The Government Accountability Office (GAO) reported in March 2025 that the U.S. government loses somewhere between $233 billion and $521 billion annually to fraud, based on data from fiscal years 2018 through 2022. On top of that, improper payments by the government have totaled an estimated $2.8 trillion since fiscal year 2003. The biggest difference between fraud and improper payment is intent – fraud is intentional deception, such as...

The Government Accountability Office (GAO) reported in March 2025 that the U.S. government loses somewhere between $233 billion and $521 billion annually to fraud, based on data from fiscal years 2018 through 2022. On top of that, improper payments by the government have totaled an estimated $2.8 trillion since fiscal year 2003. The biggest difference between fraud and improper payment is intent – fraud is intentional deception, such as...

Licensing and permitting are an integral part of housing development in countries around the world, touching every stage from application to occupancy. Yet many governments still rely on decades-old systems that can’t keep up with the speed and complexity of today’s housing demands. In the latest available World Bank analysis, Canada is ranked second-slowest in the OECD for obtaining construction permitting approvals. These bottlen...

Threats are constantly evolving in the cyber world. Trying to keep up with them is an endless task especially when the available cyber tools also can’t keep up. Establishing a system of continuous risk management helps alleviate that pressure.Federal agencies recognize the scope of the problem. The Pentagon, for example, has released its new Cybersecurity Risk Management Construct, replacing its Risk Management Framework, cutting seven p...

Federal agencies face enormous pressure to integrate AI into their operations. But they also face immense challenges to do so securely – both that the AI is accurate and trustworthy, and that it does not introduce new risks. Much of the current risk arises from legacy infrastructure and systems. Agencies’ data pipelines have undergone massive growth, including structured, unstructured and streaming data, yet legacy infrastructure i...

The original version of Moore’s law declared that the capacity of an integrated circuit – the backbone of IT – doubles every two years. For decision-makers in the era of artificial intelligence, this could be revised to observe that new versions of AI proliferate at an accelerated rate. Because AI is so new, yet already has so many offshoots, agencies are wrestling with which type of AI to implement – agentic or generat...

As IT and security deployments migrate to the cloud, security gaps in air-gapped systems can be created unless attention focuses on threats such as data transfer from external storage media – for example, USB devices. Paradoxically, many agencies continue to maintain critical systems and data on air-gapped servers or on systems running end-of-life operating systems. The U.S. Department of War maintains critical air-gapped systems even as...

As the federal government begins to implement plans to build AI data centers and generation plants to support its current and anticipated demands for AI capabilities, agencies continue to pursue infrastructure modernization to streamline delivery of services. These two large-scale efforts go hand-in-hand: improving infrastructure supports mission resilience, Zero Trust security, and energy optimization, while purpose-designed AI data centers c...

The impact of the federal government shutdown on agencies’ IT programs could last for a long time. In the short term, the lack of exposure management means IT systems have become vulnerable due to movement within teams, systems coming off and online, and falling behind on software updates and patches, for instance. Meanwhile, hostile parties are increasing their cyber attacks, raising the risk of major breaches. Other effects, such as mo...

Since 2018 there have been more than 4,300 ransomware attacks on businesses, educational institutions, healthcare facilities, and federal/state/local agencies. While the majority have targeted businesses, the three remaining groups all tie to governmental responsibilities, especially at the state and local levels. This means that ransomware attacks continue to pose an existential threat to state governments, disrupting essential services, comp...