Commercial and industrial equipment – the overlooked government network vulnerability

When we think about or discuss the cyber threats facing government organizations and the United States military, we think about direct attacks on agency network infrastructure, ransomware attacks against schools or local governments, insider threats from malicious actors within the…

New vectors, new techniques – the evolution of DDoS attacks

In 2012, an organized and well-planned DDoS attack managed to take down the websites of some of the world’s largest banks and financial services institutions. When that attack was perpetrated almost a decade ago, the news reports about it called…

TransUnion shares the warning signs and financial impact of an insider threat

When people think about cybersecurity and protecting a company, organization or government agency’s networks and data, they picture cyberwarriors doing battle against sophisticated hackers, opposing nation states or hacktivist groups. And while that’s certainly part of the job, they often…

Coronavirus cyber considerations – six key factors for securing a remote workforce

With more than 4,000 reported cases, and many more anticipated by health and infectious disease experts, the Coronavirus (COVID-19) has many Americans changing their behavior, stocking up on necessities and quarantining themselves in their homes for fear of contracting the…

Why recent cybersecurity legislation is just window dressing

Representative Ro Khanna (D-Calif.) recently introduced cybersecurity legislation that would, “mandate Congress [to] direct OMB to require cybersecurity training for federal employees and include information on the risks of Internet of Things (IoT) devices…” On the surface, this seems like…

The role and impact of SMBs in DoD cybersecurity

Last month, the GovCyberHub sat down with Parham Eftekhari, the Executive Director of the Institute for Critical Infrastructure Technology (ICIT), to talk about the key trends and topics of discussion at the organization’s 2019 Fall Briefing. During that discussion, Mr.…

Polymorphic defense – making your systems “moving targets”

In my recent article on the GovCybersecurityHub entitled, “Solid foundations + innovation = stout cybersecurity,” I talked about cybersecurity can be somewhat unfair. That’s because the economies of scale favor our adversaries. I also talked about the importance of security…

Zero Trust: Buzzword or hack-buster?

Trust but verify: a Russian proverb Ronald Reagan often used to characterize U.S.-Russia relations, especially regarding nuclear weapons. The Internet has made it clear that the “trust” part of the proverb may not work so well. Today, we may have…

The most reliable approach to incident response and forensics

Every government organization has been the victim of a cybersecurity incident. These can range from mundane incidents such as a user leaving their desk without locking their screen, up to a major breach such as the OPM hack in which…

Six cybersecurity trends to watch in 2020

Earlier this month, global endpoint security provider, CrowdStrike, released their Services Cyber Front Line Report. This year’s version of the report looks at key cybersecurity trends and themes that the company observed while responding to and remediating the global threats…