PSIM

Force multiplier: PSIM leverages video surveillance networks in Baltimore

With thousands of cameras providing round-the-clock surveillance of Baltimore, the CitiWatch surveillance program turned to a video analysis platform from VidSys to help make sense of all of the data.

locks

One ID for many sites? How a federated credential exchange works.

SecureKey, selected by USPS for the FCCX pilot, already provides a similar bridge service for the Canadian government. FCCX is expected to work much the same way.

key

USPS set to put federal ID system to the test

The Postal Service will set up a pilot of the Federal Cloud Credential Exchange this fall and begin testing in January, using SecureKey briidge.net Exchange, which already provides similar services for the Canadian government.

cloud

What's in the future for FedRAMP?

The program could move to cover high security requirements or standardize service-level agreements for agencies and providers.

cloud

FedRAMP approval is fine, but it's just the beginning

The program's standardized security controls can cover basic services like email and backup storage, but after that it gets complicated.

supply chain

What you don't know about the IT supply chain can hurt you

NIST gives supply-chain security its own publication, offering guidelines for incorporating it into an agency's overall risk management program.

Aegis

A portable drive with rock-solid security

Apricorn's software-free Aegis Padlock Fortress keeps all data encrypted and protected from tampering.

Cyber tools sniffs malware on network traffic

New cyber tool learns network behavior to sniff out malware

Researchers from Georgia Tech demonstrate a prototype tool, ExecScent, that learns a network's normal traffic patterns to spot the command and control traffic from infected hosts. In live tests it identified dozens of new C&C domains and discovered hundreds of infected computers.

Email leaking out of briefcase

Secure email services went dark because email is 'broken'

Silent Circle's decision to shut down its encrypted email service is the latest in a number of responses to the NSA's surveillance of sensitive communications.

IPv6 router in the crosshairs

Easy-to-use attack exploits IPv6 traffic on IPv4 networks

Setting up a rogue IPv6 router on an IPv4 network gives attackers access to the host's Internet traffic, one more reason to enable IPv6 rather than waiting for an attacker to do it for you.

privguard

Privilege Guard watches those who watch over the network

The product extends privilege management to admins, giving them enough control to do their jobs but restricting them to authorized tasks.

cracked phone

Phun with Phones: 3 ways to phreak Android, iOS

The convergence of computing and mobile telephony has made smartphones the new frontier of cybersecurity, with a host of new vulnerability research presented at this year’s Black Hat Briefings.

Topic Resources

  • Continuous Monitoring: Elevating Cybersecurity in State and Local Government

    State and local agencies are not required to comply with federal policies related to continuous monitoring and NIST's Cybersecurity Framework, but they would be better off if they did. Whether it is required or not, the concept of continuous monitoring has been proven to raise the level of cybersecurity when implemented appropriately and with the right tools. Join this webcast to learn more about how your agency could benefit from continuous monitoring and NIST guidance.

  • The Rising Threat of Enterprise Cybercrime

    Cybercriminals are leveraging vulnerabilities of the Internet, browsers, operating systems, and applications to secretly and proficiently gain access to information assets. Compromising employee endpoints with malware has become the preferred method; a far simpler path into the network than a direct network attack. Agencies need to recognize and address this growing danger.

  • Continuous Monitoring to Achieve Cybersecurity

    As the cyber threat landscape evolves, security methods and tools need to change, too. In this Digital Dialogue, Ken Durbin, manager of Continuous Monitoring Practice at Symantec, explains how the undefined boundaries of the modern IT infrastructure necessitate the deployment of continuous monitoring solutions.

  • Stopping Zero-Day Exploits for Dummies

    Cyber attacks are growing every day and can become serious threats to your organization, but how do you know and understand the threats out there? Download a copy of this book, and you will discover the zero-day exploits and threats used to compromise your agency.