Firewall fire in front of brick wall

Next-generation firewalls are actually getting better

Firewall vendors are stepping up to improve performance and fix problems, according to the results of the most recent comparative tests conducted by NSS Labs.

Aegis Secure Key

Tamper-proof key drive gets Level 3 validation

The Aegis Secure Key, with a numeric keypad and 256-bit AES encryption, meets the standards for FIPS 140-2 Level 3.

Man repairing an exposed wall

Agencies' security efforts stall, report says

OMB's FISMA report says performance varied widely among agencies, though there was progress in three key areas.

Businessmen having a private conversation in a tunnel

How to secure mobile comm? Cut out the trusted third party.

The Silent Circle crypto service could solve BYOD security through peer-to-peer encryption, and although that could keep authorities from snooping on calls, military and intelligence agencies are getting on board.

Complex maze with cloud in background

The enemy of risk management starts with a C (and it's not China)

Complexity is the enemy of security, says NIST's FISMA lead Ron Ross, and the cloud can help simplify networks.

Business people meeting against a backdrop of financial pricing data

Financial ISAC shows how info sharing beefs up security

The Financial Services Information Sharing and Analysis Center, a collaborative effort on the cyber defense of the financial sector, was honored with the RSA Conference's information security award.

Pentagon and Washington DC covered in snow

BYO3: The tools of telework expand with the mobile workforce

Telework Week gets tens of thousands of feds to try working from home, and they're not all using an agency-issued laptop.

Computer generated image of sentry guarding a digital tunnel

Attacks hit, but don't break, new SHA-3 candidate

Research describing a more successful attack on the new Secure Hash Algorithm will be published later this month, but SHA-3 remains much more powerful than the best attacks yet discovered.

DiskVault FIPS external USB and module bay Self Encrypting Drive

CMS locks down DiskVault drives with FIPS-level encryption

The company has added NIST-certified encryption to its USB and module bay self-encrypting drives.

Old chain link fence with big hole cut in it

Why do so many antivirus programs miss the same, old exploits?

Testing by NSS Labs shows that not only do antivirus products miss known exploits, they often are blind to the same ones, opening windows of opportunity for attackers -- particularly against legacy agency systems.

Representation of a secure chip

At age 10, Trusted Computing Group sees a new world of threats

The group has brought the Trusted Platform Module in line with government requirements, but security standards must keep pace with mobile computing and rapidly changing threat environments.

RSA show floor

What rocks at RSA? Big data security, active defense.

The explosive growth in information generated by security tools is putting a premium on the ability to analyze large volumes of data, say experts, who also call for active defense.

Topic Resources

  • Continuous Monitoring: Elevating Cybersecurity in State and Local Government

    State and local agencies are not required to comply with federal policies related to continuous monitoring and NIST's Cybersecurity Framework, but they would be better off if they did. Whether it is required or not, the concept of continuous monitoring has been proven to raise the level of cybersecurity when implemented appropriately and with the right tools. Join this webcast to learn more about how your agency could benefit from continuous monitoring and NIST guidance.

  • The Rising Threat of Enterprise Cybercrime

    Cybercriminals are leveraging vulnerabilities of the Internet, browsers, operating systems, and applications to secretly and proficiently gain access to information assets. Compromising employee endpoints with malware has become the preferred method; a far simpler path into the network than a direct network attack. Agencies need to recognize and address this growing danger.

  • Continuous Monitoring to Achieve Cybersecurity

    As the cyber threat landscape evolves, security methods and tools need to change, too. In this Digital Dialogue, Ken Durbin, manager of Continuous Monitoring Practice at Symantec, explains how the undefined boundaries of the modern IT infrastructure necessitate the deployment of continuous monitoring solutions.

  • Stopping Zero-Day Exploits for Dummies

    Cyber attacks are growing every day and can become serious threats to your organization, but how do you know and understand the threats out there? Download a copy of this book, and you will discover the zero-day exploits and threats used to compromise your agency.