Man checking for computer vulnerabilities

Top 6 vulnerabilities found via penetration tests

Agency IT managers can often easily address the common vulnerabilities uncovered by penetration testing.

Construction workers

IRS trains devs to build in security from the start

Code analysts at the IRS are stepping in to help train software developers and project managers to make their software more secure from the beginning of the coding process.

People in a meeting showing importance of communication

Info sharing improves security, slows effects of brain drain

A panel of public and private sector technology leaders says sharing information is key to both improving cybersecurity and to replacing the expertise being lost with the flood of IT workers retiring from government.

photo mosaic of an eye

Worried about security? Beware the mosaic effect

Open data increases the possibilities that individual data sets can be combined and analyzed to reveal private or secure information.

Cyber threats created by Edward Snowden

Cyber threats are spreading, becoming more dangerous

"We have to assume that the sophistication and the prevalence of threats are going to grow," former White House Security advisor Tom Donilon told the FOSE audience.

Attendees at FOSE conference

FOSE 2014 spotlights trends, tactics that drive agency efficiency

With 60 sessions over three days, FOSE 2014 promises a balance of technology and policy designed to give agency managers a view of where IT is trending in government.

Hybrid cloud increases security

How government can securely leverage cloud environments

The choice for many agencies is not public or private clouds, but rather a blend of the two approaches – often referred to as a hybrid cloud – where Internet-based applications provide information into a system that sits inside agency firewalls.

E-filing of tax returns

New tools for combating income tax refund fraud

Agencies can combat income tax refund fraud with authentication tools that fit into existing evaluation processes.

woman wearing PIV badge

HSPD-12 at 10 years: Still a long way to go

The presidential directive that mandated the interoperable PIV card for government workers and contactors will be 10 years old this year, but although millions of cards have been issued, their actual usage remains dismally low.

Transport Layer Security

Agencies must update to newer versions of Transport Layer Security

New guidance from NIST for using TLS in government applications requires later versions of the protocol because of vulnerabilities in version 1.0.

man standing in front of several closed doors

What to look for in social malware defense

NSS Labs study found little difference in the performance of five popular enterprise products designed to protect against socially engineered malware, such as fake system upgrades and anti-virus offers.

Virtual city hall

In virtual town of Alphaville, students prep for cyber sieges

Alphaville is part of the Michigan Cyber Range, a network and classroom training environment designed to prepare IT managers on cybersecurity attacks and defenses.

Topic Resources

  • Update on Assessment & Authorization (A&A) Processes for Cross Domain Solutions

    As introduced in our latest certification and accreditation (C&A) basics webcast (“Navigating Certification & Accreditation – A Primer) C&A terminology is transitioning to assessment and authorization (A&A). See the associated white paper “From C&A to A&A – The RMF Shoe Has Dropped.” Continuing the transition discussion, Raytheon Cyber Products and Steve Welke are pleased to present a webcast updating the latest information on A&A processes for cross domain, multilevel security solutions. Join Steve Welke, an A&A industry expert, as he discusses the A&A principles, requirements and processes.

  • Increase Data Security through Your Print Solution

    You’ve consolidated your desktops with virtualization and moved your data to the cloud. What else can you do to obtain additional costs savings and increase security while keeping your network flexible? Connect print and digital information from across your organization with the people who need it, exactly when they need it. Join this webcast to learn how security software and printing solutions work together to eliminate extraneous printers at multiple sensitivity levels, allowing organizations to recognize significant savings from reduced hardware, space, power, support and supplies.

  • IBM i2 National Security and Defense Intelligence Demo

    In this video IBM Product Manager James Vincent presents an overview and demo of IBM® i2® National Security and Defense Intelligence—a cost effective information exploitation solution that provides data acquisition, multi-faceted intelligence analysis and multi-agency and partner collaboration features.

  • Continuous Monitoring: Elevating Cybersecurity in State and Local Government

    State and local agencies are not required to comply with federal policies related to continuous monitoring and NIST's Cybersecurity Framework, but they would be better off if they did. Whether it is required or not, the concept of continuous monitoring has been proven to raise the level of cybersecurity when implemented appropriately and with the right tools. Join this webcast to learn more about how your agency could benefit from continuous monitoring and NIST guidance.

  • All About Self-Encrypting Drives

    With data security risks on the rise, an influx of government mandates and regulations for securing data have been implemented and are becoming the norm. Eliminating exposure of private data is now simply viewed as a mandatory and sound business practice. To avoid the high costs associated with these types of data compromises, organizations must put in place a comprehensive security strategy. Read this whitepaper to learn how self-encryption is achieving this initiative.