The Open Group's standard could help government ensure that COTS products do not contain backdoors or counterfeit components.
Patches, idle accounts, mobile devices not in use and, yes, disgruntled workers have to be accounted for.
Co3's system can help agencies identify an attack or breach, in part by putting users on the case, and then lead officials through the response.
In the face of growing use of stolen and fake certificates to deliver malicious code, NIST and an industry alliance are working to improve what has become an automated, online process.
Shodan scours the Web for connected devices that aren't looking to be found, such as traffic lights, door locks and power systems. And many of them aren't secured.
The services have obvious appeal to employees, but have a history of breaches. Pennsylvania's CISO, for one, steers agencies to in-house or enterprise storage services.
Government offices, including Public Safety Answering Points, are being flooded with calls to block phone lines in an extortion scam that shows how easy such attacks can be, according to a DHS alert.
DOD's inspector general says the Army is "unaware" of some 14,000 smart phones and tablets, many of them unmanaged and unsecure.
For iOS and Android devices, Secure Gesture from Fixmo and Lockheed Martin lets users log in with a touch-screen gesture that can be almost impossible to duplicate.
With the FIPS 140-2 validated TrustChip, KoolSpan's solution is the first hardware-encrypted security for the iPhone 4 series.
Three quarters of government computers are running unsupported versions of Java, according to a Websense analysis, leaving them vulnerable to a long list of malicious exploits.
NASA closed down its Technical Reports Server for review after the arrest of a suspected spy and a congressman’s concern over the potential availability of sensitive documents.