Cybereye

CyberEye

  • IT manager filling out forms for computer compliance

    Security best practices at the root of FISMA amendments

    Reform would focus on a risk-based approach using automated tools for continuous monitoring that agencies already are adopting. But will they be graded on security or paperwork?

    Comments: 1
  • Example of a password strength meter

    Those meters that rate password strength work, until they don't

    A study of meters used to measure strength of passwords created on websites suggests you can only push users so far before they stop trying.

    Comments: 7
  • Cyber retaliation illustration road sign

    The hack-back vs. the rule of law: Who wins?

    When considering retaliation against cyber criminals, make sure the rule of law trumps the immediate gratification of doing unto others.

  • Different cybersecurity word clouds on two facing monitors

    Built-in security could start with a common lexicon

    As part of efforts to secure government infrastructure, an interagency working group is developing plans for cybersecurity requirements in federal acquisitions, which would benefit from a consistent terminology.

  • Fingerprint scan

    Biometrics: Better than passwords but not bulletproof

    Government and industry experts think biometric authentication is poised to take off, but fingerprints, iris scans and voice recognition are not foolproof forms of ID.

    Comments: 1
  • White House official twitter feed

    Should agencies really have 'official' Twitter feeds?

    Social media outlets were never intended as mission-critical applications; recent events show why.

  • Many state and local government networks are unprepared for cyberattacks

    Many state and local networks unprepared for cyberattacks

    IT officials at a recent conference said efforts to protect their infrastructure are hampered by a lack of resources and a lack of understanding from those who make funding decisions.

  • Engineer checking servers for audit

    Is 'fear the auditor' holding back real IT security?

    The emerging focus on automating IT security raises the question: will agencies automate FISMA compliance or risk management?

    Comments: 1
  • IP phone network hacker

    In a world of unified networks, phones are easy prey for hackers

    As voice becomes just another data service, telephones are opened up to increasing denial-of-service threats from the Internet.

  • Network printers can become hosts for Distributed Reflection Denial of Service attacks

    How hackers can turn the Internet of Things into a weapon

    As more unsecured devices become IP-enabled for remote management or as part of sensor networks, the possibilities for attack grow.