Public Sector Consulting Firms

On 13 Nov, the Cybersecurity and Infrastructure Security Agency & the Federal Bureau of Investigation (FBI) released a statement (https://lnkd.in/ezrFy_4j) on the US government's investigation into PRC targeting of telco infrastructure: “PRC-affiliated actors have compromised networks at multiple telecommunications companies to enable the theft of customer call records data, the compromise of private communications of a limited number of individuals who are primarily involved in government or political activity, and the copying of certain information that was subject to U.S. law enforcement requests pursuant to court orders. We expect our understanding of these compromises to grow as the investigation continues." With the investigation ongoing, folks should take basic steps now to protect their personal communications. With gratitude to CISA's Senior Technical Advisor Bob Lord (https://lnkd.in/e-WxWiFF) consider the below steps: - Enable FIDO authentication or FIDO https://lnkd.in/ezzyha7t for email & social media accounts - Migrate off SMS MFA for all other logins. Migrate to FIDO/passkeys if you can, otherwise to an authenticator app - Use a password manager for all passwords. Use a strong pass phrase (https://lnkd.in/ebPpTAU5) for the vault password. - Set a telco PIN to reduce chances of a SIM-swap attack - Update the OS and all apps and turn on auto update Additional tips: 1. Encrypt all text and voice communications (some options): - Signal works well on iPhones & Android phones. - iMessage is great if all your contacts are within the Apple ecosystem, though that’s limiting - Collaboration suites like Google Workspace or Teams can work but don’t always encrypt as you might assume. For example, Teams encrypts data point-to-point, meaning it’s decrypted on Microsoft’s servers before re-encrypting it to the recipient. If you want end-to-end encryption, there’s an option, but it’s off by default and only supports two people on the call. - WhatsApp might be ok for some people based on their threat model but understand metadata it keeps (https://lnkd.in/eQkP-Ety) & how it's used (https://lnkd.in/eiZmxgi4). 2. If you use an iPhone disable these carrier-provided services that increase the attack surface: - Disable: Settings > Apps > Messages > Send as Text Message - Disable: Settings > Apps > Messages > RCS Messaging > RCS Messaging 3. Protect DNS lookups (some options): - Apple iCloud Private Relay - Cloudflare’s 1.1.1.1 resolver - Quad9’s 9.9.9.9 resolver 4. Use recent hardware: Apple (13 or newer) or Google (Pixel 6 or newer) 5. Depending on your threat model, consider enabling Lockdown Mode on iPhones: It will disable some features, but it’s manageable

Building Strong Government Relations: My Key Learnings In my journey, a question that frequently comes up is: how do you build good relations with the government? This question is vital, especially when you're aiming to solve problems on a large scale. Drawing from my experiences with government officials, leaders, and ministries, I’m eager to share my insights. Here are my top ten tips for building strong, impactful relationships with the government: Be Humble - Approach every meeting with humility, no matter the situation. Humility opens doors and fosters trust. Listen First - In the initial meetings, listen more than you speak. Understanding their perspectives can provide invaluable insights. Understand Their System - Before sharing your views, take the time to grasp their thought processes and belief systems. This respect for their framework is crucial. Involve Them Early - Engage officials in your planning and execution stages. Collaboration from the start avoids the pitfalls of trying to sell a completed plan. Give Credit - Always acknowledge the government’s contributions first. Their support is often crucial, and recognition strengthens partnerships. Show Appreciation - Celebrate the efforts of individuals and organizations. Genuine appreciation motivates continued excellence. Prefer In-Person Meetings - In the early days, prioritize face-to-face meetings. These interactions are more effective for establishing trust and rapport. Document Everything - Provide written documentation for your requests or proposals. A hard copy often has a greater impact than a digital one. Be Consistent - Building relationships takes time. Be patient and maintain regular contact. Over time, your efforts will yield positive results. Consider Their Incentives - Always think about what’s in it for them. Understand their motivations and how your plans align with their goals for recognition, promotion, or progress. Building strong government relationships has been a cornerstone of my work and has enabled me to drive significant impact. I hope these insights help you navigate and strengthen your own government interactions. Let’s continue to work together to create lasting change. #Socialimpact #Socialentrepreneurship #1Millionby2025 #GovernmentRelations #Nonprofits

There’s a common misperception that public sector procurement can’t move like the private sector. The University of California Procurement is proving otherwise. UC Systemwide Procurement is reshaping its model around strategic category management, disciplined sourcing, operational efficiency, economic impact, and revenue generation. In FY2025, these efforts delivered more than $400 million in value to the University. The catalyst has been a holistic approach to organizational change—aligning people, process, and technology to shift both mindsets and execution. The result: best-in-class procurement practices grounded in data, strong supplier partnerships, modern systems, and measuring progress against strategic priorities. Public institutions operate under tighter transparency and policy constraints, but the fundamentals of procurement remain constant. When applied with discipline and clarity of purpose, they drive measurable outcomes. I’ve seen this from both sides. Public sector organizations steward large budgets and public trust. When public procurement performs at a high level, it doesn’t just reduce costs, it strengthens institutions and generates meaningful economic impact for the communities they serve.

September to December is a *hot* period for nonprofit fundraising. Many foundations and donors are back to their desks after the summer and looking to make their closing funding rounds before the end of the year. If I were an advisor in your nonprofit organization, this is what I would suggest prioritizing in your fundraising plan from this month through the end of the year: 🫂 Curate Relationships Curating relationships with existing donors or key stakeholders is one of the most overlooked practices in fundraising. Only chasing new donors or funding opportunities goes at the expense of trust-nourishing and enthusiasm of those donors and stakeholders who are already "warmed up" about your work and mission. Don't make this mistake, and create space to strengthen the bonds with those who are already there. Think about personalized engagement and regular touchpoints to make them feel part of your mission and deepen their commitment to your cause. ⭐ Impact Storytelling Creating visibility around all the things your organization and your team have achieved throughout the year is a powerful avenue to leverage your commitment and attract the attention of donors and stakeholders ready to fund. Don’t be generic or conservative when it comes to showing the outputs, activities, results, community feedback, and transformations your work generated. Donors want to feel like they can make a tangible contribution to the end goal of your impact mission. Showing this to them in a compelling, story-based approach will help them understand what and why they are funding. 💰 Do Your Budget Know your number and make your financial plan clear. Prepare a budget that outlines your organization’s funding needs for the next 2 to 5 years. Identify the core areas that require sustained resources and ensure your strategy is aligned with long-term objectives. Create a strong narrative around why these areas need funding, how they will serve your impact goals, and why mobilizing resources into these areas will be foundational in securing sustainability and scalability to your work. 💥 Optimize Your Strategy You must have learned a lot in the past 9 months and got a lot of feedback, observations and lessons learned around your work. This is the perfect time to integrate the learnings into your overarching organizational strategic plan and fundraising strategy and adjust it according to the things you have now gained more clarity on, such as your new targets and goals. -------- Hey! I am Margherita, senior nonprofit consultant and advisor. I am open to working with nonprofit organizations in social justice and accelerating their development goals through fundraising, financial planning, organizational development, and operations. My fee model is equity-informed and open to accommodating all budgets. Contact me to learn more!

Josiah Dykstra and I have a new draft at Arxiv, Handling Pandemic-Scale Cyber Threats: Lessons from COVID-19 The devastating health, societal, and economic impacts of the COVID-19 pandemic illuminate potential dangers of unpreparedness for catastrophic pandemic-scale cyber events. While the nature of these threats differs, the responses to COVID-19 illustrate valuable lessons that can guide preparation and response to cyber events. Drawing on the critical role of collaboration and pre-defined roles in pandemic response, we emphasize the need for developing similar doctrine and skill sets for cyber threats. We provide a framework for action by presenting the characteristics of a pandemic-scale cyber event and differentiating it from smaller-scale incidents the world has previously experienced. The framework is focused on the United States. We analyze six critical lessons from COVID-19, outlining key considerations for successful preparedness, acknowledging the limitations of the pandemic metaphor, and offering actionable steps for developing a robust cyber defense playbook. By learning from COVID-19, government agencies, private sector, cybersecurity professionals, academic researchers, and policy makers can build proactive strategies that safeguard critical infrastructure, minimize economic damage, and ensure societal resilience in the face of future cyber events.

🚨New Advisory on RansomHub Ransomware🚨 The FBI, #CISA, MS-ISAC, and HHS have released a new joint advisory about the RansomHub ransomware, formerly known as Cyclops and Knight. This ransomware-as-a-service (RaaS) variant has become increasingly sophisticated, targeting critical infrastructure sectors like water and wastewater, IT, government, healthcare, and more. 🚑🏦🚛 Key Points to Know: 🔹Double Extortion Tactics: RansomHub encrypts data and exfiltrates it, demanding ransom for decryption and preventing data leaks. Victims are given a limited timeframe to comply before their data is published on the RansomHub Tor site. 🔹Growing Threat: Since February 2024, RansomHub has impacted over 200 victims, drawing affiliates from other major ransomware variants like LockBit and ALPHV. The RaaS model allows different threat actors to leverage this ransomware, increasing its reach and sophistication. 🔹Advanced Techniques and Tools: Affiliates gain initial access by utilizing a range of techniques, such as phishing, exploiting known vulnerabilities (like CVE-2023-3519), and password spraying. They also employ tools like Mimikatz for credential dumping and Cobalt Strike for lateral movement. Mitigation Steps: 1️⃣To protect against RansomHub, network defenders should: Install Security Updates: Keep all systems patched against known vulnerabilities. 2️⃣Implement Phishing-Resistant MFA: Use strong, non-SMS-based multi-factor authentication wherever possible. 3️⃣Conduct Regular Training: Ensure users are trained to recognize and report phishing attempts. 📧 4️⃣Network Segmentation and Monitoring: 🔥Segregate networks💥 to limit lateral movement and use network monitoring tools to detect abnormal activities. Stay Ahead of the Threat: This advisory aligns with NIST and CISA #ZeroTrust guidance (NIST 800-207, CISA Zero Trust Maturity Model) to help organizations enhance their cybersecurity posture against such evolving threats. By applying these guidelines, organizations can better prepare for and respond to ransomware attacks, protecting critical infrastructure and sensitive data. (Full disclosure: I was a co-author of both USG documents) 🛡️Read the complete advisory here: https://lnkd.in/er8pzSUx #cybersecurity #ransomware #technology

The NSA, together with CISA, FBI, and international partners, issued a major joint cybersecurity advisory exposing how Chinese state-sponsored actors have been compromising critical networks worldwide to fuel a global espionage system. The advisory highlights persistent campaigns targeting telecoms, transport, lodging, defense, and government networks using leveraging vulnerabilities on large backbone routers of major telecommunication providers, as well as provider edge (PE) and customer edge (CE) infrastructure. These operations are attributed to multiple advanced threat clusters, including Salt Typhoon, OPERATOR PANDA, RedMike, UNC5807, and others. The report highlights the TTPs, IOCs, and list of CVEs commonly exploited by this APT group. The recommendations are clear: strengthen threat hunting at the edge, enforce centralized logging and network visibility, and close off known vulnerabilities before they are exploited. 𝗖𝗮𝗹𝗹 𝘁𝗼 𝗮𝗰𝘁𝗶𝗼𝗻 If you're responsible for network security in a critical infrastructure organization, prioritize reviewing the detailed technical guidance provided in this advisory. Implement the recommended mitigations, conduct thorough audits of your network edge devices, and ensure your security teams are equipped to detect the specific TTPs outlined in the report. #Cybersecurity #APT https://skd.so/UXMrof

Most specialist firms chase direct government contracts. We chose a different path. At Mayfair IT we work primarily through strategic partnerships with major systems integrators delivering government programmes. This isn't the obvious business model. Direct government relationships feel more prestigious. Why be the subcontractor when you could be the prime? Because complex transformation requires both scale and specialism. And trying to be both rarely works. Strategic suppliers bring programme governance, stakeholder management across departments, and infrastructure at national scale. But they can't be deep specialists in every technical domain. That's where we fit. When a prime needed to build the data backbone for a critical government programme in just three months, we delivered. When a major corporate secured a multi-year departmental transformation, we led the data and digital layer that enabled the programme to succeed. This model works because: → We mobilise specialist squads rapidly without the overhead of prime contractor bureaucracy → We integrate into existing programme structures rather than creating parallel governance → We transfer knowledge systematically so capability stays with the client after delivery Our successful deliveries shows this pattern repeatedly. A major corporate won the programme. We delivered the complex data workstream that made the whole thing succeed. The programmes that work best are the ones that combine corporate scale with specialist depth. What's your experience with prime sub models on large programmes? #GovTech #Partnership #DataTransformation

Yesterday, the National Security Agency Artificial Intelligence Security Center published the joint Cybersecurity Information Sheet Deploying AI Systems Securely in collaboration with the Cybersecurity and Infrastructure Security Agency, the Federal Bureau of Investigation (FBI), the Australian Signals Directorate’s Australian Cyber Security Centre, the Canadian Centre for Cyber Security, the New Zealand National Cyber Security Centre, and the United Kingdom’s National Cyber Security Centre. Deploying AI securely demands a strategy that tackles AI-specific and traditional IT vulnerabilities, especially in high-risk environments like on-premises or private clouds. Authored by international security experts, the guidelines stress the need for ongoing updates and tailored mitigation strategies to meet unique organizational needs. 🔒 Secure Deployment Environment: * Establish robust IT infrastructure. * Align governance with organizational standards. * Use threat models to enhance security. 🏗️ Robust Architecture: * Protect AI-IT interfaces. * Guard against data poisoning. * Implement Zero Trust architectures. 🔧 Hardened Configurations: * Apply sandboxing and secure settings. * Regularly update hardware and software. 🛡️ Network Protection: * Anticipate breaches; focus on detection and quick response. * Use advanced cybersecurity solutions. 🔍 AI System Protection: * Regularly validate and test AI models. * Encrypt and control access to AI data. 👮 Operation and Maintenance: * Enforce strict access controls. * Continuously educate users and monitor systems. 🔄 Updates and Testing: * Conduct security audits and penetration tests. * Regularly update systems to address new threats. 🚨 Emergency Preparedness: * Develop disaster recovery plans and immutable backups. 🔐 API Security: * Secure exposed APIs with strong authentication and encryption. This framework helps reduce risks and protect sensitive data, ensuring the success and security of AI systems in a dynamic digital ecosystem. #cybersecurity #CISO #leadership

While political silence continues on AI regulation in Australia, government agencies aren’t sitting still. Released today, the Australian Signals Directorate (ASD), with its Five Eyes partners, has issued new guidance on AI data security — and it’s a practical, risk-based playbook for organisations deploying or procuring AI systems that use sensitive or private data. It also strongly reinforces a message I’ve been sharing for some time: AI doesn’t just reflect your existing governance. It amplifies it. If your cyber, data or tech foundations are weak, AI won’t patch the gaps — it will blow them wide open. --- Key takeaways from the guidance: On cyber security: 🔐 AI systems should be treated as part of your attack surface, not a separate stream 🛠️ Align AI implementations with the Essential Eight, especially patching, access controls and application hardening ⚠️ Be cautious with off-the-shelf AI tools — risks include insecure APIs, unverified models, and hidden data exfiltration On data governance: 🧾 Emphasises data provenance — track where data comes from, how it’s labelled, and how it’s used 🔄 Calls for strong lifecycle management across training data, outputs, and logs 🧠 Privacy-by-design isn’t just a legal safeguard — it’s essential for security and accountability --- This is one of the strongest signals yet from government that AI governance must be built on existing cyber and data risk frameworks — not bolted on afterwards. And it echoes what I see daily in practice: Good AI governance isn’t a standalone discipline. It’s the convergence of cyber security, data, and technology governance. Ignore one, and AI will make sure you feel it. Read the full guidance here: https://lnkd.in/g9bC9QE5 #AIgovernance #CyberSecurity #DataGovernance #TechRisk #ASD #ArtificialIntelligence #AIlaw #EssentialEight