In this industry perspective, GovLoop partnered with OSIsoft to learn more about the PI System and how it’s helped their government partners deliver greater operational improvements and breakthroughs that ultimately lead to comprehensive enterprise transformation.
In this industry perspective, GovLoop has partnered with Merlin International, NetApp and HyTrust to share the value of secure converged infrastructures in government.
Use these six personas to help equip the most important component behind cybersecurity posture: humans.
In this industry perspective, GovLoop, HPE and TSPi partnered to discuss the current state of application security in government, the importance of FedRAMP and how it has allowed U.S. agencies leverage the Fortify on Demand service to increase their agility and reduce cyberrisk and costs.
Learn what cognitive computing is, how it works and how you can leverage entity-centric analytics to be more proactive in preventing insider threats.
In this industry perspective, we’ll explore how to create those appropriate policies, processes and tools with the help of a trusted solutions provider. We’ll explain why agencies are currently struggling to counter advanced attacks, how they can learn from their environment and what they need to evolve their defenses. Finally, we’ll investigate how operationalized security… Read more »
Private companies, organizations and even the federal government spend billions every year on various forms of perimeter security. Between firewalls, IPS/IDS devices, endpoint detection solutions, sandboxing, direct security information and event management (SIEM) monitoring and traditional antivirus and antimalware installations, most organizations seem to be bristling with protections that should make them secure – at… Read more »
In this guide, we will take an in-depth look at the challenges and risks associated with health IT, and explore ways that the government is addressing them.
Learn how government agencies are using the NIST Cybersecurity Framework, where areas of improvement can be made and how to continue cyber education and best practices in government.
Welcome to the GovLoop Academy course on Continuous Diagnostics and Mitigation, a Department of Homeland Security program that provides government agencies automated cybersecurity capabilities to defend against today’s advanced threats. According to DHS, the CDM program helps to “identify cybersecurity risks on an ongoing basis, prioritize these risks based upon potential impacts, and enable cybersecurity… Read more »
Federal networks become increasingly complex as they evolve to support critical internal missions and the delivery of citizen services. At the same time, they face a continuous barrage of probes and attacks from increasingly sophisticated adversaries. To protect complex networks in the face of these threats, federal cybersecurity is evolving beyond periodic assessment of static… Read more »
Cybersecurity is everyone’s priority. Looking ahead to 2017, nothing is changing about that. While government is getting better at addressing cyberthreats, there are remaining challenges. This research brief will outline those challenges and solutions for government to strengthen its cyber posture.
Complexity and a lack of strategic planning undermine our government’s cybersecurity. The government does have the ability to protect our data and IT resources; what is needed is a strategic, risk-based program that prioritizes its most valuable assets.
Bill Bacci, Federal Director of Data Security at HPE, explained why government agencies need a comprehensive approach to enterprise data protection in a recent interview with GovLoop. He also shared how data security technologies can help agencies achieve end-to-end data-centric security without compromising functionality.
There are few constants when it comes to federal cybersecurity. Agencies are bombarded daily with evolving cyber attacks against their sensitive data and systems. They also face a never-ending battle to secure consumer devices that employees are connecting to their networks. Although agencies can’t control the sophistication and frequency of attacks, they can take steps… Read more »
When the Federal Risk and Authorization Management Program (FedRAMP) launched in 2012, cloud computing was a fairly new business model in government. Few agencies were buying IT services and they were struggling to grasp the logistics of cloud procurement, implementation and security. Fast-forward to the present. Virtually every Cabinet-level agency, including the Defense Department, is… Read more »
This guide serves as an overview of critical infrastructure in government today – what it is, why it matters, how each sector works, and what you as a government employee need to know about it. We’ve included overviews of the 16 sectors that make up critical infrastructure in government as a whole, and delve into… Read more »
This pocket guide from GovLoop will look at content security practices in the public sector, why it matters, government rules and regulations related to digital data and its security and current challenges in this area. We’ll also provide tips and tricks that you can apply to help make content at your agency more secure today… Read more »
Read about the current state of cybersecurity in government and how government is working to address its most pressing challenges.
In this industry perspective, GovLoop and Splunk look at how government organizations can bridge the gap between IT operations and security to better meet agency mission and serve citizens.
This GovLoop guide, in collaboration with Splunk, will explore the challenges facing the public sector and how big data can help solve some of these problems. It will also explain how Splunk can support all public sector agency missions from cybersecurity to compliance and more by leveraging machine data.
Managing the balance between security and system performance is a high stakes battleground that operations and security teams must navigate carefully. Building consensus between these groups can be challenging, with one team focused strictly on security, while the other wants to ensure uptime and high performance for existing or new services. These competing priorities and… Read more »
The printer should be included in your agency’s overall security policy and compliance.
As government relies more heavily on information technology to store, manage and access critical data, it also creates greater potential for that information to be misused or exposed. Data clearly shows that internal threats and external hackers are taking advantage of those vulnerabilities. To help safeguard this ever-expanding attack surface, public key infrastructures, or PKI, have become a standard… Read more »
This Industry Perspective will assess these challenges and offer insights into how existing solutions and technologies can help agencies address advanced persistent threats effectively.
Replacing outdated infrastructure with modern secure technology not only reduces security risks but also improves efficiency, productivity and service delivery in our digitized world.
In this report, we explain how your organization can better enable cyber staff through training, testing employee skill sets and utilizing intelligence with data and analytics to make smarter decisions and respond appropriately to cyberthreats.
This GovLoop guide looks at the current state of government health IT, innovations and how government is driving the adoption of IT in health care
The federal government is spending over $80 billion per year on its information technology (IT), but estimates say as much as $20 billion of this is wasted through poorly managed acquisition and implementation. Enter FITARA. The goal of the Federal IT Acquisition Reform Act (FITARA), enacted on December 19, 2014, is to mitigate this problem… Read more »
Check out this new report to learn how proper authentications can help keep your systems secure and your employees productive.
Welcome to the GovLoop Academy course on Distributed Denial of Service (DDoS) attacks, where you will learn about what they are and how your agency can prevent and respond to them. By taking this course, you will be enrolled in five lessons about DDoS attacks and how to prevent them. We will explore what DDoS… Read more »
It seems like every time you check the news, you read another alarming headline like “Database leak exposes 191M voter registration records” and “21.5 million exposed in second hack of federal office.” It’s clear that government is fighting a constant war in cyberspace, and it’s occasionally losing. But is that the whole story? What’s often… Read more »
There are few issues more pressing in government today than cybersecurity. The stakes have become increasingly high as hackers routinely exploit known and unknown computer vulnerabilities and infiltrate government networks to steal sensitive data and cause harm. With that in mind, what options do agencies have when it comes to detecting and defending against these… Read more »
Government has entered a new era of cybersecurity threats. With cyber attacks being directed more at applications now, agencies need transformative solutions that are simple, secure, and cost-effective. An enterprise application delivery control, like Citrix Netscaler, can help your agency combat cyberthreats while maintaining cost-efficiency. This infographic explains: Current challenges in the new era of cybersecurity How… Read more »
Every January, the President of the United States makes the 1.5-mile journey from the White House to the Capitol Building to address the three branches of government and the public through the annual State of the Union speech. For more than 200 years, presidents from George Washington to Barack Obama have taken the opportunity to… Read more »
Better understand the changing needs of government printing, how to overcome current challenges in the field and more with this new research brief.
The federal budget, the president’s State of the Union, and myriad ongoing agency initiatives highlight how dedicated the federal government is to improving cybersecurity in 2016. But before we dive into a new year with new initiatives, it’s important to understand how we got here – what attacks we’ve endured and the progress we’ve made to get… Read more »
Agency leaders must proactively assess their networks for intrusions and be ready with an effective incident response plan if a breach is detected.
Interest in government cybersecurity has never been higher. High-profile leaks by Edward Snowden and Chelsea Manning, coupled with external attacks on entities including the White House, have attracted a spotlight. But after data on 21.5 million federal employees and their families were exposed in the breaches of the Office of Personnel Management’s Information systems, many more… Read more »
Gone are the days when cybersecurity was just an information technology problem. In 2015 alone, eBay, LivingSocial, Adobe, Evernote, Home Depot and JPMorgan Chase joined the ever-growing list of companies facing major security breaches. And it’s not just about compromised data: The breaches also amount to millions, if not billions, of dollars in lost revenue,… Read more »
The recent breach of Office of Personnel Management data affected 22 million records, but its ramifications are, in fact, even more far-reaching than that. Media coverage of the event ensured that many more people worldwide are aware of the U.S. government’s cybersecurity shortcomings and those people are demanding a swift response. It’s in this very… Read more »
The Federal Risk Authorization Management Program (FedRAMP) is a governmentwide program that provides a standardized approach for assessing the security of cloud products and services, authorizing them for government use and continuously monitoring the long-term security of those cloud solutions. Here’s why FedRAMP needs to be on your radar:
In 2015 so far, the number of people affected by U.S. government cyberattacks has reached an all-time high. From the OPM breach to lesser-known attacks, cybersecurity is rightfully a massive concern for government officials. Although many cybersecurity conversations have centered on online vulnerabilities, few have adequately addressed the physical threat that individuals with privileged access present. Undoubtedly, the public sector would benefit… Read more »
Whether we like it or now, recent events have impressed the susceptibility of government organizations to cyberattacks. But when you read the headline, “Agency Information Exposed!”, do you actually know what that means? Do you really understand what cyberattacks look like, how they’re executed, or who pays the real price when they’re successful? This infographic explains how… Read more »
Public servants have always been on the frontline of American defense, whether serving in combat positions or conducting analyses at a desk. They have long protected our infrastructure, economy, freedoms, and national interests. In the current age of cyber insecurity, those duties have never been more important. Every employee at every level of government is charged with protecting our information from foreign and… Read more »
The battlefield is changing for American forces. It is larger, now spanning cyberspace and even outerspace, and it is more crowded with new, aggressive actors including non-state terror groups and solo hackers. In order to maintain control of this increasingly expansive and diverse threat environment, the Department of Defense must transform its organization, its people, and its strategies. And… Read more »
Cyberthreats present serious, ever increasing risks to federal agencies. An April 2014 Government Accountability Office report notes that federal agencies reported 64,214 information security incidents to the U.S. Computer Emergency Response Team (US-CERT) in 2013, a 104 percent increase from 2009. Government has responded through legislation, executive orders, and cross-agency priority (CAP) goals that put… Read more »
Recent highly publicized security breaches have recently brought insider threats into the eye of the mainstream. But federal government employees already know that insider threats are an ever-present hazard to government security and operations. To learn how agencies can minimize the risk of insider threats without further burdening their overstretched agencies, GovLoop sat down with Patricia Larsen,… Read more »
Cybersecurity is the hottest buzzword in government these days. But just because people are talking about it, doesn’t mean they actually know how to achieve it. In reality, many government organizations are struggling to secure their data from internal and external threats. Taken alone, cybersecurity is challenging. The speed of evolution and the consistency of… Read more »
In the face of mounting threats, government has established cybersecurity as a top priority. But how exactly will local, state, and federal agencies accomplish the mission of securing critical information and infrastrcuture? Rather than taking on threats alone, every facet of government has to work together to create a comprehensive and robust cyber strategy. Each… Read more »
Many news outlets declared 2014 to be “The Year of the Breach,” especially for government. The title seems appropriate. Last year, the U.S. Postal Service (USPS), the Nuclear Regulatory Commission, the State Department, and even the White House fell victim to successful hacks that resulted in sensitive information being exposed to adversaries and the public…. Read more »
To become more resilient against cyberthreats, agencies must improve visibility and understand events happening on their networks. With increased awareness, organizations will see operational benefits and save employees valuable time, improving productivity and morale. To achieve these benefits, agencies need to deploy the right kind of infrastructure. They must look to a platform approach and… Read more »
In our interconnected and highly-globalized world, agencies must deploy emerging technology to improve service delivery and connect employees to data anywhere, anytime. But as trends like cloud, virtualization, telework and mobile continue to gain traction in government, cybersecurity cannot be an afterthought: it’s mission critical. And now, more than ever before, mitigating the impacts of… Read more »
The rampant increase in cyberattacks, mounting regulatory requirements, and the constant concern over insider threats mean that securing your agency’s resources is more important than ever. Yet at the same time, agencies face budgetary constraints, staff shortages, and a host of conflicting priorities that result in basic security protocols—things like ensuring users have appropriate access… Read more »
Given the mounting threat of cyber attacks coupled with a proliferation of information now accessible online, multilayered identity management systems are more important than ever to any agency’s security infrastructure. Fortunately, most organizations understand the necessity to protect online information by creating stringent verification processes for users. Simply ensuring that the right person is accessing… Read more »
In December of 2012 the Department of Defense (DoD) developed the Joint Information Environment (JIE) framework. JIE is an ambitious multi-year effort designed to realign, restructure and modernize the Department’s information technology networks. The JIE framework will change the way DoD networks are constructed, operated and defended. Since JIE is not a program of record,… Read more »
In 1988, Robert Tappan Morris became the first person to be convicted under the U.S. Computer Fraud and Abuse Act. Curious about how big the Internet was, Morris wrote a script now known as the “Morris worm.” He never intended to inflict harm to machines, but as the worm replicated and spread throughout the Internet,… Read more »
The world of cybersecurity is immense. The jargon surrounding the subject is nearly as varied. Here are a few examples: There’s malware, damage, espionage, regulation, education, viruses, advanced persistent threats, partners, reputation insider threats – and that’s just a small sample. Adding to this complexity is a common disconnect between technology experts within the organization,… Read more »
In today’s world, it’s imperative that government protects our critical infrastructure to preserve our physical and economic security. To do so, cyber professionals must obtain real-time visibility of networks, improve ability to mitigate known flaws and decrease security risks by reducing their vulnerabilities. That’s why the CDM program is so important. The program enables agencies to decrease… Read more »
In a new infographic, SwishData shows you the anatomy of a hack. Follow along with the story to learn about how a government employee (let’s call him Bob) was hacked, and learn how you can protect yourself — and your agency.
In today’s digital world, no organization is immune from cybersecurity threats. Whether it’s Target, LivingSocial, the Federal Reserve or any other public-facing institution, every organization is at risk of having its data and infrastructure compromised. For security professionals today, being secure isn’t just about thwarting attacks – it’s also being prepared to react once you… Read more »
GovLoop is pleased to produce this most recent guide in its “Agency of the Future” series, this time turning our attention to the important matter of mobile security.
Many agencies find themselves in a precarious position, having employees that need to access classified information AND have access to web search tools at the same time.
This report provides an overview of the current cybersecurity landscape and the ‘need to know’ cyber information for government professionals.
Cyber threats are rising rapidly and government needs an alternative, secure solution to the present operating environment where multiple machines are required for multiple types of information. This Industry Perspective explains the robust, unparalleled advantages of SecureView, a low-cost, MILS (Multiple Independent Levels of Security) workstation with accredited cross-domain security developed in close collaboration between… Read more »
As agencies begin to deploy cloud computing, mobile and big initiatives, it’s important to realize that emerging technology is essential to meet growing public sector demand. Yet, emerging technology may also expose agencies to increased risks. This infographic puts cyber security in focus, showing current trends in cyber security at the federal level, adoption of… Read more »
The Identity Ecosystem steering group, which seeks to provide a marketplace with multiple identity providers that issue trusted credentials, has 1100 individuals and 450 companies and federal agencies participating. They chose five organizations to pilot identity solutions. Below are the agencies and what they are doing to reduce cyber crime and identity theft.