Faced with an endless barrage of threats and vulnerabilities, finding the time to develop a proactive risk mitigation strategy is an uphill struggle for government organizations. With so much energy focused  on protecting the perimeter and preventing network penetration, malicious actors (the enemy with no face) already inside your network often goes unnoticed (case in point, the 2015 OPM breach).

The Small Business Administration (SBA) is facing some tough challenges. According to a Report on the Most Serious Management and Performance Challenges Facing the SBA in FY 2018, the agency’s risk management and cyber posture is in need of “significant improvement”.

Containers offer many advantages for management, deployment, and efficient development of applications.  Like any technology, however, they are subject to attack from malicious actors, and require diligent security.  Vulnerabilities can appear in the container images themselves, in the registry where they are stored, or in the orchestration and deployment of the images.  Let’s take a look.

Image Vulnerabilities & Countermeasures

Cybersecurity is the number one priority for state and county CIOs, according to GovTech. Yet supporting that priority is a perpetual challenge. Another survey finds that top of the list of workforce needs for state CIOs is cybersecurity talent.

From veterans to tax payers, contractors to military personnel, the U.S. government is one of the world’s largest harbors of personally identifiable information (PII). Year after year of security breaches has done nothing but destroy public trust in the government’s ability to protect PII about citizens, employees, and contractors.

Earlier this summer, we wrote about how the Department of Defense is eyeing blockchain technology to improve cybersecurity.

Now, Meritalk reveals that the State Department is also seeking the use of blockchain (the technology behind digital currency like Bitcoin) to protect its cyber infrastructure, improve its IT platforms and restructure the agency.

I bet there was a time you loved your security information and event management (SIEM) system. This central location for managing all the security events on your network. But, as good as it may seem, many IT organizations have a love/hate relationship with their SIEM.

The 2017 DefCon conference featured former World Chess Champion Garry Kasparov, who spoke about artificial intelligence, computers, and of course, chess.  After losing a match to a purpose-built computer in 1997, Kasparov realized that the machine, although it had beaten him, was not truly intelligent:  it had simply out-calculated him, by examining over 200 million chess positions per second.  Kasparov soon devised “advanced chess”, in which a strong human player teams up with a computer.   Advanced chess combines the best human qualities of imagination, judgment,

Federal IT pros are facing “Herculean tasks” when it comes to security challenges, a new survey conducted by DLT partner, SolarWinds, reveals.

As government officials begin investigation of the Equifax breach that exposed the sensitive information of 143 million people, what does the breach mean for agencies themselves? After all, the U.S. government stores far more sensitive data than the private sector, and often stores it on older, more vulnerable systems.