Automated Identity Proofing Takes a Bite out of Waste, Fraud and Abuse
Every year, government loses billions of dollars to waste, fraud and abuse. Digital services are especially vulnerable, because agencies often struggle to confidently verify the identity of a person conducting a transaction without resorting to a lengthy manual process. This video explains how identity proofing can help agencies reduce the risk of fraud while alsoRead… Read more »
How State and Local Agencies Are Strengthening Their Cyber Posture
State and local agencies and educational institutions face numerous challenges in responding to the threat landscape, including limited staff, tight budgets and an over-abundance of point solutions. In this video, explore how state and local agencies can work together to create a more robust, comprehensive and cogent cyber posture. Watch now: Brought to you by:
The App Security Imperative: Closing the Cyber Gap
Government agencies have a mandate to protect citizen data, but vulnerable code, faulty design and an insecure supply chain can leave gaps in cybersecurity. This video explains how to close those gaps by building, maintaining and continually validating software inventory, and incorporating testing throughout the development process to improve application security. Watch now: Brought toRead… Read more »
Deploying Zero Trust Network Access to Drive Improved Cybersecurity
As agencies embark on their journey to zero trust, they’ll find no lack of tools to help them on their way. The problem is that it’s not always clear which tools you need or how to put them all together. This video will discuss how a Zero Trust Network Access solution can provide a roadmapRead… Read more »
How to Break up With Your VPN (and Improve Security)
Many remote workers use VPNs to gain secure access to government applications and data. Unfortunately, if a significant amount of traffic hits the VPN at once, it can cause performance problems that hinder productivity and add opportunities for cyberattacks. Check out this video to see how agencies can solve both issues by providing a simple andRead… Read more »
Keeping Data Secure in a Digital Workspace
Digital collaboration is a good thing, right? Of course, it is. But it’s also a potential cybersecurity risk. The problem is that zero trust and other approaches to cybersecurity don’t account for the data shared in digital workspaces. This free, four-minute video explains how to protect that data without crimping collaboration. Watch, Keeping Data SecureRead… Read more »
Why Zero Trust? Why Now?
In this video, we will step you through this journey to zero trust, from establishing some guiding principles to cultivating a zero trust culture. Watch, Why Zero Trust? Why Now?, now: Brought to you by:
All Aboard! 6 Stops on the Journey to Better Security
There’s no getting around it: Malicious cyber actors see state and local agencies as prime targets – both because they manage so much sensitive information and because they often and because they generally don’t have enough cyber resources. But don’t give up hope! In this video, we will review six tactics that can help yourRead… Read more »
5 Steps for Stopping Mobile Threats Before Damage Is Done
No one likes to think about it, but every time an employee uses a mobile device to access an agency’s network, they might be opening a back door to a malicious actor. And you better believe that malicious actors know it. But take a deep breath and watch this video to learn how agencies canRead… Read more »
Embracing the Zero Trust Framework
Today’s network operations no longer follow the old rules where everything that was enclosed within the network boundaries was assumed to be trustworthy and only external connections were suspect. This video will provide agencies with a framework that they can use to help them develop a comprehensive zero trust approach. Start the video: Brought toRead… Read more »
How to Spot and Handle a Phishing Attempt
This four-minute video explains how to avoid falling victim to one of the most dangerous and insidious threats: email phishing attempts.
Enabling Zero Trust for Your Mobile Devices
This video, developed in collaboration with Lookout, will explain the importance of Zero Trust for mobile devices. Watch now for free: Brought to you by:
How Threat Hunters Use Data Analytics to Shut Down Attackers
Learn how right data analytics solution can reduce volume and noise, giving threat hunters and analysts the upper hand.
Your Playbook for Protecting Against Cyberattacks
This video explores how you can create a playbook for hybrid cloud security, and highlights five best practices for building on that playbook.
How Machine Identity Management Makes Your Network More Secure
Learn how to manage identities across your systems and applications for enhanced security.
How to Get Ahead of Mobile App Security Risks
Have you overlooked one of your agency’s biggest vulnerabilities – mobile app security?
Uh-Oh: Leadership Strategies for Plans Gone Awry
Learn how unexpected events can be turned into building blocks for innovation and resilience.
3 Steps for Surviving Ransomware
This free six-minute video explains how public clouds enable a shared responsibility model where vendors assume many of agencies’ compliance and security responsibilities.
Containerization: Don’t Get Blindsided by Hidden Security Threats
We created this video to help you get smart quick about containerization and its ramifications for security.
How to Unlock the Hidden Value of Your Cyber Defenses
In this video, we’ll cover how integration seals up gaps in cyberdefense by bringing data from disparate solutions together.
How to Strengthen Cybersecurity (Beyond Buying New Tools)
This quick video will explore how you can improve your agency’s cybersecurity by leveraging existing resources.
The Need for Speed in Detecting and Responding to Cyberthreats
In this free six-minute course, you’ll learn about common forms of cyberattack and how to stop them from spreading around the enterprise.
Cyber Recovery: Proven and Modern Data Protection Against Cyberattacks
This free, seven-minute video will discuss how cyber recovery works and explain its key requirements.
Embedding RASP for Application and Data Security
In this course, you will learn how an emerging industry standard called runtime application self-protection, or RASP, can provide the insight you need.
Enhancing the Security of Cloud-Native Tools and Apps
Hit play, and in just under seven minutes learn how to better secure your cloud-native environment.
TIC 3.0: Connecting Agencies to Today’s Technologies
In this course, you’ll learn what agencies can do with the new TIC and how its network connections work.
How to Maintain Security in a Fast-Paced DevOps Environment
DevOps is rapidly changing how agencies develop, test and deliver applications. It’s widely understood that security must be part of the development. But what’s often overlooked is that the development environment itself also must be secure. This course explains how agencies can leverage the Common Access Card/Personal Identification Verification card to create a multi-factor authentication-based… Read more »
How to Address Security Vulnerabilities in the Development Lifecycle
Learn how your public sector agency can reduce the time and effort needed to incorporate security into the development process.
5 Strategies to Enhance Security for Productivity While Remote
In this course, you’ll learn how productivity and security go hand in hand in the remote environment.
PCs as the Foundation for Digital Transformation
In this free, six-minute course, we will discuss how to improve the performance, manageability and security of the PC.
Federal Ransomware: A Rising Threat
This 10-minute online course contains three self-paced lessons: Lesson 1: The Risk of Ransomware [2:22] Lesson 2: Federal Fears About Ransomware [2:04] Lesson 3: Repelling and Recovering From Ransomware [3:27] If you haven’t heard of ransomware yet, you will. Ransomware is more than just malicious software – it’s a dangerous cyberthreat that can cost yourRead… Read more »
How to Create Secure, Seamless Citizen Services
This course will look at the concept of Customer IAM (CIAM) and how it can be used to improve not only the security and privacy of citizen services. It will also explain how CIAM can improve the citizen experience, providing users with a more seamless transition from one channel to another.
How Your Agency Can Modernize with Next-Generation Networking and Security
Learn about the network security challenges that agencies face, and how a software-defined approach to networking is helping to address those issues.
Manage Cybersecurity Threats with the CDM Dashboard Ecosystem
Gain insights into the CDM Dashboard Ecosystem, which is designed to provide agencies with actionable intelligence on cyberthreats.
Managing Risk in Today’s Digital World
Learn how to build a foundation for enterprise risk management (ERM).
Integrating Security From End to End in Government With DevSecOps
Learn how to combine open source and DevSecOps to improve your agency’s security.
The Value of a Connected Cyber Ecosystem
In this course, you’ll learn about the current setting of network security, the roles that modern technologies play and how to bring in an ecosystem exchange.
The Evolution of Identity Proofing
Identity fraud can be particularly difficult to manage. A consumer’s physical or digital identity can be used for employment fraud, benefits fraud, tax return fraud, and more. Along with the negative effects that fraud can have on the immediate victim, taxpayer dollars go to waste and government programs see diminished results. Unfortunately, there is aRead… Read more »
A Layered Approach to Insider Threat Prevention
Insider threats have tried to infiltrate agencies for years, and because of their familiarity with software and systems, they can be difficult to stop.
Configuration Management for FedRAMP Compliance
Without the proper security measures in place, agencies can’t effectively prevent or handle the more intense and frequent cyberattacks that come their way.
How to Secure the Software Development Lifecycle
The rapid rise in government applications has created significant benefits to the public sector. But while software applications are transforming the face of government, they are also expanding government’s technology footprint and, with it, the potential attack surface. To ensure every application at your agency is secure, you must engrain security throughout the software developmentRead… Read more »
How to Become Compliant in Cloud
Cloud computing can offer innumerable benefits to government agencies, but ensuring they are securely implemented and maintained is challenging. However, the cloud offers something that can eliminate many these complexities: automation. Automating the deployment, configuration and monitoring of security can deliver predictable, repeatable, and reliable compliance and security. This course explores how compliance automation canRead… Read more »
Your Steps to Achieve CDM Phase 4
This course examines what comprises CDM Phase 4 and explains how your agency can become prepared to protect its most critical data by walking through three critical steps. Once agencies have walked through these three steps – discovered, categorized and applied governance to their data – they will have achieved the ultimate goal of CDM… Read more »
Creating an Integrated Cyber Defense
In this course, we examine what an Integrated Cyber Defense Platform protects, how it achieves security goals and how agencies can use it to achieve better outcomes.
How to Achieve FedRAMP Compliance
In three lessons, this course examines the role of a third-party assessment organization (3PAOs) as an advisor to help agencies and cloud service providers work together to build and document FedRAMP-compliant environments.
How to Act on Advancements in Government Cybersecurity
Governments at all levels are increasingly taking a proactive, departmentwide approach to cybersecurity. In four lessons, we highlight those key advancements, as well as specific examples from federal state and local agencies that are putting these approaches into practice.
How to Create a Security Transformation
This course explains how a security fabric, rather one-off platforms or tools, can increase cybersecurity even as agencies innovate. In three lessons, we explain the risks of digital transformation and discuss the components of a more robust security transformation. Finally, we define a security fabric and examine how it can transform agency operations and innovation.
An Introduction to Combating Insider Threats
In three lessons, this course examines the problem of insider threats in government. It explains how to align your insider threat analysis with your Federal Enterprise Architecture and explores a better, multilayered defense for agencies. In our last lesson, we offer examples of a multilayered approach in action.
How to Build Connected Security
Today, government agencies have to secure physical, network, and cyber systems. This course will show you how.
The Continuous Diagnostics and Mitigation Program
Welcome to the GovLoop Academy course on Continuous Diagnostics and Mitigation, a Department of Homeland Security program that provides government agencies automated cybersecurity capabilities to defend against today’s advanced threats. According to DHS, the CDM program helps to “identify cybersecurity risks on an ongoing basis, prioritize these risks based upon potential impacts, and enable cybersecurityRead… Read more »
Introduction to DDoS Attacks
Welcome to the GovLoop Academy course on Distributed Denial of Service (DDoS) attacks, where you will learn about what they are and how your agency can prevent and respond to them. By taking this course, you will be enrolled in five lessons about DDoS attacks and how to prevent them. We will explore what DDoSRead… Read more »
NSTIC Programs- Fixing Passwords and Reducing Identity Theft
The Identity Ecosystem steering group, which seeks to provide a marketplace with multiple identity providers that issue trusted credentials, has 1100 individuals and 450 companies and federal agencies participating. They chose five organizations to pilot identity solutions. Below are the agencies and what they are doing to reduce cyber crime and identity theft.