Complexity is the enemy of security, says NIST's FISMA lead Ron Ross, and the cloud can help simplify networks.
The Financial Services Information Sharing and Analysis Center, a collaborative effort on the cyber defense of the financial sector, was honored with the RSA Conference's information security award.
Telework Week gets tens of thousands of feds to try working from home, and they're not all using an agency-issued laptop.
Research describing a more successful attack on the new Secure Hash Algorithm will be published later this month, but SHA-3 remains much more powerful than the best attacks yet discovered.
The company has added NIST-certified encryption to its USB and module bay self-encrypting drives.
Testing by NSS Labs shows that not only do antivirus products miss known exploits, they often are blind to the same ones, opening windows of opportunity for attackers -- particularly against legacy agency systems.
The group has brought the Trusted Platform Module in line with government requirements, but security standards must keep pace with mobile computing and rapidly changing threat environments.
The explosive growth in information generated by security tools is putting a premium on the ability to analyze large volumes of data, say experts, who also call for active defense.
An incomplete transition to a new IT security framework has left weaknesses in some systems holding sensitive census information, according to a GAO report.
Mobile devices can be a risk to secure environments. A CACI exec says one approach to security has been to alter the hardware of Apple iPads.
Project would use public-private partnerships to create easier, more secure authentication that would support online government services and commercial transactions.
After 16 years of plans, strategies and regulation, federal IT security is one of 30 program areas designated by government auditors as high risk.