Blog Article

Cybersecurity and Federal Project Management

Written by: Chris Greco

Cybersecurity and Federal Project Management icon

In the world of cybersecurity, confidentiality, integrity, and availability form the mantra of every security specialist. These three factors ensure that the data in every information system are kept within the confines of the organization. They ensure that the retrievable data is the same data that was placed in the system and that it is accessible by every authorized individual.

Data is essential in project management and systems engineering to establish baselines, determine work schedules, and communicate with stakeholders and project teams. Most communication is done by email, which has its own unique set of vulnerabilities.

Vulnerabilities

The most substantial vulnerabilities of big data are volume, variety, and velocity. None stands out more than the other. The foundation of making data stronger begins with the ease with which someone can access, change, or use it. For instance, a project manager who stores project data in the cloud may give each project file and folder a unique name. Despite the effort to structure the data, there is a danger that any other project manager with access to the cloud could inadvertently change or delete these folders or files.

Standards

How can you secure your data? The National Institute of Standards and Technology (NIST) has an entire set of policies and procedures for big data detailed in the NIST Big Data Interoperability Framework (NBDIF): Volume 4, Security and Privacy. This guidance was provided by the Big Data Working Group (BDWG), a group of federal government and private industry experts the BDWG in 2013 to determine the very nature of big data; to examine how it would affect government and private industry, and to help shape policies, frameworks, and applications.

Mitigation

The importance of project management documentation is clear when reviewing the NBDIF directives for eliminating data vulnerabilities in public service environments. Mitigating vulnerabilities in the project data repository (i.e., charters, management documents, registers, and communication plans with email addresses and phone numbers) should be mandatory for every project. For example, if a project is medical and there are medical devices involved in the data scheme, security for those devices will be required to secure that part of the data function. And, because the vulnerabilities of big data can be numerous, it is vital that project managers become familiar with the NBDIF to understand and execute data protection measures effectively.

Training

In recent years, some of the most complex challenges cybersecurity professionals have faced involve the interoperability, data security, reliability, and performance management of cloud computing. As of FY 2022, contracting personnel assigned to digital services acquisitions over $7 million or $13 million for acquisitions described in FAR Part 13.500(c) are now required to obtain their Federal Acquisition Certification in Contracting Core-Plus Specialization in Digital Services (FAC-C-DS) before assignment. FAC-C-DS candidates must already be FAC-C Level II or III certified before completing a six-month comprehensive cohort-based Digital IT Acquisition Professional (DITAP) program. This specialized digital service acquisition training should significantly mitigate digital service risks that may otherwise arise at the project level. In addition, Management Concepts offers several courses that support IT project management. general project management, and program management. For more nuanced approaches to project management, we also offer certificate programs for Hybrid project management.

Action

What can project managers do to protect data?

  • Limit access to project data to only the people who need that data
  • Ensure that every user has an administrator-governed login and that every system entrance and exit is recorded
  • Create backup copies of all project documents and store them separately from the originals.
  • Establish a standard for the storage and retrieval of all documents (NIST refers to this as “Ethical Design” in the NBDIF and provides standards related to storing, accessing, editing, and retrieving the data)

Project management is difficult enough without having to worry about data security. The guidance provided by NIST provides project managers — and everyone who relies on data — with an excellent, thorough standard upon which we all should rely.

Related Resources

See All
Blog Article

Beyond Individual Learning Courses: Signs You Need a Full-Scale Solution

The federal workforce is seeing a period of major transformation. A wave of baby boomer retirements and ever-changing policies are making it tough for government agencies to keep their employees up-to-speed with the skills they need to do their jobs…

Read More
Blog Article

Importance of Self-Awareness For A Federal Employee

Imagine yourself standing at a crossroads. One path leads you toward satisfaction, fulfillment, and a genuine sense of contribution in your federal role. The other path meanders through frustration, burnout, and the nagging feeling of not quite making a dent in…

Read More
Blog Article

How Can Federal Managers Start Focusing On AI Tools And Training?

Artificial intelligence is no longer just a buzzword; it’s permeating workplaces and several other aspects of our lives at a rapid pace. It’s too soon to determine whether its impact on the transformation of workplaces and workforces would be as…

Read More
Blog Article

How To Prevent A Feedback System From Becoming A Liability

Feedback is a critical workplace communication element and a crucial part of a workplace’s self-editing mechanism. A healthy feedback system can be instrumental in improving a federal workplace in a number of ways. It can enhance employee engagement, lead to…

Read More
Blog Article

A Federal Contracting Professional’s Overview of Appropriations

When managing government contracts, one cannot underestimate the importance of being well-versed in federal appropriations law. This legally compliant framework is a strategic guide that ensures your contracting processes align perfectly with the government’s financial regulations and goals. Let’s discover…

Read More
Blog Article

Building A Hybrid Federal Workplace: Challenges and Strategies

When the world shut down, it whispered to us about change and reevaluating how we work. As we emerge, blinking, into a post-pandemic landscape, federal agencies are finding themselves at a vital intersection. The shift toward a hybrid federal workplace…

Read More
Blog Article

A Federal Employee’s Guide to 360-Degree Assessment

When federal employees hear about 360-degree assessments, some might visualize a complex feedback mechanism that serves little more than bureaucratic formality. However, the truth is remarkably different and far more beneficial. This comprehensive tool provides a rounded perspective on performance…

Read More
Blog Article

How To Set The Right KSA Goals As a Federal Financial Professional

The world of federal financial management thrums with a unique energy. It’s where intricate regulations dance with the pressing urgency of accountability. There’s a sense of duty, of being part of something bigger than any budget or audit. But sometimes,…

Read More
Blog Article

Using Data to Build Your Hypothesis

Have you ever attempted to solve a challenging issue without an obvious solution? Let’s say that you are facing a situation that has multiple potential solutions or one that is poorly understood, and you lack an action plan to help…

Read More
Blog Article

Efficient vs. Restrictive Use of Resources: Why Federal Project Managers Should Know Exactly Where to Draw the Line

Managing a federal project is like being a master chef in a high-stakes culinary competition. You’ve got a pantry stocked with ingredients—some perishable, some staple—but how you choose to use each can mean the variance between a mediocre meal and…

Read More

Scroll to view more