Aegis Secure Key

Tamper-proof key drive gets Level 3 validation

The Aegis Secure Key, with a numeric keypad and 256-bit AES encryption, meets the standards for FIPS 140-2 Level 3.

Man repairing an exposed wall

Agencies' security efforts stall, report says

OMB's FISMA report says performance varied widely among agencies, though there was progress in three key areas.

Businessmen having a private conversation in a tunnel

How to secure mobile comm? Cut out the trusted third party.

The Silent Circle crypto service could solve BYOD security through peer-to-peer encryption, and although that could keep authorities from snooping on calls, military and intelligence agencies are getting on board.

Complex maze with cloud in background

The enemy of risk management starts with a C (and it's not China)

Complexity is the enemy of security, says NIST's FISMA lead Ron Ross, and the cloud can help simplify networks.

Business people meeting against a backdrop of financial pricing data

Financial ISAC shows how info sharing beefs up security

The Financial Services Information Sharing and Analysis Center, a collaborative effort on the cyber defense of the financial sector, was honored with the RSA Conference's information security award.

Pentagon and Washington DC covered in snow

BYO3: The tools of telework expand with the mobile workforce

Telework Week gets tens of thousands of feds to try working from home, and they're not all using an agency-issued laptop.

Computer generated image of sentry guarding a digital tunnel

Attacks hit, but don't break, new SHA-3 candidate

Research describing a more successful attack on the new Secure Hash Algorithm will be published later this month, but SHA-3 remains much more powerful than the best attacks yet discovered.

DiskVault FIPS external USB and module bay Self Encrypting Drive

CMS locks down DiskVault drives with FIPS-level encryption

The company has added NIST-certified encryption to its USB and module bay self-encrypting drives.

Old chain link fence with big hole cut in it

Why do so many antivirus programs miss the same, old exploits?

Testing by NSS Labs shows that not only do antivirus products miss known exploits, they often are blind to the same ones, opening windows of opportunity for attackers -- particularly against legacy agency systems.

Representation of a secure chip

At age 10, Trusted Computing Group sees a new world of threats

The group has brought the Trusted Platform Module in line with government requirements, but security standards must keep pace with mobile computing and rapidly changing threat environments.

RSA show floor

What rocks at RSA? Big data security, active defense.

The explosive growth in information generated by security tools is putting a premium on the ability to analyze large volumes of data, say experts, who also call for active defense.

Unlocked Census data

Census tech transition leaves security weaknesses, GAO says

An incomplete transition to a new IT security framework has left weaknesses in some systems holding sensitive census information, according to a GAO report.

Topic Resources

  • Update on Assessment & Authorization (A&A) Processes for Cross Domain Solutions

    As introduced in our latest certification and accreditation (C&A) basics webcast (“Navigating Certification & Accreditation – A Primer) C&A terminology is transitioning to assessment and authorization (A&A). See the associated white paper “From C&A to A&A – The RMF Shoe Has Dropped.” Continuing the transition discussion, Raytheon Cyber Products and Steve Welke are pleased to present a webcast updating the latest information on A&A processes for cross domain, multilevel security solutions. Join Steve Welke, an A&A industry expert, as he discusses the A&A principles, requirements and processes.

  • Increase Data Security through Your Print Solution

    You’ve consolidated your desktops with virtualization and moved your data to the cloud. What else can you do to obtain additional costs savings and increase security while keeping your network flexible? Connect print and digital information from across your organization with the people who need it, exactly when they need it. Join this webcast to learn how security software and printing solutions work together to eliminate extraneous printers at multiple sensitivity levels, allowing organizations to recognize significant savings from reduced hardware, space, power, support and supplies.

  • IBM i2 National Security and Defense Intelligence Demo

    In this video IBM Product Manager James Vincent presents an overview and demo of IBM® i2® National Security and Defense Intelligence—a cost effective information exploitation solution that provides data acquisition, multi-faceted intelligence analysis and multi-agency and partner collaboration features.

  • Continuous Monitoring: Elevating Cybersecurity in State and Local Government

    State and local agencies are not required to comply with federal policies related to continuous monitoring and NIST's Cybersecurity Framework, but they would be better off if they did. Whether it is required or not, the concept of continuous monitoring has been proven to raise the level of cybersecurity when implemented appropriately and with the right tools. Join this webcast to learn more about how your agency could benefit from continuous monitoring and NIST guidance.

  • All About Self-Encrypting Drives

    With data security risks on the rise, an influx of government mandates and regulations for securing data have been implemented and are becoming the norm. Eliminating exposure of private data is now simply viewed as a mandatory and sound business practice. To avoid the high costs associated with these types of data compromises, organizations must put in place a comprehensive security strategy. Read this whitepaper to learn how self-encryption is achieving this initiative.