The role and impact of SMBs in DoD cybersecurity

Last month, the GovCyberHub sat down with Parham Eftekhari, the Executive Director of the Institute for Critical Infrastructure Technology (ICIT), to talk about the key trends and topics of discussion at the organization’s 2019 Fall Briefing. During that discussion, Mr.…

Why leadership is essential for government cybersecurity – a Q&A with ICIT

The federal government is facing a confluence of factors that make defending their networks increasingly difficult at a time when the number and sophistication of the malicious actors attacking them is only increasing. That’s what we heard when we recently…

Why recent cybersecurity legislation is just window dressing

Representative Ro Khanna (D-Calif.) recently introduced cybersecurity legislation that would, “mandate Congress [to] direct OMB to require cybersecurity training for federal employees and include information on the risks of Internet of Things (IoT) devices…” On the surface, this seems like…

Compliance – is it becoming too big of a thing?

You have heard it enough to make you aim a fire extinguisher at your firewall: “compliance does not mean security.” Compliance work can consume up to 70 percent of security budgets in federal government agencies, and it is common to…

The ROI of cybersecurity solutions – does it exist?

What is the return on investment? Is it worth the money? That is the central question both government and industry ask themselves when deciding on any procurement. Unfortunately, demonstrating the ROI of cybersecurity products is notoriously difficult. And that’s one…

Security and compliance – they’re not the same thing

News Flash: Being compliant doesn’t mean you’re secure, any more than implementing security guarantees that you’re compliant. That’s right, compliance does not equal security. Compliance and security are separate and distinct goals. So, what is the difference? Compliance requires that you meet…

Eight audit and compliance questions for government agencies

Conducting audits are an integral part of monitoring cyber risk and compliance. That’s because the systematic review of any agency’s processes and procedures are essential for identifying risks that can jeopardize compliance with standards. Beyond that, not knowing when and…

Can Analytics Help the Military Better Plan for Cyberattacks?

According to a recent report by Booz Allen Hamilton, The sheer complexity of military systems, the numerous interconnections between systems and missions, and the siloed nature of military organizations makes it difficult for the senior military leaders to quickly and…

Military Struggles to Identify Full Impact of Potential Cyber Attacks

Today’s weapon systems used by our warfighters against our largest adversaries are increasingly network-enabled. Unfortunately, the network-centric nature of these systems opens them up for cyberattack – making it possible for our adversaries to deny our military’s weapon systems when…