In the face of growing use of stolen and fake certificates to deliver malicious code, NIST and an industry alliance are working to improve what has become an automated, online process.
Shodan scours the Web for connected devices that aren't looking to be found, such as traffic lights, door locks and power systems. And many of them aren't secured.
The services have obvious appeal to employees, but have a history of breaches. Pennsylvania's CISO, for one, steers agencies to in-house or enterprise storage services.
Government offices, including Public Safety Answering Points, are being flooded with calls to block phone lines in an extortion scam that shows how easy such attacks can be, according to a DHS alert.
DOD's inspector general says the Army is "unaware" of some 14,000 smart phones and tablets, many of them unmanaged and unsecure.
For iOS and Android devices, Secure Gesture from Fixmo and Lockheed Martin lets users log in with a touch-screen gesture that can be almost impossible to duplicate.
With the FIPS 140-2 validated TrustChip, KoolSpan's solution is the first hardware-encrypted security for the iPhone 4 series.
Three quarters of government computers are running unsupported versions of Java, according to a Websense analysis, leaving them vulnerable to a long list of malicious exploits.
NASA closed down its Technical Reports Server for review after the arrest of a suspected spy and a congressman’s concern over the potential availability of sensitive documents.
Group has developed a standard features set to use for fingerprint identification, and NIST now has the technical specs to make searches interoperable.
The new Compliance Software Blade lets USF Health easily answer the question, "How are we doing on compliance?"
If agencies are to stop being reactive in addressing cybersecurity, they must first change the way security is implemented on the ground floor.