August 11th at 11:05am The DoD GIG IA Portfolio Management Office (GIAP) has learned through experience that mission critical networks are contested, violated, infiltrated and penetrated, leading to significant risks to US interests. The U.S. critical infrastructure has evolved from a ‘network enabled’ position to one that is now ‘network dependent.’ No aspect of the national critical infrastructure operates without extensive use of information technology, and it is this very fact that makes our networks such a high priority target for adversaries.
The need for secure, self-aware, proactively managed defense mechanisms has never been more critical. Commercially available technologies, when combined with research and development done by both the government and the private sector, represent the best possible approach for combating the types of threats our critical infrastructure is facing today.
Who’s using cloud more — the U.S. or Europe? What are the biggest concerns when it comes to security on both sides of the Atlantic? Should you be developing a cloud strategy now, or should…
DARPA is one agency that recognizes cyber threats are just as likely to come from within the network. The agency has posted a solicitation on Fed Biz Ops looking for what they call novel approaches to insider threat detection. The Defense Advanced Research Agency is looking for a way to increase the accuracy, rate and speed of detection. The Cyber Insider Threat (CINDER) program will stop adversaries from operating within government and military networks before they can get access.
The cyber threat landscape has changed dramatically in recent years. Experts believe that more threats than ever are not coming from other countries, or malicious hackers – but from within the network!The U.S. National Counterintelligence Strategy says that insiders are targeting networks to intercept information, or disrupt operations. Khalid Kark of Forrester Research says agencies have to manage people, the process, and technological controls. Continuous monitoring is the new buzzword.
New tools can help you protect your network from the threat within. Khalid Kark of Forrester Research says there’s a set of tools that are considered ”network-centric,” that will record all the network sessions. That allows cyber sleuths to replay the sessions and find out where any breaches or intrusions are coming from – in house. There are also ”data leak prevention” tools you can use that’ll allow you to create your own parameters that’ll block that information from leaving your network.
September 22nd at 11 AM Data Loss Prevention (DLP) is receiving significant attention within the information security community as individuals and organizations realize the importance of managing and protecting sensitive information. The impact of a data breach can be significant, resulting in lost productivity, failed audits, and negative press exposure. This session will review the benefits of identity-aware Data Loss Prevention and how these integrated solutions can help reduce IT risk, automate key security processes and enhance overall compliance posture.
NSA, State and nearly every other agency are developing “fixes” to protect unauthorized employees from taking data. Experts say employees need to understand why the rules are in place and how they benefit both the organization and worker. OMB says one way to improve the situation is by reducing the number of federal employees with security clearances-an initiative that already is underway.
The Justice Department alleges CA has violated since 2002 terms of its GSA schedules contract and over-charged the government for IT hardware and software.
Federal agencies like the Internal Revenue Service are finding that they must balance an increase in the amount of data they have to secure while providing safe access when that information is needed.
The General Services Administration and the Homeland Security Department released the first of what’s expected to be two requests for information seeking insights into how to make the Continuous Diagnostics and Mitigation (CDM) program more reactive to the burgeoning cyber market.