approved

Symantec gets FISMA certification for shared service products

Two of Symantec's public key infrastructure products receive approval for use by federal agencies and contractors.

letters

Why salted hash is as good for passwords as for breakfast

Encrypted passwords can be vulnerable because a decryption key must be available to the authentication server; hashed passwords cannot be decrypted and must be guessed by an attacker, which can be made impractical.

plant

DLA using botanical DNA to prevent tech counterfeiting

The Defense Logistics Agency is using botanical DNA marking technology to battle a rise in counterfeit electronic parts and devices.

Stratus

Secure, compact PC stack arranges to meet government needs

The multi-client Stratus includes three PCs and a remote controlled KVM to deliver security and convenience to government users who need to operate multiple PCs.

GPS

The serious side of GPS, where timing is everything

Although most widely known as a feature in consumer products, GPS timing and positioning is used in much of the nation's critical infrastructure, from managing air traffic to time-stamping financial transactions.

secure cloud

Is FedRAMP working? It better.

It's the only security standardization game in town for feds, and it will mature. Meanwhile, IBM gets FedRAMP stamp of approval.

shared services

Lack of awareness slows cloud shared services, providers say

In launching shared services, agencies find ways to build awareness of their offerings and to overcome misunderstanding about the cloud.

Belkin DisplayPort Secure KVM

Secure KVM switch a good fit for government

Belkin's DisplayPort Secure KVM locks down sound and video channels, ensuring that no data can cross networks.

social media

How agencies can take social media through the FISMA process

Free services such as Twitter and Facebook are an easy way to expand your online presence, but agencies still must address the risks.

Training for those with cybersecurity responsibilities

Training the cyber workforce to handle new threats

Guidance for providing role-based training to those with cybersecurity responsibilities is being updated to reflect growth in socially engineered threats.

top 10

Users offer 10 security tips to IT staff

A report on a recent survey showing the disconnect between users and IT staff members on security prompted readers to offer some advice.

Businessman examining code

NSA's reported tampering could change how crypto standards are made

NIST has begun a formal review of its processes for developing cryptographic standards in the wake of reports that the NSA, its partner in crypto development, inserted a backdoor into specs for generating crypto keys.

Topic Resources

  • Continuous Monitoring: Elevating Cybersecurity in State and Local Government

    State and local agencies are not required to comply with federal policies related to continuous monitoring and NIST's Cybersecurity Framework, but they would be better off if they did. Whether it is required or not, the concept of continuous monitoring has been proven to raise the level of cybersecurity when implemented appropriately and with the right tools. Join this webcast to learn more about how your agency could benefit from continuous monitoring and NIST guidance.

  • The Rising Threat of Enterprise Cybercrime

    Cybercriminals are leveraging vulnerabilities of the Internet, browsers, operating systems, and applications to secretly and proficiently gain access to information assets. Compromising employee endpoints with malware has become the preferred method; a far simpler path into the network than a direct network attack. Agencies need to recognize and address this growing danger.

  • Continuous Monitoring to Achieve Cybersecurity

    As the cyber threat landscape evolves, security methods and tools need to change, too. In this Digital Dialogue, Ken Durbin, manager of Continuous Monitoring Practice at Symantec, explains how the undefined boundaries of the modern IT infrastructure necessitate the deployment of continuous monitoring solutions.

  • Stopping Zero-Day Exploits for Dummies

    Cyber attacks are growing every day and can become serious threats to your organization, but how do you know and understand the threats out there? Download a copy of this book, and you will discover the zero-day exploits and threats used to compromise your agency.