Biometric Associates smart card reader

Mobile authentication for CAC, PIV cards could get easier

A new app works with the cards on iOS and Android platforms, as will future versions of BlackBerry 10.

AWS gets approval to offer cloud services from FedRAMP

Amazon gets FedRAMP OK for cloud services

AWS gets approval to offer cloud services under the Federal Risk and Authorization Management Program, which agencies use to assess the risks of cloud services.

Control room in a power plant

Public feedback IDs challenges in securing critical infrastructure

Comments on a NIST request about developing a cybersecurity framework for protecting critical energy, utilities and information systems show where work needs to be done.

Cybersecurity experts check for intrusions

In current threat landscape, cyber teams need to go looking for trouble

Cybersecurity must become a full partner with IT and get more aggressive in searching out threats in order to effectively fulfill its mission of supporting agency missions.

Close up of a hard disk

Fighting malware with hardware can produce better security

Rather than trying to keep up with and get ahead of malicious software, hardware security can help ensure that devices are safe and remain uninfected, says Imation's Larry Hamid.

washington navy yard

Security plays a key role in Navy's energy grid upgrade

The service's industrial controls get smarter during its quest for "net zero" buildings, which brings cybersecurity into play.

Man and woman looking suspiciously at each other

The trick to detecting Poison Ivy RAT and other stealthy malware

Although malware can evade signatures and other filters, its code leaves telltale tracks that can be discovered through traffic analysis, analysts show in FOSE demonstration.

Man working on computer code at night

Need to build secure software? Free help is online.

SAFECode, an industry group promoting reliability in commercial software, is releasing a free online training course on the basics secure software development.

Man shouting into megaphone at university

Universities get schooled on DNS amplification attacks

The open access policies at educational institutions can leave them open to being exploited as bots in large-scale distributed denial of service attacks. There are steps they can take to mitigate the problem.

DHS Einstein intrusion detection system

DHS coming up short on Einstein deployment

Deployment of the governmentwide intrusion detection system was scheduled to be completed last year, but there still are a "bunch of agencies not covered."

Attendees at the FOSE keynote

What's hot at FOSE 2013

The annual conference and expo kicks off Tuesday, tackling the key challenges facing the public-sector IT community.

Honeywords or decoy passwords can trick hackers

'Honeywords' can dupe password thieves

Decoys assigned to user accounts could tip off admins to attacks born of stolen passwords, Ari Juels and Ron Rivest say.

Topic Resources

  • Advanced Threats and Big Data: The New Cybersecurity Landscape

    So often in our organizations, information silos keep us from sharing data and communicating the right information at the right time to stop advanced threats. Hear why a big data solution is an important part of a defense against advanced threats and ideas about what data sources are required across the organization for this analysis to combat these attacks.

  • The STAND: Cybersecurity

    Advanced persistent threats. Zero-day attacks. Insider threats. Cybersecurity experts say that if IT leaders are not concerned about the ongoing evolution of the cyber landscape, it just means they are not paying enough attention. The problem is that these and other emerging cyber tactics are designed to evade traditional cyber defenses and escape detection until it’s too late. The good news is it’s not a lost cause. In this special report, two subject matter experts discuss cybersecurity technologies and strategies that can help agencies defend their systems and data against the latest cyber threats, today and into the future.

  • Establishing a Logical Perimeter: The Evolution of Network Security

    This whitepaper highlights the challenges you face when users are off network, and strategies to address the compliance and protection issues posed by remote network users.

  • Zero Trust Approach to Network Security

    The continued, high frequency of successful cyberattacks against today’s enterprises has made it abundantly clear that traditional, perimeter-centric security strategies are no longer effective. Read this whitepaper to learn about the effectiveness of a Zero Trust security model in addressing the shortcomings of failing perimeter-centric strategies.