Man shouting into megaphone at university

Universities get schooled on DNS amplification attacks

The open access policies at educational institutions can leave them open to being exploited as bots in large-scale distributed denial of service attacks. There are steps they can take to mitigate the problem.

DHS Einstein intrusion detection system

DHS coming up short on Einstein deployment

Deployment of the governmentwide intrusion detection system was scheduled to be completed last year, but there still are a "bunch of agencies not covered."

Attendees at the FOSE keynote

What's hot at FOSE 2013

The annual conference and expo kicks off Tuesday, tackling the key challenges facing the public-sector IT community.

Honeywords or decoy passwords can trick hackers

'Honeywords' can dupe password thieves

Decoys assigned to user accounts could tip off admins to attacks born of stolen passwords, Ari Juels and Ron Rivest say.

Encryption via quantum computing

Unbreakable encryption remains a pipe dream, even on a quantum Internet

Despite efforts to use the principles of quantum computing to create unbreakable encryption, the system fails outside a lab or highly controlled setting.

Security control room at QTS Richmond data center

QTS opens secure cloud test lab for government

Facility in Richmond, Va., will speed up development and deployment of secure cloud computing services

WiebeTech Ditto Forensic FieldStation

Forensic FieldStation brings stealth to hard drive data capture

It runs silent, can turn off its lights and be operated remotely by a technician who doesn't have to join investigators or a covert team in the field.

Man installing new roof with tornado in background

New strategy for IT security: Focus on the systems, not the threats

The updated security controls in NIST SP 800-53 give administrators more flexibility and put a greater focus on IT systems with built-in security.

Data secured in the cloud

How to ensure trusted geolocation of data in the cloud

The first product of the NCCOE is a demonstration of a geolocation scheme to let end users validate that work being done in the cloud is being done in a secure location.

NIST cybersecurity building blocks

R&D center to offer 'building blocks' of cybersecurity

NIST's National Cybersecurity Center of Excellence plans to add a federally funded center to help accelerate adoption of existing cybersecurity technology.

DataGauss tabletop electronic media destruction unit

DataGauss fast way destroy hard drives

Data Device's new tabletop degaussing machine can destroy the data on a hard drive in 45 seconds.

Firefighter working a forest fire

12 steps that can help agencies fight DDOS attacks

As denial of service attacks become more frequent and powerful, agencies need to take steps to prepare, from new arrangements with ISPs to establishing low-bandwidth alternate communications.

Topic Resources

  • Continuous Monitoring: Elevating Cybersecurity in State and Local Government

    State and local agencies are not required to comply with federal policies related to continuous monitoring and NIST's Cybersecurity Framework, but they would be better off if they did. Whether it is required or not, the concept of continuous monitoring has been proven to raise the level of cybersecurity when implemented appropriately and with the right tools. Join this webcast to learn more about how your agency could benefit from continuous monitoring and NIST guidance.

  • The Rising Threat of Enterprise Cybercrime

    Cybercriminals are leveraging vulnerabilities of the Internet, browsers, operating systems, and applications to secretly and proficiently gain access to information assets. Compromising employee endpoints with malware has become the preferred method; a far simpler path into the network than a direct network attack. Agencies need to recognize and address this growing danger.

  • Continuous Monitoring to Achieve Cybersecurity

    As the cyber threat landscape evolves, security methods and tools need to change, too. In this Digital Dialogue, Ken Durbin, manager of Continuous Monitoring Practice at Symantec, explains how the undefined boundaries of the modern IT infrastructure necessitate the deployment of continuous monitoring solutions.

  • Stopping Zero-Day Exploits for Dummies

    Cyber attacks are growing every day and can become serious threats to your organization, but how do you know and understand the threats out there? Download a copy of this book, and you will discover the zero-day exploits and threats used to compromise your agency.