Hybrid cloud increases security

How government can securely leverage cloud environments

The choice for many agencies is not public or private clouds, but rather a blend of the two approaches – often referred to as a hybrid cloud – where Internet-based applications provide information into a system that sits inside agency firewalls.

E-filing of tax returns

New tools for combating income tax refund fraud

Agencies can combat income tax refund fraud with authentication tools that fit into existing evaluation processes.

woman wearing PIV badge

HSPD-12 at 10 years: Still a long way to go

The presidential directive that mandated the interoperable PIV card for government workers and contactors will be 10 years old this year, but although millions of cards have been issued, their actual usage remains dismally low.

Transport Layer Security

Agencies must update to newer versions of Transport Layer Security

New guidance from NIST for using TLS in government applications requires later versions of the protocol because of vulnerabilities in version 1.0.

man standing in front of several closed doors

What to look for in social malware defense

NSS Labs study found little difference in the performance of five popular enterprise products designed to protect against socially engineered malware, such as fake system upgrades and anti-virus offers.

Virtual city hall

In virtual town of Alphaville, students prep for cyber sieges

Alphaville is part of the Michigan Cyber Range, a network and classroom training environment designed to prepare IT managers on cybersecurity attacks and defenses.

random numbers

NIST drops crypto algorithm

Comments on trustworthiness of cryptographic keys developed with Dual_EC_DRBG causes the standards agency to recommend against its use.

Man programming websites

Most secure Web programming language? It depends.

Whether a website was built with new or legacy programming languages, the security risk is about the same, according to a new website security report.

Man hiding crossed fingers

Insider threats add pressure for real-time fixes to workforce risks

The Snowden and Wikileaks affairs, as well as potential threats from other insiders, has ratcheted up the urgency for a near-real-time analytic approach to government insider workforce risks.

New tools link enterprise, perimeter and next-gen security

Point solutions to protect the perimeter of the enterprise are not obsolete, but a new generation of tools is arriving to complement them and provide the awareness needed to defend against new complex and targeted threats.

Man with virtual monitors

Big data takes on the kill chain

Big data systems can correlate structured and unstructured data to paint a complete picture about an agency’s overall IT health and offer insight into the sophisticated threats.

ID management schematic

Cloud service simplifies certificate management, credentialing

Entrust IdentityGuard cloud-based console simplifies management of SSL, PKI, certificate discovery, device certificates and credentialing.

Topic Resources

  • Update on Assessment & Authorization (A&A) Processes for Cross Domain Solutions

    As introduced in our latest certification and accreditation (C&A) basics webcast (“Navigating Certification & Accreditation – A Primer) C&A terminology is transitioning to assessment and authorization (A&A). See the associated white paper “From C&A to A&A – The RMF Shoe Has Dropped.” Continuing the transition discussion, Raytheon Cyber Products and Steve Welke are pleased to present a webcast updating the latest information on A&A processes for cross domain, multilevel security solutions. Join Steve Welke, an A&A industry expert, as he discusses the A&A principles, requirements and processes.

  • Increase Data Security through Your Print Solution

    You’ve consolidated your desktops with virtualization and moved your data to the cloud. What else can you do to obtain additional costs savings and increase security while keeping your network flexible? Connect print and digital information from across your organization with the people who need it, exactly when they need it. Join this webcast to learn how security software and printing solutions work together to eliminate extraneous printers at multiple sensitivity levels, allowing organizations to recognize significant savings from reduced hardware, space, power, support and supplies.

  • IBM i2 National Security and Defense Intelligence Demo

    In this video IBM Product Manager James Vincent presents an overview and demo of IBM® i2® National Security and Defense Intelligence—a cost effective information exploitation solution that provides data acquisition, multi-faceted intelligence analysis and multi-agency and partner collaboration features.