Access controls

Access controls fall short in most agencies

According to the GAO, inadequate access control is a common weakness across 24 major agencies.

Persistence tech offers layered approach to security

Persistence tech offers layered approach to security

While data and device encryption is the first line of defense, it is not impervious to attack, so diligent IT departments should take a layered and persistent approach to security.

Hand below security icons

3 elements for success for the FISMA High cloud

When government agencies combine solutions from cloud providers with third-party products, they can set up monitoring and access controls to provide the same data integrity they would expect from their own systems.

Firemen running

DC tests ID management for first responders

The challenges of controlling physical access in emergencies may be solved by a nationwide network of standard first responder credentials.

Technology transfer

DHS helps new tech survive research lab growing pains

Homeland Security Department’s Transition to Practice program helps software out of the lab and into agencies.

7 steps to protect against privilege-elevating hacks

7 steps to protect against privilege-elevating hacks

Agencies are cracking down on administrative access to mitigate the damage an insider can cause, but hackers are adjusting their tactics as well and aiming them squarely at the federal government.

DHS gets dashboard to drive continuous monitoring

DHS seeks dashboard to drive continuous monitoring

The Archer monitoring and compliance platform from RSA is a finalist to provide a dashboard for Continuous Diagnostics and Mitigation that will give enterprise visibility into the security of federal IT systems.

SAIC debuts tiered cybersecurity solution

SAIC debuts tiered cybersecurity solution

The company's data CyberSecurity Edge ensures customers' systems and information are protected from cyber risks across multiple platforms.

Drupal-based defense-in-depth strategy protects data

Drupal-based defense-in-depth strategy protects data

With open-source Drupal as the foundation of a defense-in-depth strategy, agency IT managers can analyze and identify potential threat vectors, including internal and external threats.

Researchers work to harden cyber infrastructure from WMD

Researchers work to harden cyber infrastructure from WMD

The University of New Mexico will conduct field tests of recovery solutions for cyber-infrastructure backbone attacks from weapons of mass destruction and other real-world threats.

Agencies struggle to document responses to cybersecurity incidents

How good is your agency's incident response?

A GAO study finds that as the number of cybersecurity incidents in government information systems is increasing, agencies are having a tough time fully documenting their responses to these incidents.

7 tactics for a smooth cloud migration

7 tactics for a smooth cloud migration

Before making the jump to the cloud, IT managers need to lay the groundwork, ensuring the right technology and security protocols are in place as well as a complete understanding of the regulatory issues affecting the project.

Topic Resources

  • Update on Assessment & Authorization (A&A) Processes for Cross Domain Solutions

    As introduced in our latest certification and accreditation (C&A) basics webcast (“Navigating Certification & Accreditation – A Primer) C&A terminology is transitioning to assessment and authorization (A&A). See the associated white paper “From C&A to A&A – The RMF Shoe Has Dropped.” Continuing the transition discussion, Raytheon Cyber Products and Steve Welke are pleased to present a webcast updating the latest information on A&A processes for cross domain, multilevel security solutions. Join Steve Welke, an A&A industry expert, as he discusses the A&A principles, requirements and processes.

  • Increase Data Security through Your Print Solution

    You’ve consolidated your desktops with virtualization and moved your data to the cloud. What else can you do to obtain additional costs savings and increase security while keeping your network flexible? Connect print and digital information from across your organization with the people who need it, exactly when they need it. Join this webcast to learn how security software and printing solutions work together to eliminate extraneous printers at multiple sensitivity levels, allowing organizations to recognize significant savings from reduced hardware, space, power, support and supplies.

  • IBM i2 National Security and Defense Intelligence Demo

    In this video IBM Product Manager James Vincent presents an overview and demo of IBM® i2® National Security and Defense Intelligence—a cost effective information exploitation solution that provides data acquisition, multi-faceted intelligence analysis and multi-agency and partner collaboration features.

  • Continuous Monitoring: Elevating Cybersecurity in State and Local Government

    State and local agencies are not required to comply with federal policies related to continuous monitoring and NIST's Cybersecurity Framework, but they would be better off if they did. Whether it is required or not, the concept of continuous monitoring has been proven to raise the level of cybersecurity when implemented appropriately and with the right tools. Join this webcast to learn more about how your agency could benefit from continuous monitoring and NIST guidance.

  • All About Self-Encrypting Drives

    With data security risks on the rise, an influx of government mandates and regulations for securing data have been implemented and are becoming the norm. Eliminating exposure of private data is now simply viewed as a mandatory and sound business practice. To avoid the high costs associated with these types of data compromises, organizations must put in place a comprehensive security strategy. Read this whitepaper to learn how self-encryption is achieving this initiative.