The shift to remote work has enabled continuity of government during these challenging times but also has expanded the cybersecurity threat surface that federal IT and infosec professionals must monitor and protect. According to a recent SAIC survey, 82% of the federal executives polled expect telework to continue...
The U.S. government has released additional details that it says further prove that an "Iranian group" sent a series of threatening emails to some Democratic voters in the weeks leading up to the 2020 elections, as part of a disinformation campaign designed to sow confusion.
In some respects, government agencies enter the cybersecurity arena with one hand
already tied behind their backs. It's accepted: They are under great public scrutiny in terms
of their financial spending. They are challenged to recruit and retain qualified staff. And yet
they are still a favored target of...
Security experts are urging organizations to patch a newly revealed serious flaw in Microsoft SharePoint as quickly as possible because proof-of-concept exploit code is already available. The U.K.'s National Cyber Security Center warns that hackers frequently target fresh SharePoint flaws.
Ransomware attacks remain the top cyber-enabled threat seen by law enforcement. But phishing, business email compromises and other types of fraud - many now using a COVID-19 theme - also loom large, Europol warns in its latest Internet Organized Crime Threat Assessment.
U.S. federal agencies operate some of the world's largest and most complex digital networks, but many of them rely on older, legacy technology for critical operations. Add to this the fact that the federal government is highly targeted by nationstate adversaries and traditional criminals alike, and the need for...
Prior to COVID-19, Kumar Ramachandran of Palo Alto Networks declared 2020 the "year of the early majority" for SD-WAN adoption. How has the pandemic only amped up the need for better bandwidth, visibility and centralized management - all at a lower cost? Ramachandran explains.
Russian criminals operating online who want to stay out of jail need only to follow a few simple rules, the primary one being: Never target Russians. So it's surprising that security researchers have uncovered a new ransomware-wielding gang of Russian speakers that includes Russian victims on its hit list.
Ransomware continues to pose a "significant" threat, and email remains one of the top attack vectors being used by both criminals and nation-states, Australia's Cyber Security Center warns in its latest "Cyber Threat Report," which urges organizations to improve their defenses.
In a court filing, online voting startup Voatz argues that most security research should be limited to those who have clear permission to probe systems and software for vulnerabilities. The amicus brief is part of a U.S. Supreme Court case that could redefine a federal computer law.
The need for enhanced business agility and secure remote access to support digital transformation has led to the adoption of the security access service edge, or SASE, model, says Rajpreet Kaur, senior principal analyst at Gartner.
State election committees and IT leaders need to protect the integrity of the voting process by preventing unauthorized access to the election systems. CrowdStrike's advisory services provide the best practice frameworks needed to assess and enhance cyber maturity levels across the voting process, leveraging deep...
In terms of election cybersecurity, is the U.S. better off in 2020 than it was in 2016? Christopher Krebs, Director of the Cybersecurity and Infrastructure Security Agency, answers this question and more in an exclusive keynote that tackles:
The state of election security
Myths and realities about foreign...
Britain's U-turn on Huawei, announcing that it will now ban the manufacturer's gear from its 5G networks, highlights this as yet unresolved problem: Years of underinvestment and policy failures have left Britain and its allies with no inexpensive, trusted alternative.
Federal agencies will add a layer of security to their websites that use the top-level domain .gov. All the sites eventually will use the HSTS protocol, which ensures that a user's connection to a website is encrypted and can protect against man-in-the middle attacks and cookie hijacking.