Information Assurance

Virginia considers decertifying touchscreen voting machines

The state could accelerate the move to systems that provide a paper trail for election audits.

  • By Matt Leonard

How to get both better data and more privacy

The Evidence-Based Policymaking Commission is pushing for a federal service that facilitates access to data for evidence building and ensures privacy and transparency in how that data is used.

  • By Chase Gunter

Can blockchain spark a government services revolution?

The technology that underpins the Bitcoin crytocurrency has the potential to power all sorts of innovative government services.

  • By Adam Hughes and Blake Carpenter

3 elements for success for the FISMA High cloud

When government agencies combine solutions from cloud providers with third-party products, they can set up monitoring and access controls to provide the same data integrity they would expect from their own systems.

  • By Nick Evans

Happy birthday HSPD-12; there’s still a long way to go

The presidential directive mandating interoperable smart government ID cards is 10 years old this month, and represents an impressive effort to specify and implement the technology. Now we need to put it to use.

  • By William Jackson

CANES tech will propel future Navy networks afloat

The Navy’s Consolidated Afloat Networks and Enterprise Services project will standardize and consolidate systems the Navy’s afloat network.

  • By GCN Staff

DISA approves AWS for more sensitive workloads

The Defense Information Systems Agency authorized Amazon Web Services as the first commercial cloud approved at “security impact levels” 3-5 for highly sensitive workloads.

  • By GCN Staff

Will Knox tip government buyers toward Android?

Samsung’s Knox containerization technology, together with sophisticated vetting in defense and security circles, is gaining traction in federal, state and local markets.

  • By Brian Robinson

Insider threats add pressure for real-time fixes to workforce risks

The Snowden and Wikileaks affairs, as well as potential threats from other insiders, has ratcheted up the urgency for a near-real-time analytic approach to government insider workforce risks.

  • By Brian Robinson

New tools link enterprise, perimeter and next-gen security

Point solutions to protect the perimeter of the enterprise are not obsolete, but a new generation of tools is arriving to complement them and provide the awareness needed to defend against new complex and targeted threats.

  • By William Jackson

Big data takes on the kill chain

Big data systems can correlate structured and unstructured data to paint a complete picture about an agency’s overall IT health and offer insight into the sophisticated threats.

  • By Mark Seward

Heartbleed prognosis: Long, laborious discovery, recovery

Described as "one of the scariest bugs I've seen" by a DOD technical analyst, Heartbleed could leave agency systems from enterprise email to Web sites vulnerable to attack.

  • By Brian Robinson

NIST, DHS push security automation to the next stage

SCAP sets standards to ensure products work together, while Einstein is evolving into an automated tool that will not only detect, but block, malicious code.

  • By William Jackson

New risk on the block: Bring your own cloud

What agencies can do to manage the risks of using consumer cloud accounts such as iCloud, Evernote and Dropbox to store and access business data.

  • By Susan Miller
Featured eBooks

DARPA takes multipronged approach to securing military's cloud

As DOD moves into cloud computing, pilots and projects look to assess risk and develop multiple layers of network defense.

  • By Kathleen Hickey

5 programs break down the elements of an identity ecosystem

Groups will run a variety of pilots for trusted identities covering areas ranging from first-responder authentication and secure business transactions to the exchange of health care information.

  • By William Jackson

DIA message system slashes clearance-level red tape

Two-stage DIA protocol preps documents to move at 'moment's notice' across separate security domains.

  • By Brian Robinson

Report: 2 states' online registration systems vulnerable to hackers, fraud

Flaws in the voter databases in Mayland and Washington state would allow hackers to effectively prevent people from voting, the New York Times reports.

  • By GCN Staff

Using a ‘sinkhole’ to squash the Nitol botnet

Microsoft has reached a settlement with the operators of the 3322.org domain in China to “sinkhole” traffic to 70,000 malicious subdomains.

  • By William Jackson

Agencies yet to 'crack the code' on mobile management, security

Mobility is key for unlocking productivity, but government still struggles to securely manage mobile devices and their data, agency IT leaders say.

  • By William Jackson

CyberScope falls flat on improving IT security, feds say

Most federal officials questioned in a recent survey said that requirements for continuous monitoring of security status have not reduced risk in the IT systems.

  • By William Jackson