Government information security management

Government IT security management news and analysis covering information security in the federal government and its agencies as well as state and local governments, national initiatives to secure cyberspace, public-private cooperation and the government's role in helping enterprises protect the data of U.S. citizens.

June 11, 2021 11 Jun'21
Slilpp marketplace goes dark following government takedown

Slilpp, a massive dark web emporium for buying and selling stolen credentials, has been pulled offline by an international law enforcement takedown.
June 10, 2021 10 Jun'21
Risk & Repeat: Colonial Pipeline CEO grilled by Congress

Colonial Pipeline Co. CEO Joseph Blount faced criticism from several members of Congress this week during two different hearings on the recent ransomware attack.
June 09, 2021 09 Jun'21
Mandiant: Compromised Colonial Pipeline password was reused

The Colonial Pipeline VPN password was relatively complex, according to Mandiant CTO Charles Carmakal, and likely would have been difficult for DarkSide threat actors to guess.
June 08, 2021 08 Jun'21
FBI used encrypted Anom app in international crime bust

The FBI secretly ran an encrypted chat network that included 12,000 devices and was widely used by criminal organizations across the globe for various illegal dealings.

Bring yourself up to speed with our introductory content

National Security Agency (NSA)

The National Security Agency (NSA) is a federal government intelligence agency that is part of the United States Department of Defense and is managed under the authority of the director of national intelligence (DNI). Continue Reading
cyber espionage

Cyber espionage, also called cyber spying, is a form of cyber attack that is carried out against a competitive company or government entity. Continue Reading
SolarWinds supply chain attack explained: Need-to-know info

The SolarWinds supply chain breach is the talk of the town -- and will be for months and years to come. Get informed and be part of the conversation with our guide. Continue Reading

Weigh the pros and cons of technologies, products and projects you are considering.

Can a new DHS cybersecurity strategy help the private sector?

The U.S. Department of Homeland Security outlines federal plans to improve public and private cybersecurity, but analysts advise caution over strategies that can't be mandated. Continue Reading
Federal technology upgrade could see security, SaaS outlay

Channel partners expect major shifts in the government's technology priorities. Find out which IT trends are poised to shape spending in the coming years. Continue Reading
Technology a double-edged sword for U.S. election security

Technologies were weaponized to undermine the 2020 U.S. presidential election, but IT systems have also helped to identify fraud and verify results in a hotly contested election. Continue Reading

Learn to apply best practices and optimize your operations.

Cybersecurity training for employees: The why and how

Cybersecurity training continues to miss the mark. How do you succeed where so many others have failed? Keep it fresh, keep it current and make it real. Here's how. Continue Reading
Federal Information Security Management Act (FISMA)

The Federal Information Security Management Act (FISMA) is United States legislation that defines a framework of guidelines and security standards to protect government information, operations and assets. Continue Reading
Tackling IT security awareness training with a county CISO

A Michigan county CISO says government workers are under siege by cybercriminals. In this case study, he shares how his IT security awareness training strategy has evolved. Continue Reading

We’ve gathered up expert advice and tips from professionals like you so that the answers you need are always available.

Interconnected critical infrastructure increases cybersecurity risk

Separately managed but interconnected critical infrastructure sectors are not all bound to security requirements and may be at risk of cascading attacks. Continue Reading
How to create a ransomware incident response plan

The increase in recent attacks makes clear the need for a ransomware incident response plan. Here's how to limit the effect of such attacks, as well as what to do if infected. Continue Reading
With US ban, Huawei products put CISOs on notice

The U.S. federal government has enacted bans on equipment it deems a national security risk. The move should make CISOs wary of what products they bring into their organizations. Continue Reading