Author Archive

Karen Epper Hoffman

Karen Epper Hoffman is a freelance writer based in the Seattle area.

Going viral: Considerations for agency tech preppers

As the coronavirus becomes increasingly challenging for all enterprises, agency IT managers must consider how this virus might affect their employees, internal operations and future preparedness planning.


5G inherits some 4G vulnerabilities

The move to more sophisticated 5G mobile networks has been heralded as a leap forward for system security, but potential for on-going intrusions still exists, according to at least one industry expert.


Hacking for the public good

Information security research and hacking are creating positive developments for the public and private sectors.


No-surprise attack: Creating a database for online incursions

Building a knowledge base of adversary tactics and techniques based on the MITRE ATT&CK framework can greatly improve organizations' preparedness and breach response.


Why security demands a software bill of materials

In his effort to ensure enterprises know what is in their software, one government executive working to make a software bill of materials a reality.


Want better security? Look to the autism spectrum

Employees on the spectrum can boast cybersecurity skills that go far beyond the usual hacker.


The uphill battle for network defense

Protected virtual environments combined with greater transparency and better threat intelligence sharing offer agencies the potential to mitigate cybersecurity threats.


Attackers hijack state agency server for malware

Online criminals were able to surreptitiously plant malicious code on government servers in at least one state to create a "malware infection chain" likely to dupe other targets.


Finding flaws in the system

Missouri's Office of Cyber Security scans systems of enterprises that operate in the state to find common vulnerabilities.

Data & Analytics

'Minority Report' moves closer to reality

Big data analytics helps officials identify criminals and terrorists, while virtual reality training improves agencies’ situational awareness and responses.


Tax scam: A game of speed and numbers

The IRS might be outgunned in the fight against tax fraud.


Taxing times to fend off cyber fraud

Seeing the tremendous value of personal information on the average tax return, cyber criminals are hitting the IRS, the Department of Education and many businesses in hopes of stealing tax records and data.


Machines learning evolves, and hackers stand to gain

Automated systems that teach themselves can be manipulated by adversaries.


The new building block(chain) of health care records management

A scalable, secure data exchange ecosystem can support high-quality research while safeguarding against breaches of sensitive patient data.


Questions persist for national cyber strategy

Fundamental issues relating to domestic and foreign cybersecurity threats were discussed by experts at the recent RSA Conference.


What’s keeping states from adopting CDM?

Technically, state and local governments can buy tools and services from the Department of Homeland Security’s Continuous Diagnostics and Mitigation program, but few have jumped on board.


After an attack: How to keep a bad situation from getting worse

Cybersecurity teams must understand what happened during a breach in order to prevent it from happening again.


How cyber pros can stay on top of their game

Government info-security pros need not only the acumen and the skillset to understand the overarching cybersecurity threats that an agency may face, but also an understanding of the threats targeting the public sector.


IoT broadens attack surface of smart cities

As smart cities start investing in connected devices, there is arguably a much broader threat vector from botnets taking advantage of the unsecured Internet of Things.


DHS working to protect emergency call centers against denial-of-service attacks

With more government services facing potential cyberthreats, the Department of Homeland Security is working to lower the risk and impact of potential telephone system-based attacks on 911 call centers.