AWS gets approval to offer cloud services from FedRAMP

Amazon gets FedRAMP OK for cloud services

AWS gets approval to offer cloud services under the Federal Risk and Authorization Management Program, which agencies use to assess the risks of cloud services.

Control room in a power plant

Public feedback IDs challenges in securing critical infrastructure

Comments on a NIST request about developing a cybersecurity framework for protecting critical energy, utilities and information systems show where work needs to be done.

Cybersecurity experts check for intrusions

In current threat landscape, cyber teams need to go looking for trouble

Cybersecurity must become a full partner with IT and get more aggressive in searching out threats in order to effectively fulfill its mission of supporting agency missions.

Close up of a hard disk

Fighting malware with hardware can produce better security

Rather than trying to keep up with and get ahead of malicious software, hardware security can help ensure that devices are safe and remain uninfected, says Imation's Larry Hamid.

washington navy yard

Security plays a key role in Navy's energy grid upgrade

The service's industrial controls get smarter during its quest for "net zero" buildings, which brings cybersecurity into play.

Man and woman looking suspiciously at each other

The trick to detecting Poison Ivy RAT and other stealthy malware

Although malware can evade signatures and other filters, its code leaves telltale tracks that can be discovered through traffic analysis, analysts show in FOSE demonstration.

Man working on computer code at night

Need to build secure software? Free help is online.

SAFECode, an industry group promoting reliability in commercial software, is releasing a free online training course on the basics secure software development.

Man shouting into megaphone at university

Universities get schooled on DNS amplification attacks

The open access policies at educational institutions can leave them open to being exploited as bots in large-scale distributed denial of service attacks. There are steps they can take to mitigate the problem.

DHS Einstein intrusion detection system

DHS coming up short on Einstein deployment

Deployment of the governmentwide intrusion detection system was scheduled to be completed last year, but there still are a "bunch of agencies not covered."

Attendees at the FOSE keynote

What's hot at FOSE 2013

The annual conference and expo kicks off Tuesday, tackling the key challenges facing the public-sector IT community.

Honeywords or decoy passwords can trick hackers

'Honeywords' can dupe password thieves

Decoys assigned to user accounts could tip off admins to attacks born of stolen passwords, Ari Juels and Ron Rivest say.

Encryption via quantum computing

Unbreakable encryption remains a pipe dream, even on a quantum Internet

Despite efforts to use the principles of quantum computing to create unbreakable encryption, the system fails outside a lab or highly controlled setting.

Topic Resources

  • Update on Assessment & Authorization (A&A) Processes for Cross Domain Solutions

    As introduced in our latest certification and accreditation (C&A) basics webcast (“Navigating Certification & Accreditation – A Primer) C&A terminology is transitioning to assessment and authorization (A&A). See the associated white paper “From C&A to A&A – The RMF Shoe Has Dropped.” Continuing the transition discussion, Raytheon Cyber Products and Steve Welke are pleased to present a webcast updating the latest information on A&A processes for cross domain, multilevel security solutions. Join Steve Welke, an A&A industry expert, as he discusses the A&A principles, requirements and processes.

  • Increase Data Security through Your Print Solution

    You’ve consolidated your desktops with virtualization and moved your data to the cloud. What else can you do to obtain additional costs savings and increase security while keeping your network flexible? Connect print and digital information from across your organization with the people who need it, exactly when they need it. Join this webcast to learn how security software and printing solutions work together to eliminate extraneous printers at multiple sensitivity levels, allowing organizations to recognize significant savings from reduced hardware, space, power, support and supplies.

  • IBM i2 National Security and Defense Intelligence Demo

    In this video IBM Product Manager James Vincent presents an overview and demo of IBM® i2® National Security and Defense Intelligence—a cost effective information exploitation solution that provides data acquisition, multi-faceted intelligence analysis and multi-agency and partner collaboration features.

  • All About Self-Encrypting Drives

    With data security risks on the rise, an influx of government mandates and regulations for securing data have been implemented and are becoming the norm. Eliminating exposure of private data is now simply viewed as a mandatory and sound business practice. To avoid the high costs associated with these types of data compromises, organizations must put in place a comprehensive security strategy. Read this whitepaper to learn how self-encryption is achieving this initiative.

  • The Rising Threat of Enterprise Cybercrime

    Cybercriminals are leveraging vulnerabilities of the Internet, browsers, operating systems, and applications to secretly and proficiently gain access to information assets. Compromising employee endpoints with malware has become the preferred method; a far simpler path into the network than a direct network attack. Agencies need to recognize and address this growing danger.