Flexible standards in 5G/6G—especially through tools like 3GPP’s Network Data Analytics Function—enable self-optimizing, reconfigurable networks.  

• Upgrades Without the Overhead: Upgrading physical hardware in remote or high-risk environments (like submarines) can be difficult, but software-based systems offer promising alternatives. 

The 2023 FBI Internet Crime Report reveals that nearly 21% of ransomware attacks targeted the healthcare and public health sectors—making them the top victims.  

This week on Feds At The Edge, we explore how agencies can defend against these growing threats.  

Benjamin Koshy, Chief Information Security Officer and Director, Division of Information Security of Indian Health Service, explains the unique identity management challenge in healthcare: balancing open patient access with strict data protection. 

Keith Busby, Acting CISO at CMS, outlines how to go beyond Zero Trust with real-world risk assessments and robust incident response plans - not just a three-ring binder gathering dust on a shelf.  And Alec Lizanetz, Identity Protection Specialist from CrowdStrike, emphasizes the importance of prioritizing threats and using frameworks like CISA’s to respond efficiently.  

Tune in on your favorite podcasting platform today to hear practical, high-impact strategies to secure critical systems and protect patient care, perfect for healthcare leaders who must protect both data and lives.  

Today’s modern network has placed identity management in the forefront to manage a plethora of landscapes – on and off prem, public and private, hybrid, and the new kid on the block, alt-clouds. 

This week on Feds At The Edge, we explore how the Defense Information Systems Agency (DISA) is leading the charge in modern identity management, once a backwater concept, to center stage, with its ambitious program, Thunderdome.  

Chris Pymm, Portfolio Manager, Zero Trust & Division Chief for ID7 at DISA, shares how Thunderdome spans 50 sites and 12,000 users, automating identity controls to outpace threats like lateral movement. We also hear from Quest Software Public Sector cybersecurity expert Chris Roberts, who breaks identity management down to its core: know the user, know the device, know the behavior.  

Tune in on your favorite podcasting platform today to hear how DISA is redefining identity for today’s distributed networks—and what your agency can take from their playbook.