The OPM breach of 2014/2015, the largest government cybersecurity breach in history, was easily preventable. That’s according to a report released by The House Committee on Oversight and Government Reform published on September 7^th, 2016.

The report, titled: “How the Government Jeopardized Our National Security for More than a Generation” urges federal CIOs to act:

When your agency detects a network attack, you need to act fast to understand what’s going on. But getting the insights and analytics you need takes time and often doesn’t trace threats back to the source.

Security Information Event Management (SIEM) tools have been around for quite some time. SIEMs are great for aggregating log files, parsing them, and using real-time correlation rules to spot security incidents. But more advanced incidents can evade detection by your SIEM. Finding those evasive threats becomes a lot easier if you employ threat hunting.

Does your organization suffer from security fatigue? They probably do. That’s according to a new study from NIST.

Common symptoms of security fatigue include updating your password with a slight variation on the last one and a “weariness or reluctance to deal with computer security.”  All of which can cause computer users to feel and act recklessly.

Security has become one of the biggest IT challenges in the last 20 years. Regulations, threats, and the many different ways in which adversaries can gain access to sensitive network infrastructures, particularly within the Department of Defense (DoD), have spurred cyber priorities and strategic goals. These include defending the DoD information network, securing DoD data, and mitigating risks to DoD missions (Strategic Goal II) while being prepared to defend the U.S.

Cybersecurity, or lack thereof, was a hallmark of the 2016 election season. With Clinton’s campaign chairman, John Podesta, being chief among the targets of cyber attackers. In March of this year, Podesta fell victim to the oldest trick in the book – phishing – which led to the subsequent hacking and Wikileaks-led disclosure of hundreds of thousands of emails.

Data dissemination and file sharing between agencies and law enforcement authorities is a natural part of government business. But what happens when those files leave the security of domain-controlled network drives and content management systems?

Cloud computing has made collecting, storing, and processing data easier and cheaper than ever. Agencies are increasingly leveraging big data to drive actionable insights and improve cyber threat detection. Furthermore, more than 60% of agencies are using big data to reduce costs and operating expenses, writes Information Week.

Our very own Chief Cybersecurity Technologist and Institute for Critical Infrastructure Technology (ICIT) fellow, Don Maclean, recently joined fellow fellows Robert Lord (Protenus), John Menkahart (Securonix), Dr. Ron Ross (NIST) and ICIT co-founder and senior fellow, Parham Eftekhari on Capitol Hill to discuss the risks and threats associated with cyber attacks on healthcare facilities.

Nothing seems to surprise us anymore when it comes to cybersecurity. Attacks against government agencies and businesses are constantly in the headlines. Just last year, DLT partner, Symantec, discovered more than 430 million new unique pieces of malware across its Global Intelligence Network – that’s an increase of 35% over the previous year.