Service member with an iPad

DOD building its own secure 4G wireless network

The Pentagon expects to have its own network up and running by next year, as part of its new push for better cybersecurity.

Business people joining hands

Can agencies team up in responding to cyber attacks?

NIST is looking for ideas and best practices for a new publication that would be a "substantial expansion" of guidance on how incident response teams cooperate.

A mobile phone that someone lost on the beach

Mobile security guide: Assume a device will fall into malicious hands

NIST has updated its guidance for securely managing mobile devices, addressing advances in the technology and the move toward BYOD since its original publication in 2008.

Keys in the cloud with encryption background

The rising danger to data is making KMIP important

The evolving key management standard is gaining traction in the cloud as a way to ensure security across varied infrastructures.

pie chart of who manages encryption keys for encrypted data in the cloud

Encrypting data in the cloud: Whose job is it?

More than two thirds of organizations with sensitive information in the cloud protect it with some kind of encryption before it leaves their hands. Who handles that encryption?

SEM Optical Media Destroyer

Destroyer shreds optical media to NSA's satisfaction

SEM's Optical Media Destroyer can slice and dice up to 2,400 CDs or DVDs an hour, turning them into shards that exceed NSA/CSS standards.

Cybersecurity at DHS

DHS needs to step up its game in federal cybersecurity

FISMA oversight by the department remains a work in process, and CyberScope has provided only limited help, according to an inspector general's report.

NIST glossary of security terms displayed on a tablet

A comprehensive list of security terms you should know

NIST has updated more than 200 pages of security words from federal documents to provide a central resource for definitions of cybersecurity terms.

Man waves magic wand at laptop

Security automation is great, but don't let that fool you

Automating IT security can be a help in protecting assets and systems, but there are some caveats to keep in mind.

Woman examining network traffic

NIST, DHS push security automation to the next stage

SCAP sets standards to ensure products work together, while Einstein is evolving into an automated tool that will not only detect, but block, malicious code.

Shuttle Computer HR70 biometric scanner

All-in-one biometric tool combines facial, card and fingerprint scanning

Shuttle Computer's HR70 biometric scanner can enforce access control through facial recognition, with optional ID card and fingerprint scanners.

NIST diagram of secure cloud architecture

NIST draws up a security architecture for cloud computing

The agency has released a draft of a cloud security architecture intended to provide the security needed to speed government adoption of cloud computing.

Topic Resources

  • Continuous Monitoring: Elevating Cybersecurity in State and Local Government

    State and local agencies are not required to comply with federal policies related to continuous monitoring and NIST's Cybersecurity Framework, but they would be better off if they did. Whether it is required or not, the concept of continuous monitoring has been proven to raise the level of cybersecurity when implemented appropriately and with the right tools. Join this webcast to learn more about how your agency could benefit from continuous monitoring and NIST guidance.

  • The Rising Threat of Enterprise Cybercrime

    Cybercriminals are leveraging vulnerabilities of the Internet, browsers, operating systems, and applications to secretly and proficiently gain access to information assets. Compromising employee endpoints with malware has become the preferred method; a far simpler path into the network than a direct network attack. Agencies need to recognize and address this growing danger.

  • Continuous Monitoring to Achieve Cybersecurity

    As the cyber threat landscape evolves, security methods and tools need to change, too. In this Digital Dialogue, Ken Durbin, manager of Continuous Monitoring Practice at Symantec, explains how the undefined boundaries of the modern IT infrastructure necessitate the deployment of continuous monitoring solutions.

  • Stopping Zero-Day Exploits for Dummies

    Cyber attacks are growing every day and can become serious threats to your organization, but how do you know and understand the threats out there? Download a copy of this book, and you will discover the zero-day exploits and threats used to compromise your agency.