How to Keep Data Safe in the Event of Disruption

To manage risks like cyberthreats, agencies’ data strategies must involve people, processes and technology working together when disaster strikes. How can agencies address so many concerns simultaneously? The answer is a continuity of operations (COOP) plan covering data defense, recovery and risk management. Explore how the cloud fits agencies’ COOP considerations and can help minimizeRead… Read more »

Rethinking Federal Cybersecurity

This report will present thoughts from federal leaders, best practices for strong cybersecurity and a case study to help you build and maintain a secure enterprise. Download your report, Rethinking Federal Cybersecurity, now: Brought to you by:

The Importance of Visibility to the End User Experience

Agencies need to be able to gauge performance everywhere, at all times, across a complex web of legacy, mobile, cloud and shadow IT components. But agencies struggle with real-time end-to-end visibility into pain points and areas of underperformance. This means it can be difficult to quickly detect, diagnose and defeat problems before they impede productivity.Read… Read more »

Better Cloud Adoption Through Better Security

Government mandates like Cloud Smart and security requirements like the Federal Risk and Authorization Management Program (FedRAMP) are driving agencies toward cloud adoption. Cloud adoption does not come without risks, however. Shared responsibility, lack of visibility, internal risks, advanced cyberattacks and more are at play for agencies that move their sensitive data and applications toRead… Read more »

How Actionable Intelligence Helps Agencies Combat Cybercrime

The internet consists of more than just searchable content. Search engines such as Google and Bing merely skim the surface of the internet and index what they find. The content that remains unindexed is part of the deep web, and further into the layers of the internet is the dark web, which consists of intentionallyRead… Read more »

Improving Federal Security With Automated Patching

Cyberattacks are rising. In 2017, federal agencies reported 35,277 cybersecurity incidents for their IT systems. The government today realizes it is in a cyberwar and must defend its agencies from attackers. One of the main reasons systems are vulnerable is that they are either not patched or not patched quickly enough. Systems continue to beRead… Read more »

The Plan for Recovering from Cyberattacks in Government Today

Cyberattacks are a serious threat to our economy and national security. Government agencies need to be able to detect, defend and respond to threats immediately, and quickly bounce back from cyber incidents, whether they are the result of an accident, natural disaster or malicious attack. Often, after defending, detecting and responding to an attack, recoveryRead… Read more »

Your Roadmap to More Secure, Cost-Effective Print Management

In a 2009 survey of federal employees, the Government Accountability Office found that an average of $440.4 million was spent on unnecessary printing each year. Despite its astronomical cost, little effort was made to reduce this financial burden, even as government agencies found themselves needing to do more with less. But the growing prioritization ofRead… Read more »

How Can Agencies Securely Move Data and Analytics to the Cloud?

Agency IT and security operations teams must rethink how they protect data in a digital world where data is everywhere, particularly when data is in the cloud. Federal agencies should take a chapter from financial institutions’ playbooks and adopt a data-centric approach that includes data encryption, tokenization and key management that protects data across allRead… Read more »

Insider Threats: The Danger Within

Most federal employees think their agencies are safe from insider threats – but they’re wrong. A 2017 Meritalk survey found that 42 percent of federal cybersecurity professionals said that their agencies were the target of cyber incidents perpetrated by insiders. The U.S. Computer Emergency Readiness Team (US-CERT) defines insider threats as any “current or formerRead… Read more »

Identifying Agency Risks With the NIST Cybersecurity Framework

When the National Institute of Standards and Technology partnered with other federal agencies and the private sector to develop the first iteration of the NIST Cybersecurity Framework (CSF), the focus was on protecting our nation’s most critical assets. The primary audience was entities that own and operate critical infrastructure vital to our public safety andRead… Read more »

Enterprise Key Management: The Key to Public Sector Data Security

In this industry perspective, created in partnership with HPE, Chip Charitat, Senior Solutions Architect at HPE Data Security, explains that encrypting data-at-rest is a minimum standard of care for protecting sensitive data, and that effective encryption requires secure enterprise key management practices with automated policy enforcement that can scale with the enterprise.

Operationalized Security for a Safer Government

In this industry perspective, we’ll explore how to create those appropriate policies, processes and tools with the help of a trusted solutions provider. We’ll explain why agencies are currently struggling to counter advanced attacks, how they can learn from their environment and what they need to evolve their defenses. Finally, we’ll investigate how operationalized security… Read more »

Public Sector Challenges to Combating Cyberthreats

Private companies, organizations and even the federal government spend billions every year on various forms of perimeter security. Between firewalls, IPS/IDS devices, endpoint detection solutions, sandboxing, direct security information and event management (SIEM) monitoring and traditional antivirus and antimalware installations, most organizations seem to be bristling with protections that should make them secure – atRead… Read more »

Getting the Most from Continuous Diagnostics and Mitigation

Federal networks become increasingly complex as they evolve to support critical internal missions and the delivery of citizen services. At the same time, they face a continuous barrage of probes and attacks from increasingly sophisticated adversaries. To protect complex networks in the face of these threats, federal cybersecurity is evolving beyond periodic assessment of staticRead… Read more »

It’s Your Data: Protect It End-to-End

Bill Bacci, Federal Director of Data Security at HPE, explained why government agencies need a comprehensive approach to enterprise data protection in a recent interview with GovLoop. He also shared how data security technologies can help agencies achieve end-to-end data-centric security without compromising functionality.

Why You Need an Effective Risk-Management Strategy for Cybersecurity

There are few constants when it comes to federal cybersecurity. Agencies are bombarded daily with evolving cyber attacks against their sensitive data and systems. They also face a never-ending battle to secure consumer devices that employees are connecting to their networks. Although agencies can’t control the sophistication and frequency of attacks, they can take stepsRead… Read more »

Making the Most of FedRAMP

When the Federal Risk and Authorization Management Program (FedRAMP) launched in 2012, cloud computing was a fairly new business model in government. Few agencies were buying IT services and they were struggling to grasp the logistics of cloud procurement, implementation and security. Fast-forward to the present. Virtually every Cabinet-level agency, including the Defense Department, isRead… Read more »

How SecOps Can Benefit Your Agency

Managing the balance between security and system performance is a high stakes battleground that operations and security teams must navigate carefully. Building consensus between these groups can be challenging, with one team focused strictly on security, while the other wants to ensure uptime and high performance for existing or new services. These competing priorities andRead… Read more »

How a Layered Approach Improves Security

As government relies more heavily on information technology to store, manage and access critical data, it also creates greater potential for that information to be misused or exposed. Data clearly shows that internal threats and external hackers are taking advantage of those vulnerabilities. To help safeguard this ever-expanding attack surface, public key infrastructures, or PKI, have become a standardRead… Read more »

A Holistic Approach to Cybersecurity in Government

There are few issues more pressing in government today than cybersecurity. The stakes have become increasingly high as hackers routinely exploit known and unknown computer vulnerabilities and infiltrate government networks to steal sensitive data and cause harm. With that in mind, what options do agencies have when it comes to detecting and defending against theseRead… Read more »

Securing Your Agency From End to End

Gone are the days when cybersecurity was just an information technology problem. In 2015 alone, eBay, LivingSocial, Adobe, Evernote, Home Depot and JPMorgan Chase joined the ever-growing list of companies facing major security breaches. And it’s not just about compromised data: The breaches also amount to millions, if not billions, of dollars in lost revenue,Read… Read more »

Why Prevention Still Matters: The Cybersecurity Approach You Can’t Abandon

The recent breach of Office of Personnel Management data affected 22 million records, but its ramifications are, in fact, even more far-reaching than that. Media coverage of the event ensured that many more people worldwide are aware of the U.S. government’s cybersecurity shortcomings and those people are demanding a swift response. It’s in this veryRead… Read more »

A Better Strategy to Stop Insider Threats

In 2015 so far, the number of people affected by U.S. government cyberattacks has reached an all-time high. From the OPM breach to lesser-known attacks, cybersecurity is rightfully a massive concern for government officials. Although many cybersecurity conversations have centered on online vulnerabilities, few have adequately addressed the physical threat that individuals with privileged access present. Undoubtedly, the public sector would benefitRead… Read more »

Achieving Security with the NIST Cybersecurity Framework

Cyberthreats present serious, ever increasing risks to federal agencies. An April 2014 Government Accountability Office report notes that federal agencies reported 64,214 information security incidents to the U.S. Computer Emergency Response Team (US-CERT) in 2013, a 104 percent increase from 2009. Government has responded through legislation, executive orders, and cross-agency priority (CAP) goals that putRead… Read more »

Combating Insider Threats

Recent highly publicized security breaches have recently brought insider threats into the eye of the mainstream. But federal government employees already know that insider threats are an ever-present hazard to government security and operations. To learn how agencies can minimize the risk of insider threats without further burdening their overstretched agencies, GovLoop sat down with Patricia Larsen,Read… Read more »

Protecting Your Data in the Cloud

Cybersecurity is the hottest buzzword in government these days. But just because people are talking about it, doesn’t mean they actually know how to achieve it. In reality, many government organizations are struggling to secure their data from internal and external threats. Taken alone, cybersecurity is challenging. The speed of evolution and the consistency ofRead… Read more »

Gaining the Situational Awareness Needed to Mitigate Cyberthreats

To become more resilient against cyberthreats, agencies must improve visibility and understand events happening on their networks. With increased awareness, organizations will see operational benefits and save employees valuable time, improving productivity and morale. To achieve these benefits, agencies need to deploy the right kind of infrastructure. They must look to a platform approach andRead… Read more »

Zero Trust: The Network Security Infrastructure of Tomorrow

In our interconnected and highly-globalized world, agencies must deploy emerging technology to improve service delivery and connect employees to data anywhere, anytime. But as trends like cloud, virtualization, telework and mobile continue to gain traction in government, cybersecurity cannot be an afterthought: it’s mission critical. And now, more than ever before, mitigating the impacts ofRead… Read more »

Transforming Agency Security with Identity & Access Management

The rampant increase in cyberattacks, mounting regulatory requirements, and the constant concern over insider threats mean that securing your agency’s resources is more important than ever. Yet at the same time, agencies face budgetary constraints, staff shortages, and a host of conflicting priorities that result in basic security protocols—things like ensuring users have appropriate accessRead… Read more »

The Evolution of Identity Management

Given the mounting threat of cyber attacks coupled with a proliferation of information now accessible online, multilayered identity management systems are more important than ever to any agency’s security infrastructure. Fortunately, most organizations understand the necessity to protect online information by creating stringent verification processes for users. Simply ensuring that the right person is accessingRead… Read more »

Before, During and After an Attack: An Integrated Strategy for Cybersecurity

The world of cybersecurity is immense. The jargon surrounding the subject is nearly as varied. Here are a few examples: There’s malware, damage, espionage, regulation, education, viruses, advanced persistent threats, partners, reputation insider threats – and that’s just a small sample. Adding to this complexity is a common disconnect between technology experts within the organization,Read… Read more »

Important Weapon in the Cyber War: SecureView MILS Workstation

Cyber threats are rising rapidly and government needs an alternative, secure solution to the present operating environment where multiple machines are required for multiple types of information. This Industry Perspective explains the robust, unparalleled advantages of SecureView, a low-cost, MILS (Multiple Independent Levels of Security) workstation with accredited cross-domain security developed in close collaboration between… Read more »