For federal agencies, the crux of an effective cybersecurity strategy is both obvious and challenging: a valid, enforceable security policy. But what does that kind of strategy look like, and how do you achieve it?
This approach enables you to replace fear and doubt with data and information. It also allows you to provide insights into your organization’s risk posture, keeps your boss from going fetal, and lets you live to fight another day– which is the main thing.
As resources diminish and cyberthreats escalate, it’s more important than ever that government adopt risk-based tactics to maximize security. DHS is assisting in that effort with best practices and private-sector collaboration.
Security or convenience is no longer an acceptable trade-off when it comes to cybersecurity. They must be mutually inclusive, otherwise employees will circumvent security for their own personal convenience. NIST and Microsoft understands this to a degree, but in the latest NIST Password Guidelines SP 800-63-3 the recommendations favors password convenience over password security.
Passwords and biometrics both have their place in cybersecurity and authentication, but not as competing Single Factor Authentications. Instead, their strength comes when they are combined together for Multi-Factor Authentication.
We have a massive gap between what we spend on infrastructure and what we need to spend to bring our systems up to snuff.
To implement CNAP, the administration is relying on several federal agencies to enact its objectives. In an interview with GovLoop, Matthew Cornelius, Innovation Specialist and Chief of Staff in the Office of Governmentwide Policy, explained the pivotal role the General Services Administration (GSA) will play in the plan’s execution.
In an interview with GovLoop, Michael Howard and Ronald Chestang, Senior Security Consultant at HP, explained how security advisory services can help agencies navigate the complexities of IT security while also bridging resource and workforce gaps.
Don’t kill passwords because the industry is confused between password authentication and password management.
Knowing how to secure your agency’s networks in the current cyber landscape can be challenging. See what these cyber experts have to say and learn how you can apply their recommendations at your organization.