Securing Health Data Means Going Well Beyond HIPAA
Latest Articles
Secure, High-Quality Software Doesn’t Happen By Accident
Static and dynamic analysis can expose hidden flaws in software and help assure programming is efficient, secure and maintainable from the start. That’s a whole lot better than finding out the hard way: after a breach or failure.
IOT Security Risks Begin With Supply Chains
The Internet of Things (loT) greatly expands the attack surface of federal networks – and many connected components may be purchased outside of the normal technology supply chain. Developing standards and best practices is essential to balancing the power of IoT with government’s growing security needs.
Getting Past Passwords for Mobile Device Security
Government needs better ways to authenticate mobile users. Even as device makers and carriers improve security, new measures and authorities may be needed to protect the federal mobile ecosystem.
Why Modernization Is Key to National Cyber Strategy
The president’s executive order on cybersecurity emphasizes systems modernization and cloud as a first step toward emphasizing protection of data rather than the network itself.
Homeland Security
What's New
Proactive Resilience: The Future of Cybersecurity
Today’s state of the art in cybersecurity is operational resilience – the ability to keep operating in the midst of a disruptive attack. Tomorrow’s state of the art is what Carnegie Mellon CERT’s Summer Fowler calls “prosillience” – the ability to anticipate and adapt before disruptions strike. Here’s how we’ll get from now to then.
OneNet vs. IC ITE vs. JIE: 3 Ways to Consolidate Fed Networks
President Trump’s Cyber Executive Order calls for consolidating federal networks into a single architecture. Here’s how three parts of government are already doing just that.
Border Security Concerns Aren’t Limited to the South
Solving the southern border will affect security in other parts of the country, as well. Re-Locatable Video Surveillance Systems offer the kind of flexibility the U.S. Border Patrol needs to put resources wherever they’re most needed.
Talking Tech Videos
What We’re Reading
The Defense Department Will Soon Use More Secure Email
The U.S. Department of Defense will soon start sending more secure emails.
The Defense Information Systems Agency (DISA), the body in charge of the Pentagon’s email, said it plans to enable stronger encryption on all emails by July 2018.
In Quest to Replace Common Access Card, DoD Starts Testing Behavior-Based Authentication
A year after then-chief information officer Terry Halvorsen first publicly floated the idea of killing DoD’s Common Access Card in favor of a collection of more flexible authentication technologies, the Pentagon is beginning to test drive at least one of the potential replacements for the CAC.
Last week, the Defense Innovation Unit-Experimental reached an agreement with Plurilock Technologies, a Victoria, British Columbia-based firm that holds several patents on behavior-based authentication (or, “behaviour-based,” to our friends to the north).
Local Governments Focus on Cybersecurity After Attacks
Terri Bettinger paid close attention to the recent cyberattacks on the websites of Ohio government agencies, banks and other businesses. She hoped to learn lessons to better defend the information she oversees.
Bettinger is the chief information officer for Franklin County and head of its Data Center, which collects, stores and protects government data from property tax bills to court and medical records. She knows the system will be hacked.
DHS needs better information security practices, audit says
The Department of Homeland Security needs to up its game on information security, according to an audit released last week.
Private sector auditor KPMG conducted after-hours walkthroughs of employee workstations in the department’s Office of Financial Management and the Office of the Chief Information Officer, and found sensitive information — like passwords — left out and unattended.
Without Latest Version of WIN-T, Army Commanders Will Be Easy Targets in Next War
For the U.S. Army, the global war on terror is beginning to look like the good old days. It was a long fight that is not yet over, and as usual, the Army has suffered most of the joint-force casualties, but at least terrorists don’t have long-range fires, tactical aircraft, heavy armor, sophisticated cyber weapons or electronic-warfare capabilities.
Lawmakers: How Many Cyber Threat Centers Does the Government Need?
The Health and Human Services Department’s cyber threat sharing center hasn’t reached initial operating capacity yet, but a pair of senators already wonder if it’s a redundant effort.
Trump: ‘Bold thinking’ Is Needed To Solve Federal IT Challenges
President Donald Trump is calling for agencies to embrace big change, bold thinking and outsider perspectives to transform government technology. The White House kicked off tech week by hosting 18 private sector technology leaders from companies such as Amazon, Apple and Google at the American Technology Council meeting on June 19.
Cyber Protection Teams Need More Intelligence, Say Officials
Intelligence drives operations. The same can be said for quick-reaction cyber forces when responding to an incident.
HHS Warns of Fresh WannaCry-like Attacks After Microsoft, DHS Reports
Microsoft has released new patches for Microsoft XP and Server 2003 systems while DHS pointed to an increase in North Korean cyber activity.