The recent SandWorm report on cyber espionage against NATO highlights the need for strategies such as the cyber kill chain to detect and disable stealthy, zero-day threats before they bleed you dry.
Shortly after the Heartbleed bug caused a panic in security circles, along comes something which could be even more serious and the reaction seems to be one big yawn.
Growing resources and increasing attention being paid to continuous monitoring could help agencies consolidate last year's gains in FISMA performance.
While the private sector is winding down its use of the decades-old algorithm in their products, government is still grinding out SHA-1 certificates.
It’s not a competition, but neither provides completely secure or effective access control on its own. What is needed is an appropriate combination of technologies.
Secure Socket Layer-based encryption remains vulnerable to attack despite promising efforts to tighten management of the humble but critical security protocol.
Recent hacks of celebrity data that had been saved to the cloud illustrate the need to be aware of what your mobile devices – agency-issued or BYOD – are doing and where the data is going.
Malware innovators are evading automated analysis, forcing agencies to secure virtual machines and networks as completely as other classic IT.
The presidential directive mandating interoperable smart government ID cards is 10 years old this month, and represents an impressive effort to specify and implement the technology. Now we need to put it to use.
Samsung’s Knox containerization technology, together with sophisticated vetting in defense and security circles, is gaining traction in federal, state and local markets.