cloud

USPS' federal ID exchange will run on HP Enterprise Cloud

The FedRAMP-authorized platform was selected by SecureKey Technologies to provide cloud services for the authentication infrastructure.

security

Next steps in security automation

Building on the government's Security Content Automation Protocol, a working group is developing a set of international standards for automating the job of assessing and monitoring the security of IT systems.

Dashboard gauge indicating near compliance

Agencies still struggling with FISMA compliance

The latest GAO report on IT security shows "mixed progress" in implementing required security programs, citing inadequate reporting metrics and a focus on regulatory compliance as the culprits.

Hacker in a dark room

Hackers-for-hire group targeting government assets, report says

Hidden Lynx, a sophisticated group of professional hackers located in China, has carried out high-profile attacks on government, IT contractors and other industries at least since 2009, Symantec says.

stealth

Stealth can protect networks by making parts invisible

Unisys has high hopes for government uses of the software tool that controls who sees what on a network.

DNS

NIST updates guidelines for securing the DNS

NIST updated its guidance for deploying a secure Domain Name System in government enterprises to ensure the availability and integrity of critical DNS data.

LynxWorks rootkit detection

LynuxWorks rootkit detector adds hardware punch to security scanning

LynuxWorks' system, called RDS5201, is an appliance capable of detecting low-level, zero-day rootkits in real time.

ID

5 pilots to take trusted online ID plan to the next stage

The NSTIC programs, which received more than $7 million in grants, range from military, civilian and commercial authentication initiatives to one aimed at protecting children’s privacy online.

eyes

Biometric ID coming to a government office near you

This week's Biometric Consortium Conference showcases a wide range of hardware and software solutions for personal identification/authentication applications in government.

back door

Suspect NIST crypto standard long thought to have a back door

The agency is advising against using an elliptic curve algorithm adopted in 2006 that has concerned cryptographers from the beginning.

FDAS

Forensics tool makes sure investigators don't come up empty

CyanLine's Fast Disk Acquisition System gives forensics teams a real-time preview of what's on a drive, including whether it's set to prevent copying.

scam

Officials warn of spoofed health exchange websites

The look-alike Web pages may be created by interest groups, private insurance companies and, sometimes, scammers looking to gather personal information.

Topic Resources

  • Update on Assessment & Authorization (A&A) Processes for Cross Domain Solutions

    As introduced in our latest certification and accreditation (C&A) basics webcast (“Navigating Certification & Accreditation – A Primer) C&A terminology is transitioning to assessment and authorization (A&A). See the associated white paper “From C&A to A&A – The RMF Shoe Has Dropped.” Continuing the transition discussion, Raytheon Cyber Products and Steve Welke are pleased to present a webcast updating the latest information on A&A processes for cross domain, multilevel security solutions. Join Steve Welke, an A&A industry expert, as he discusses the A&A principles, requirements and processes.

  • Increase Data Security through Your Print Solution

    You’ve consolidated your desktops with virtualization and moved your data to the cloud. What else can you do to obtain additional costs savings and increase security while keeping your network flexible? Connect print and digital information from across your organization with the people who need it, exactly when they need it. Join this webcast to learn how security software and printing solutions work together to eliminate extraneous printers at multiple sensitivity levels, allowing organizations to recognize significant savings from reduced hardware, space, power, support and supplies.

  • IBM i2 National Security and Defense Intelligence Demo

    In this video IBM Product Manager James Vincent presents an overview and demo of IBM® i2® National Security and Defense Intelligence—a cost effective information exploitation solution that provides data acquisition, multi-faceted intelligence analysis and multi-agency and partner collaboration features.

  • Continuous Monitoring: Elevating Cybersecurity in State and Local Government

    State and local agencies are not required to comply with federal policies related to continuous monitoring and NIST's Cybersecurity Framework, but they would be better off if they did. Whether it is required or not, the concept of continuous monitoring has been proven to raise the level of cybersecurity when implemented appropriately and with the right tools. Join this webcast to learn more about how your agency could benefit from continuous monitoring and NIST guidance.