Why Cybersecurity Should be Your Top Priority This Federal Year-End
If you’re wondering where to spend your federal fiscal year-end dollars, no doubt cybersecurity is top of mind. With threats increasing and constantly evolving, protecting federal systems, networks, and data has never been more important.
But this year, there’s a new imperative for federal CIOs – the Presidential Executive Order on Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure.
The Cyber Shield Act – Modernizing Security Standards for IOT
The Cyber Shield Act, commissioned by Senator Ed Markey, recommends the establishment of a voluntary program to institute uniform cybersecurity and data benchmarks for consumer devices. The goal of the bill is to improve consumer decision making from the point of purchase, standardized by industry and maintained by manufacturers – similar to an EPA energy rating on appliances, or NHTSA safety rating on automobiles.
What is Privilege Management and Where Do You Start?
What does privilege have to do with your agency’s security controls? The fact is that most data breaches start with privilege abuse. Think Edward Snowden. In the wake of his leaks, the NSA pledged to reduce system administrator privileges by 90%. Then there are outsiders. Most recent federal data breaches originate from attackers who exploited the login accounts of employees or contractors to gain access to sensitive data.
How to Achieve NIST Compliance in the Cloud - On-Demand Webinar
In our recent webinar, three industry experts dissected the recently revised primary standard for security controls for federal information systems, NIST 800-53 revision 4. As more agencies in the public sector and their partners move to the cloud, security remains a top concern. Thought leaders from DLT, AWS and Evident.io exchanged perspectives on what NIST 800-53 compliance means for government agencies and private organizations alike.
Detect and Secure IoT and Rogue Devices, While Satisfying NIST RMF Security Requirements
We all know that the Internet of Things (IoT) is here. But IT professionals responsible for enterprise communications networks aren’t exactly sure where IoT resides on their networks or whether these devices are secured. Rogue devices are everywhere (although not all are out to steal the blueprints to the Death Star) but according to a survey sponsored by ForeScout Technologies, only 30% are confident that they know what IoT devices are on their network.
A Security Wish List for the New Administration Starts with Multi-Factor Authentication
Late last year, the government’s Commission on Enhancing National Cybersecurity published a detailed report, at President Obama’s request, to provide short- and long-term recommendations to strengthen cybersecurity in the public and private sector (you can read the full report on the NIST website).
The Problem of Employee Security Fatigue and How to Overcome It
Does your organization suffer from security fatigue? They probably do. That’s according to a new study from NIST.
Common symptoms of security fatigue include updating your password with a slight variation on the last one and a “weariness or reluctance to deal with computer security.” All of which can cause computer users to feel and act recklessly.
What Should Government Agencies Do When they Discover a Data Breach?
Data breaches are an unfortunate fact of life for government agencies – Edward Snowden being the most infamous case. And although agencies have taken steps to protect themselves, the growing number of breaches continues to frustrate IT and legislators alike.