Exploded dye pack in stolen bank money

Attacking the attackers: Can active cyber defense stay within the rules?

The growth in cyberattacks and the theft of intellectual property has prompted calls for more aggressive cyber defense. The Pentagon and an independent commission are taking up the cause.

Citrix Receiver with BAI CAC reader

Citrix Receiver now supports Android smart-card authentication

The software supports CAC and PIV card authentication, and meets NSA and DISA requirements for secure Bluetooth communication.

Line of office workers with individual clouds

New risk on the block: Bring your own cloud

What agencies can do to manage the risks of using consumer cloud accounts such as iCloud, Evernote and Dropbox to store and access business data.

Benefits applicant answering questions on a laptop

Software quizzes applicants before doling out benefits

Florida's Department of Children and Families is using LexisNexis Risk Solutions, which creates a profile based on customer-supplied information, to authenticate people applying for public assistance.

Biometric Associates smart card reader

Mobile authentication for CAC, PIV cards could get easier

A new app works with the cards on iOS and Android platforms, as will future versions of BlackBerry 10.

AWS gets approval to offer cloud services from FedRAMP

Amazon gets FedRAMP OK for cloud services

AWS gets approval to offer cloud services under the Federal Risk and Authorization Management Program, which agencies use to assess the risks of cloud services.

Control room in a power plant

Public feedback IDs challenges in securing critical infrastructure

Comments on a NIST request about developing a cybersecurity framework for protecting critical energy, utilities and information systems show where work needs to be done.

Cybersecurity experts check for intrusions

In current threat landscape, cyber teams need to go looking for trouble

Cybersecurity must become a full partner with IT and get more aggressive in searching out threats in order to effectively fulfill its mission of supporting agency missions.

Close up of a hard disk

Fighting malware with hardware can produce better security

Rather than trying to keep up with and get ahead of malicious software, hardware security can help ensure that devices are safe and remain uninfected, says Imation's Larry Hamid.

washington navy yard

Security plays a key role in Navy's energy grid upgrade

The service's industrial controls get smarter during its quest for "net zero" buildings, which brings cybersecurity into play.

Man and woman looking suspiciously at each other

The trick to detecting Poison Ivy RAT and other stealthy malware

Although malware can evade signatures and other filters, its code leaves telltale tracks that can be discovered through traffic analysis, analysts show in FOSE demonstration.

Man working on computer code at night

Need to build secure software? Free help is online.

SAFECode, an industry group promoting reliability in commercial software, is releasing a free online training course on the basics secure software development.

Topic Resources

  • Continuous Monitoring: Elevating Cybersecurity in State and Local Government

    State and local agencies are not required to comply with federal policies related to continuous monitoring and NIST's Cybersecurity Framework, but they would be better off if they did. Whether it is required or not, the concept of continuous monitoring has been proven to raise the level of cybersecurity when implemented appropriately and with the right tools. Join this webcast to learn more about how your agency could benefit from continuous monitoring and NIST guidance.

  • The Rising Threat of Enterprise Cybercrime

    Cybercriminals are leveraging vulnerabilities of the Internet, browsers, operating systems, and applications to secretly and proficiently gain access to information assets. Compromising employee endpoints with malware has become the preferred method; a far simpler path into the network than a direct network attack. Agencies need to recognize and address this growing danger.

  • Continuous Monitoring to Achieve Cybersecurity

    As the cyber threat landscape evolves, security methods and tools need to change, too. In this Digital Dialogue, Ken Durbin, manager of Continuous Monitoring Practice at Symantec, explains how the undefined boundaries of the modern IT infrastructure necessitate the deployment of continuous monitoring solutions.

  • Stopping Zero-Day Exploits for Dummies

    Cyber attacks are growing every day and can become serious threats to your organization, but how do you know and understand the threats out there? Download a copy of this book, and you will discover the zero-day exploits and threats used to compromise your agency.