man standing in front of several closed doors

What to look for in social malware defense

NSS Labs study found little difference in the performance of five popular enterprise products designed to protect against socially engineered malware, such as fake system upgrades and anti-virus offers.

Virtual city hall

In virtual town of Alphaville, students prep for cyber sieges

Alphaville is part of the Michigan Cyber Range, a network and classroom training environment designed to prepare IT managers on cybersecurity attacks and defenses.

random numbers

NIST drops crypto algorithm

Comments on trustworthiness of cryptographic keys developed with Dual_EC_DRBG causes the standards agency to recommend against its use.

Man programming websites

Most secure Web programming language? It depends.

Whether a website was built with new or legacy programming languages, the security risk is about the same, according to a new website security report.

Man hiding crossed fingers

Insider threats add pressure for real-time fixes to workforce risks

The Snowden and Wikileaks affairs, as well as potential threats from other insiders, has ratcheted up the urgency for a near-real-time analytic approach to government insider workforce risks.

New tools link enterprise, perimeter and next-gen security

Point solutions to protect the perimeter of the enterprise are not obsolete, but a new generation of tools is arriving to complement them and provide the awareness needed to defend against new complex and targeted threats.

Man with virtual monitors

Big data takes on the kill chain

Big data systems can correlate structured and unstructured data to paint a complete picture about an agency’s overall IT health and offer insight into the sophisticated threats.

ID management schematic

Cloud service simplifies certificate management, credentialing

Entrust IdentityGuard cloud-based console simplifies management of SSL, PKI, certificate discovery, device certificates and credentialing.

IT manager heartbleed data center

Heartbleed prognosis: Long, laborious discovery, recovery

Described as "one of the scariest bugs I've seen" by a DOD technical analyst, Heartbleed could leave agency systems from enterprise email to Web sites vulnerable to attack.

Computer security combination lock on keyboard

ID resolution software helps thwart fraud rings

FICO's 50+ algorithms scour multiple data sources to help defeat criminal rings that perpetrate money laundering, insider fraud and other crimes.

Credential management

Government's credential exchange to go live soon

The Federal Cloud Credential Exchange, hosted by the Postal Service, is expected to be in operation this spring, providing a cloud-based identity hub for agencies.

People viewing MI Bridges portal

State pilots test ID management for online services

Michigan and Pennsylvania are testing identity proofing and enabling federated use of secure credentials for online access to government services.

Topic Resources

  • Continuous Monitoring: Elevating Cybersecurity in State and Local Government

    State and local agencies are not required to comply with federal policies related to continuous monitoring and NIST's Cybersecurity Framework, but they would be better off if they did. Whether it is required or not, the concept of continuous monitoring has been proven to raise the level of cybersecurity when implemented appropriately and with the right tools. Join this webcast to learn more about how your agency could benefit from continuous monitoring and NIST guidance.

  • The Rising Threat of Enterprise Cybercrime

    Cybercriminals are leveraging vulnerabilities of the Internet, browsers, operating systems, and applications to secretly and proficiently gain access to information assets. Compromising employee endpoints with malware has become the preferred method; a far simpler path into the network than a direct network attack. Agencies need to recognize and address this growing danger.

  • Continuous Monitoring to Achieve Cybersecurity

    As the cyber threat landscape evolves, security methods and tools need to change, too. In this Digital Dialogue, Ken Durbin, manager of Continuous Monitoring Practice at Symantec, explains how the undefined boundaries of the modern IT infrastructure necessitate the deployment of continuous monitoring solutions.

  • Stopping Zero-Day Exploits for Dummies

    Cyber attacks are growing every day and can become serious threats to your organization, but how do you know and understand the threats out there? Download a copy of this book, and you will discover the zero-day exploits and threats used to compromise your agency.