Most of the exposures came from agency contractor or business partner sites or from employees using their government email accounts to register for web-based services, according to security threat analyst Recorded Future.
Between the costs of replacing core systems and the dwindling number of workers qualified to work on them, agencies have few good options.
Is overconfidence by IT security managers a bigger problem than technology challenges?
New studies show just how rapidly the threats are growing -- yet government is still wrestling with basic cyber hygiene.
As mobile devices proliferate and the cloud becomes the primary way of delivering apps and services, the former hard edge of the network is becoming much fuzzier.
The report, among other things, “demonstrates the need for all those stinking patches on all your stinking systems.”
The research agency’s BRASS program aims to ensure that applications can continue to function in a rapidly changing technology ecosystem.
Identity must be the foundation for future security platforms because traditional network, data and systems protections are of limited use against today's sophisticated cyber criminals.
The audit by Cryptography Services will cover a range of security concerns but will focus primarily on the Transport Layer Security stacks, protocol flow, state transitions and memory management.