A derived credentials policy could be applied not just to devices but to specific apps that require a greater level of assurance.
Sophisticated and determined adversaries can take advantage of security weaknesses in online meeting services to obtain access to agency networks and data.
New urgency for state driver's license systems, as air travelers from non-compliant states may soon need new forms of identification to fly.
Security risks will increase when Microsoft stops issuing security patches for some older Internet Explorer browser versions as well as some .NET Framework 4 versions. In April of this year, SQL Server 2005 also will lose extended support.
Looking forward to newer, smarter technologies is not always the most effective strategy for delivering an efficient, nimble and resilient security program. The best advice often is to properly implement the tools and technologies that have been available for years.
The Idaho Department of Agriculture is first agency to deploy the eGovExpress Digital Wallet that consolidates a user’s payment information into one password-protected online account.
Deceased vets’ data has been sent to the wrong widows. Employees have snooped on the records of patients who’ve committed suicide. And whistleblowers say their own medical privacy has been violated. In response, the VA says patient privacy is a priority.
As the nation prepares for the next presidential election, its voting machines are in need of a serious update.
The Department of Homeland Security’s new innovation framework aims to engage non-traditional government contractors, including start-up companies, for solutions to homeland security threats.
The controlled chaos of an emergency creates opportunities not only for accidental data exposure, but also for exploits of sensitive data and the resources that govern industrial control systems.
Enterprises can better protect themselves from cyberattacks if they combine automated network threat detection tools with traditional perimeter security methods, according to a new report from the SANS Institute.
The National Institute of Standards and Technology wants input regarding the implementation and potential improvements of its voluntary Framework for Improving Critical Infrastructure Cybersecurity.