washington navy yard

Security plays a key role in Navy's energy grid upgrade

The service's industrial controls get smarter during its quest for "net zero" buildings, which brings cybersecurity into play.

Man and woman looking suspiciously at each other

The trick to detecting Poison Ivy RAT and other stealthy malware

Although malware can evade signatures and other filters, its code leaves telltale tracks that can be discovered through traffic analysis, analysts show in FOSE demonstration.

Man working on computer code at night

Need to build secure software? Free help is online.

SAFECode, an industry group promoting reliability in commercial software, is releasing a free online training course on the basics secure software development.

Man shouting into megaphone at university

Universities get schooled on DNS amplification attacks

The open access policies at educational institutions can leave them open to being exploited as bots in large-scale distributed denial of service attacks. There are steps they can take to mitigate the problem.

DHS Einstein intrusion detection system

DHS coming up short on Einstein deployment

Deployment of the governmentwide intrusion detection system was scheduled to be completed last year, but there still are a "bunch of agencies not covered."

Attendees at the FOSE keynote

What's hot at FOSE 2013

The annual conference and expo kicks off Tuesday, tackling the key challenges facing the public-sector IT community.

Honeywords or decoy passwords can trick hackers

'Honeywords' can dupe password thieves

Decoys assigned to user accounts could tip off admins to attacks born of stolen passwords, Ari Juels and Ron Rivest say.

Encryption via quantum computing

Unbreakable encryption remains a pipe dream, even on a quantum Internet

Despite efforts to use the principles of quantum computing to create unbreakable encryption, the system fails outside a lab or highly controlled setting.

Security control room at QTS Richmond data center

QTS opens secure cloud test lab for government

Facility in Richmond, Va., will speed up development and deployment of secure cloud computing services

WiebeTech Ditto Forensic FieldStation

Forensic FieldStation brings stealth to hard drive data capture

It runs silent, can turn off its lights and be operated remotely by a technician who doesn't have to join investigators or a covert team in the field.

Man installing new roof with tornado in background

New strategy for IT security: Focus on the systems, not the threats

The updated security controls in NIST SP 800-53 give administrators more flexibility and put a greater focus on IT systems with built-in security.

Data secured in the cloud

How to ensure trusted geolocation of data in the cloud

The first product of the NCCOE is a demonstration of a geolocation scheme to let end users validate that work being done in the cloud is being done in a secure location.

Topic Resources

  • Update on Assessment & Authorization (A&A) Processes for Cross Domain Solutions

    As introduced in our latest certification and accreditation (C&A) basics webcast (“Navigating Certification & Accreditation – A Primer) C&A terminology is transitioning to assessment and authorization (A&A). See the associated white paper “From C&A to A&A – The RMF Shoe Has Dropped.” Continuing the transition discussion, Raytheon Cyber Products and Steve Welke are pleased to present a webcast updating the latest information on A&A processes for cross domain, multilevel security solutions. Join Steve Welke, an A&A industry expert, as he discusses the A&A principles, requirements and processes.

  • Increase Data Security through Your Print Solution

    You’ve consolidated your desktops with virtualization and moved your data to the cloud. What else can you do to obtain additional costs savings and increase security while keeping your network flexible? Connect print and digital information from across your organization with the people who need it, exactly when they need it. Join this webcast to learn how security software and printing solutions work together to eliminate extraneous printers at multiple sensitivity levels, allowing organizations to recognize significant savings from reduced hardware, space, power, support and supplies.

  • IBM i2 National Security and Defense Intelligence Demo

    In this video IBM Product Manager James Vincent presents an overview and demo of IBM® i2® National Security and Defense Intelligence—a cost effective information exploitation solution that provides data acquisition, multi-faceted intelligence analysis and multi-agency and partner collaboration features.

  • Continuous Monitoring: Elevating Cybersecurity in State and Local Government

    State and local agencies are not required to comply with federal policies related to continuous monitoring and NIST's Cybersecurity Framework, but they would be better off if they did. Whether it is required or not, the concept of continuous monitoring has been proven to raise the level of cybersecurity when implemented appropriately and with the right tools. Join this webcast to learn more about how your agency could benefit from continuous monitoring and NIST guidance.

  • All About Self-Encrypting Drives

    With data security risks on the rise, an influx of government mandates and regulations for securing data have been implemented and are becoming the norm. Eliminating exposure of private data is now simply viewed as a mandatory and sound business practice. To avoid the high costs associated with these types of data compromises, organizations must put in place a comprehensive security strategy. Read this whitepaper to learn how self-encryption is achieving this initiative.