Blog Article

Cybersecurity and Federal Project Management

Written by: Chris Greco

Cybersecurity and Federal Project Management icon

In the world of cybersecurity, confidentiality, integrity, and availability form the mantra of every security specialist. These three factors ensure that the data in every information system are kept within the confines of the organization. They ensure that the retrievable data is the same data that was placed in the system and that it is accessible by every authorized individual.

Data is essential in project management and systems engineering to establish baselines, determine work schedules, and communicate with stakeholders and project teams. Most communication is done by email, which has its own unique set of vulnerabilities.

Vulnerabilities

The most substantial vulnerabilities of big data are volume, variety, and velocity. None stands out more than the other. The foundation of making data stronger begins with the ease with which someone can access, change, or use it. For instance, a project manager who stores project data in the cloud may give each project file and folder a unique name. Despite the effort to structure the data, there is a danger that any other project manager with access to the cloud could inadvertently change or delete these folders or files.

Standards

How can you secure your data? The National Institute of Standards and Technology (NIST) has an entire set of policies and procedures for big data detailed in the NIST Big Data Interoperability Framework (NBDIF): Volume 4, Security and Privacy. This guidance was provided by the Big Data Working Group (BDWG), a group of federal government and private industry experts the BDWG in 2013 to determine the very nature of big data; to examine how it would affect government and private industry, and to help shape policies, frameworks, and applications.

Mitigation

The importance of project management documentation is clear when reviewing the NBDIF directives for eliminating data vulnerabilities in public service environments. Mitigating vulnerabilities in the project data repository (i.e., charters, management documents, registers, and communication plans with email addresses and phone numbers) should be mandatory for every project. For example, if a project is medical and there are medical devices involved in the data scheme, security for those devices will be required to secure that part of the data function. And, because the vulnerabilities of big data can be numerous, it is vital that project managers become familiar with the NBDIF to understand and execute data protection measures effectively.

Training

In recent years, some of the most complex challenges cybersecurity professionals have faced involve the interoperability, data security, reliability, and performance management of cloud computing. As of FY 2022, contracting personnel assigned to digital services acquisitions over $7 million or $13 million for acquisitions described in FAR Part 13.500(c) are now required to obtain their Federal Acquisition Certification in Contracting Core-Plus Specialization in Digital Services (FAC-C-DS) before assignment. FAC-C-DS candidates must already be FAC-C Level II or III certified before completing a six-month comprehensive cohort-based Digital IT Acquisition Professional (DITAP) program. This specialized digital service acquisition training should significantly mitigate digital service risks that may otherwise arise at the project level. In addition, Management Concepts offers several courses that support IT project management. general project management, and program management. For more nuanced approaches to project management, we also offer certificate programs for Hybrid project management.

Action

What can project managers do to protect data?

  • Limit access to project data to only the people who need that data
  • Ensure that every user has an administrator-governed login and that every system entrance and exit is recorded
  • Create backup copies of all project documents and store them separately from the originals.
  • Establish a standard for the storage and retrieval of all documents (NIST refers to this as “Ethical Design” in the NBDIF and provides standards related to storing, accessing, editing, and retrieving the data)

Project management is difficult enough without having to worry about data security. The guidance provided by NIST provides project managers — and everyone who relies on data — with an excellent, thorough standard upon which we all should rely.

Related Resources

See All
Blog Article

Change Preparation for the New (Fiscal) Year

As the new fiscal year begins, it brings fresh challenges to tackle the changes happening within your agency or organization. With budgets being approved or adjusted, this is an ideal time to reset and reassess what can realistically be achieved. As a consultant, my role is to help deliver what’s possible. So, as you navigate your new budget, let’s explore some low or no-cost action items that can support your organization through this period of change.

Read More
Blog Article

Why Project and Program Management Skills Are Critical For All Federal Employees

The success of most government initiatives often hinges on effective project and program management (PPM).

Read More
Blog Article

Beyond Individual Learning Courses: Signs You Need a Full-Scale Solution

The federal workforce is seeing a period of major transformation.

Read More
Blog Article

Importance of Self-Awareness For A Federal Employee

Imagine yourself standing at a crossroads.

Read More
Blog Article

How Can Federal Managers Start Focusing On AI Tools And Training?

Artificial intelligence is no longer just a buzzword; it’s permeating workplaces and several other aspects of our lives at a rapid pace.

Read More
Blog Article

How To Prevent A Feedback System From Becoming A Liability

Feedback is a critical workplace communication element and a crucial part of a workplace’s self-editing mechanism.

Read More
Blog Article

A Federal Contracting Professional’s Overview of Appropriations

When managing government contracts, one cannot underestimate the importance of being well-versed in federal appropriations law.

Read More
Blog Article

Building A Hybrid Federal Workplace: Challenges and Strategies

When the world shut down, it whispered to us about change and reevaluating how we work.

Read More
Blog Article

A Federal Employee’s Guide to 360-Degree Assessment

When federal employees hear about 360-degree assessments, some might visualize a complex feedback mechanism that serves little more than bureaucratic formality.

Read More
Blog Article

How To Set The Right KSA Goals As a Federal Financial Professional

The world of federal financial management thrums with a unique energy.

Read More

Scroll to view more

chat popup