Phishing has existed for almost two decades – and for very good reason. Everyone can be targeted by it. It’s still just as effective as ever. And there’s really no way for surefire way for security professionals to keep every…
Deborah Blyth on the Lessons Learned During Seven Years as Colorado CISO
While fighting wars is almost exclusively the responsibility of the U.S. Department of Defense, today’s state and local governments find themselves on the front lines of a battle. And, unfortunately for them, it’s a battle where they’re constantly on the…
Threat Intelligence Report Shows the Bad Side of Innovation
Earlier today, NETSCOUT’s ATLAS Security Engineering and Response Team (ASERT) released their Threat Intelligence Report featuring findings from 1H 2021. The report analyzes the data generated by NETSCOUT ASERT in their work defending the networks of government agencies and large…
CISA NRMC AD shares five steps for getting our nation’s cyber risk under control
Recently, CrowdStrike held its annual Fal.Con for Public Sector Conference, which brings together leaders and decision-makers from across the public sector, education, and industry to discuss protecting and managing government data and networks. The Fal.Con for Public Sector Conference featured…
Safeguard your data against a ransomware attack with these ten data protection principles
Last month, it was announced that a vulnerability in a remote management and monitoring tool utilized by many managed service providers (MSPs) had been exploited to launch a massive ransomware attack that impacted not only those MSPs but possibly their…
NIST, NSA, DoD, or HHS – which zero trust recommendation makes the most sense?
In May of this year, the Biden Administration released an executive order focusing on cybersecurity that mandated government agencies put a zero trust plan on paper within 60 days. This executive order certainly made headlines within and around the Beltway,…
Government Digital Transformation and Modernization in Just Three Easy Steps
The need for modernized information technology at government agencies is long-established, but progress toward transformation is often slow-moving. As recently as 2019, the Government Accountability Office found that 10 critical systems at 10 agencies were eight to 51 years old.…
Four added benefits of identity and access management
The global, dynamic, and interconnected nature of IT enterprises today – and a proliferation of security threats – require protections that limit the damage attackers can do once they’re inside the agency firewall. Knowing that cybersecurity threats are only increasing…
More scalable AND secure –Brian Schoepfle of AWS on the security benefits of government cloud initiatives
In 2011, the Office of Management and Budget (OMB) released the Federal Cloud Computing Strategy, also known as “Cloud First.” The purpose of Cloud First was to mandate the Federal Government’s transition to the cloud, which would facilitate the modernization…
APIs and IaC – Two New AppSec Imperatives for Development and Security Teams
Application vulnerabilities are among the largest, most exploited vulnerabilities that hackers use to compromise and breach organizations. With applications becoming more prevalent and relied upon, the need to focus on application security becomes absolutely essential. But what many people don’t…