Checking computer memory

Group aims to draw the line on counterfeit IT

The Open Group's standard could help government ensure that COTS products do not contain backdoors or counterfeit components.

One worker in an empty cubicle farm

6 steps to secure systems for sequester

Patches, idle accounts, mobile devices not in use and, yes, disgruntled workers have to be accounted for.

Big ship in fog bearing down on man in rowboat crisis management

Hacks happen. Security Module can help agencies navigate crisis response

Co3's system can help agencies identify an attack or breach, in part by putting users on the case, and then lead officials through the response.

Computer system checks out as clean

Digital certificates need to regain users' trust

In the face of growing use of stolen and fake certificates to deliver malicious code, NIST and an industry alliance are working to improve what has become an automated, online process.

City traffic controls have Internet connections

'Scary' search engine can find millions of agency back doors

Shodan scours the Web for connected devices that aren't looking to be found, such as traffic lights, door locks and power systems. And many of them aren't secured.

Man on cliff with cloud background illustrating that cloud choices may be too risky

Free cloud storage is tempting, but is the price too high?

The services have obvious appeal to employees, but have a history of breaches. Pennsylvania's CISO, for one, steers agencies to in-house or enterprise storage services.

New York City Police Department call center

Phone-DOS attacks in extortion scam target gov offices

Government offices, including Public Safety Answering Points, are being flooded with calls to block phone lines in an extortion scam that shows how easy such attacks can be, according to a DHS alert.

Soldier using smartphone to access Army mobile sites

Mobile devices run amok in the Army, report says

DOD's inspector general says the Army is "unaware" of some 14,000 smart phones and tablets, many of them unmanaged and unsecure.

Fixmo Secure Gesture password technology

Better than a password? Write with your finger.

For iOS and Android devices, Secure Gesture from Fixmo and Lockheed Martin lets users log in with a touch-screen gesture that can be almost impossible to duplicate.

FIPS 140 2 validated TrustChip for Trustcall on iPhone

TrustCall brings fully encrypted voice to the iPhone

With the FIPS 140-2 validated TrustChip, KoolSpan's solution is the first hardware-encrypted security for the iPhone 4 series.

Cyber attack on network

Why is Java so risky? 77 percent of agencies run unsupported versions

Three quarters of government computers are running unsupported versions of Java, according to a Websense analysis, leaving them vulnerable to a long list of malicious exploits.

Data numbers binary

Can NASA vet all material in its shuttered tech database?

NASA closed down its Technical Reports Server for review after the arrest of a suspected spy and a congressman’s concern over the potential availability of sensitive documents.

Topic Resources

  • Increase Data Security through Your Print Solution

    You’ve consolidated your desktops with virtualization and moved your data to the cloud. What else can you do to obtain additional costs savings and increase security while keeping your network flexible? Connect print and digital information from across your organization with the people who need it, exactly when they need it. Join this webcast to learn how security software and printing solutions work together to eliminate extraneous printers at multiple sensitivity levels, allowing organizations to recognize significant savings from reduced hardware, space, power, support and supplies.

  • Continuous Monitoring: Elevating Cybersecurity in State and Local Government

    State and local agencies are not required to comply with federal policies related to continuous monitoring and NIST's Cybersecurity Framework, but they would be better off if they did. Whether it is required or not, the concept of continuous monitoring has been proven to raise the level of cybersecurity when implemented appropriately and with the right tools. Join this webcast to learn more about how your agency could benefit from continuous monitoring and NIST guidance.

  • All About Self-Encrypting Drives

    With data security risks on the rise, an influx of government mandates and regulations for securing data have been implemented and are becoming the norm. Eliminating exposure of private data is now simply viewed as a mandatory and sound business practice. To avoid the high costs associated with these types of data compromises, organizations must put in place a comprehensive security strategy. Read this whitepaper to learn how self-encryption is achieving this initiative.

  • The Rising Threat of Enterprise Cybercrime

    Cybercriminals are leveraging vulnerabilities of the Internet, browsers, operating systems, and applications to secretly and proficiently gain access to information assets. Compromising employee endpoints with malware has become the preferred method; a far simpler path into the network than a direct network attack. Agencies need to recognize and address this growing danger.

  • Continuous Monitoring to Achieve Cybersecurity

    As the cyber threat landscape evolves, security methods and tools need to change, too. In this Digital Dialogue, Ken Durbin, manager of Continuous Monitoring Practice at Symantec, explains how the undefined boundaries of the modern IT infrastructure necessitate the deployment of continuous monitoring solutions.