Cybereye

CyberEye

  • Cyberattack ‘platforms’ call for defense in depth – and breadth

    Cyberattack ‘platforms’ call for defense in depth – and breadth

    The new level of advanced persistent threats – some lasting for a decade or more – calls for agencies to extend their defensive measures to cover threats to partners well outside the enterprise.

  • Cyberecurity’s not done until the paperwork is finished

    Cybersecurity’s not done until the paperwork is finished

    The VA has been dinged – again – by the GAO because of incomplete follow-through in its cybersecurity operations, showing that it takes more than mere box-checking to make regulators happy.

  • Look for more attacks coming from privileged accounts

    Look for more attacks coming from privileged accounts

    A recent survey claims that most, if not all, of the rise in sophisticated, targeted attacks from the outside is due to exploitation of privileged accounts.

  • NIST marks top security requirements for government cloud

    NIST marks top security requirements for government cloud

    NIST’s cloud computing roadmap recommends actions to ensure that cloud computing offerings meet the security needs of government as well as the requirements of multiple tenants.

  • Attacks on open source call for better software design

    Attacks on open source call for better software design

    With as much as 90 percent of the code used for in-house development is based on pre-fabricated modules, we need better tools that scan components for potential vulnerabilities before they are tied into actual products.

    Comments: 4
  • Critics await ‘The Return of Open Enrollment’

    Critics await 'The Return of Open Enrollment'

    When online health insurance exchanges failed to perform as expected during the Affordable Care Act’s first open enrollment period, call centers became a vital backup. How will things roll in the upcoming OE2?

  • What a secure mobile OS means for BYOD

    Lollipop or lockdown? What a secure mobile OS means for BYOD

    Android Lollipop and iOS8 present government mobility managers with more options for balancing end-user convenience with the requirements of high-threat, classified environments.

    Comments: 1
  • Taking aim at stealthy attacks

    Taking aim at stealthy attacks

    The recent SandWorm report on cyber espionage against NATO highlights the need for strategies such as the cyber kill chain to detect and disable stealthy, zero-day threats before they bleed you dry.

  • What gives? Shellshock fails to shock

    Shortly after the Heartbleed bug caused a panic in security circles, along comes something which could be even more serious and the reaction seems to be one big yawn.

    Comments: 1
  • Hoping higher FISMA scores mean more than compliance

    Hoping higher FISMA scores mean more than compliance

    Growing resources and increasing attention being paid to continuous monitoring could help agencies consolidate last year's gains in FISMA performance.