Connected devices in the Internet of Things open vulnerabilities

If it's connected, it's vulnerable: Know the risks.

Government agencies should anticipate the security implications of the Internet of Things and identify how to leverage this revolution for the benefit of all.

Data breach epidemic shines spotlight on shared secrets

Data breach epidemic shines spotlight on shared secrets

Comprehensive adoption of public key cryptography in two-factor authentication has the potential to completely eliminate mass password breaches.

6 ways for software developers to build security into new applications

6 ways to build in security

The cost and technical challenge of adding security to complex systems after the fact are prohibitive. Here are some steps developers and managers can take to build security into new software applications.

a wolf follows a scent trail to his prey

Follow malware's tracks to thwart cyber attacks

Government agencies need visibility along the full attack continuum – from point of entry, through propagation and post-infection remediation.

secure government websites

Government fares poorly in Web site security audit

In an annual evaluation of website security by the Online Trust Association, the most heavily trafficked .gov and .mil Web sites generally got poor marks, except for their deployment of DNSSEC.

Cybersecurity of medical devices like pacemakers

CyberRX preps health care community for cyberattack

A cybersecurity exercise by HHS and the health care community produces better security.

RFID and NFC enabled government identification

The future of government ID cards

Employee IDs cards are incorporating some relatively mature technologies that increase the level of interaction and tracking potential.

Device authentication tool helps detect tax fraudsters

Experian's Tax Return Analysis Platform goes beyond identity verification to offer device-proofing, catching fraud before refunds are processed.

Security for the Internet of things by securing systems embedded in hardware

U.C. San Diego researchers build tool to help secure IoT

A group of computer scientists at the University of California, San Diego, have developed a tool that lets designers and system builders test embedded hardware security, a first in the field.

Cybersecurity key at Department of Heath and Human Services

HHS and health care sector expand cybersecurity info sharing

The Computer Security Incident Response Center, the centerpiece of HHS's cybersecurity program, helps provide situational awareness across the enterprise and strengthens functional relationships within the health care community that it oversees to help improve security.

A Science DMZ protects research data on a high-performance network

Science DMZ: faster, more secure high-performance computing

Built near the network perimeter, a Science DMZ is a portion of the network optimized for high-performance scientific applications rather than for general-purpose business systems.

Fitness monitor wrapped around servers

Homeland Security tops FISMA scorecard. How do they do it?

The Department of Homeland Security earns top scores in FISMA compliance, thanks in part to the continuous monitoring program built by the department's Office of Inspector General.

Topic Resources

  • Continuous Monitoring: Elevating Cybersecurity in State and Local Government

    State and local agencies are not required to comply with federal policies related to continuous monitoring and NIST's Cybersecurity Framework, but they would be better off if they did. Whether it is required or not, the concept of continuous monitoring has been proven to raise the level of cybersecurity when implemented appropriately and with the right tools. Join this webcast to learn more about how your agency could benefit from continuous monitoring and NIST guidance.

  • The Rising Threat of Enterprise Cybercrime

    Cybercriminals are leveraging vulnerabilities of the Internet, browsers, operating systems, and applications to secretly and proficiently gain access to information assets. Compromising employee endpoints with malware has become the preferred method; a far simpler path into the network than a direct network attack. Agencies need to recognize and address this growing danger.

  • Continuous Monitoring to Achieve Cybersecurity

    As the cyber threat landscape evolves, security methods and tools need to change, too. In this Digital Dialogue, Ken Durbin, manager of Continuous Monitoring Practice at Symantec, explains how the undefined boundaries of the modern IT infrastructure necessitate the deployment of continuous monitoring solutions.

  • Stopping Zero-Day Exploits for Dummies

    Cyber attacks are growing every day and can become serious threats to your organization, but how do you know and understand the threats out there? Download a copy of this book, and you will discover the zero-day exploits and threats used to compromise your agency.

  • The STAND: Cybersecurity

    Advanced persistent threats. Zero-day attacks. Insider threats. Cybersecurity experts say that if IT leaders are not concerned about the ongoing evolution of the cyber landscape, it just means they are not paying enough attention. The problem is that these and other emerging cyber tactics are designed to evade traditional cyber defenses and escape detection until it’s too late. The good news is it’s not a lost cause. In this special report, two subject matter experts discuss cybersecurity technologies and strategies that can help agencies defend their systems and data against the latest cyber threats, today and into the future.