Pentagon and Washington DC covered in snow

BYO3: The tools of telework expand with the mobile workforce

Telework Week gets tens of thousands of feds to try working from home, and they're not all using an agency-issued laptop.

Computer generated image of sentry guarding a digital tunnel

Attacks hit, but don't break, new SHA-3 candidate

Research describing a more successful attack on the new Secure Hash Algorithm will be published later this month, but SHA-3 remains much more powerful than the best attacks yet discovered.

DiskVault FIPS external USB and module bay Self Encrypting Drive

CMS locks down DiskVault drives with FIPS-level encryption

The company has added NIST-certified encryption to its USB and module bay self-encrypting drives.

Old chain link fence with big hole cut in it

Why do so many antivirus programs miss the same, old exploits?

Testing by NSS Labs shows that not only do antivirus products miss known exploits, they often are blind to the same ones, opening windows of opportunity for attackers -- particularly against legacy agency systems.

Representation of a secure chip

At age 10, Trusted Computing Group sees a new world of threats

The group has brought the Trusted Platform Module in line with government requirements, but security standards must keep pace with mobile computing and rapidly changing threat environments.

RSA show floor

What rocks at RSA? Big data security, active defense.

The explosive growth in information generated by security tools is putting a premium on the ability to analyze large volumes of data, say experts, who also call for active defense.

Unlocked Census data

Census tech transition leaves security weaknesses, GAO says

An incomplete transition to a new IT security framework has left weaknesses in some systems holding sensitive census information, according to a GAO report.

Neutering iPads to make them safe in secure environments

How to make iPads safe for government? 'Neuter' them.

Mobile devices can be a risk to secure environments. A CACI exec says one approach to security has been to alter the hardware of Apple iPads.

Electronic identity verification

NSTIC opens next round of grants for secure ID technology

Project would use public-private partnerships to create easier, more secure authentication that would support online government services and commercial transactions.

High risk climb when rope breaks on dangling mountain climbers

Trusted ID, monitoring efforts can’t keep IT security off high-risk list

After 16 years of plans, strategies and regulation, federal IT security is one of 30 program areas designated by government auditors as high risk.

Smartphone with lock and key in it

5 tips for secure mobile apps

Security is a natural concern for agencies building mobile applications. Here are a few important points to keep in mind.

Dog unable to access bone on computer

FIDO plans to eradicate bad passwords, bolster online identification

The Fast Identity Online Alliance will release a protocol to make secure log-in more user friendly, making it easy to replace passwords with stronger authentication.

Topic Resources

  • Advanced Threats and Big Data: The New Cybersecurity Landscape

    So often in our organizations, information silos keep us from sharing data and communicating the right information at the right time to stop advanced threats. Hear why a big data solution is an important part of a defense against advanced threats and ideas about what data sources are required across the organization for this analysis to combat these attacks.

  • The STAND: Cybersecurity

    Advanced persistent threats. Zero-day attacks. Insider threats. Cybersecurity experts say that if IT leaders are not concerned about the ongoing evolution of the cyber landscape, it just means they are not paying enough attention. The problem is that these and other emerging cyber tactics are designed to evade traditional cyber defenses and escape detection until it’s too late. The good news is it’s not a lost cause. In this special report, two subject matter experts discuss cybersecurity technologies and strategies that can help agencies defend their systems and data against the latest cyber threats, today and into the future.

  • Establishing a Logical Perimeter: The Evolution of Network Security

    This whitepaper highlights the challenges you face when users are off network, and strategies to address the compliance and protection issues posed by remote network users.

  • Zero Trust Approach to Network Security

    The continued, high frequency of successful cyberattacks against today’s enterprises has made it abundantly clear that traditional, perimeter-centric security strategies are no longer effective. Read this whitepaper to learn about the effectiveness of a Zero Trust security model in addressing the shortcomings of failing perimeter-centric strategies.

  • Stalking the Kill Chain

    Gain insight into the effects of the changing information security threat landscape. Learn RSA’s approach to identifying strategies and techniques to establish a good defense, the “kill chain” concept and how to detect and respond, and how to level the adversarial playing field