Category: Security

Why Good Cyber Hygiene – Beginning at the Endpoint – is Vital to U.S. Cybersecurity
For too long, we’ve let cybersecurity run in the background, expecting it to work. Today we can no longer afford that kind of apathy. Cybersecurity impacts all of us, and it’s time to make it...
Federal Cybersecurity: Too Many Tools Spoil the Broth
Federal agencies have no shortage of security tools. Yet with the rise of distributed endpoints, many of their traditional perimeter security tools have become obsolete. IT leaders often look to new tools, patches and updates...
Do You Have Too Many Cybersecurity Tools, Too Little Visibility?
It’s not how many cybersecurity tools you have that matters. What really keeps your organization safe is the ability to provide real-time and accurate data on your endpoint devices. For many federal cybersecurity managers, that’s...
Learn How to Make the NDAA 889 Compliance Deadline
Are you ready for August 13, 2021? That’s when U.S. government agencies, as well as their suppliers and contractors, face their first annual deadline for NDAA 889 compliance. NDAA is short for the U.S. National...
Don’t Be a Cyberwar Victim. Become Digitally Resilient.
Digital resilience is more than just a good idea, and it should be more than just another IT cost center. In fact, digital resilience supports the business and just happens to be your organization’s best...
Public, Private Sector Collaboration Is Key To Combating Cybersecurity Issues
The Colonial Pipeline ransomware attack showcased the growing vulnerability gaps when it comes to national cybersecurity. Combined with the whirlwind of activity related to the SolarWinds breach, there will be a surge of new cybersecurity...
For the U.S. Defense Dept., the Future of Data Management Is Zero Trust
The future of federal cybersecurity is zero trust. In February, the U.S. National Security Agency (NSA) released guidance encouraging intelligence organizations to adopt a zero-trust security model. The NSA also detailed what zero trust is,...
What Does the Cybersecurity Maturity Model Certification (CMMC) Mean for My Business?
There’s plenty of talk right now among the defense community about the Cybersecurity Maturity Model Certification (CMMC). And with good reason. The certification demands significant changes of government contractors working directly for the Department of...
The Colonial Pipeline Cyberattack Emphasizes What Americans Want — Government to Prioritize Cybersecurity
A new Tanium poll finds support for more private sector involvement. But spending must be targeted in the right areas. President Biden signed an executive order on cybersecurity last week following a ransomware attack on...
Biden’s Executive Order Stresses Need for Federal Government to Make “Bold Changes” in Cybersecurity
Days after the Colonial Pipeline cyberattack crippled our nation’s gas supply, President Biden signed an executive order aimed at improving America’s cybersecurity and protecting federal government networks. While the executive order is focused on the...
Is Your Agency Prepared For Software End of Life?
Federal agencies have a software accumulation problem. The problem is not new, but it gets worse with each passing year. The issue stems from near countless options for software that agencies can choose from. IT...
Do Agencies Need Next Generation Software, Or Are They Just Chasing Diminishing Returns?
When federal agencies experience a breach, they usually favor various types of compensating controls specifically engineered to mitigate the potential damage of the breach. These types of controls often result in tool sprawl. They also...
Strengthening Federal Technology Risk Management
The transition to remote working has expanded agency threat surfaces — and it’s not just cybersecurity risk that agency IT teams have to deal with; it’s increased risks to data, the mission and staff.  People...
How to Strengthen Federal Endpoints and Networks With Preventative Security
Agencies have long relied on reactive security (compensating security controls) vs. preventive security (baseline security controls) to protect their information systems. As a result, many end up with tool sprawl — adopting too many one-off...
How Agencies Can Improve FITARA Cyber Scores With Real-Time Data
The scores from the latest Federal Information Technology Acquisition Reform Act (FITARA) are out. Good news: it showed overall improvements for all agencies. Surprising news: not one agency’s cyber score changed from the previous scorecard. The cyber category consists...
Tanium Provides Endpoint Visibility and Intelligence for Google’s BeyondCorp Enterprise
Once upon a time, network security was about letting the good guys in and keeping the bad guys out. But we’re living in a different world now.  Cyberattacks are sophisticated and targeted. Bad actors aren’t...
Continuous Diagnostics and Mitigation (CDM) and Zero Trust Are the Building Blocks of Cybersecurity
As the distributed workforce grows, federal agencies face a broader threat landscape. Bad actors are gaining access to more user credentials than ever before, with their algorithms outperforming humans 1,000 to one. In this new...
Experts Share Advice on Getting Started With Zero Trust for Remote Infrastructures
During the Cyber Security Experts Panel at CDM Central last month, I joined government experts from the U.S. Small Business Administration and Department of Health and Human Services — along with fellow industry experts — to discuss what...
How a Federal Telework Bill Can Help Modernize and Secure Remote Work
As federal telework continues, agencies are looking to allocate funds and modernize remote environments for the future. The Pandemic Federal Telework Act, if passed, would direct federal agencies to allow eligible employees to telework full-time...
Strategies for Optimizing Remote Work in 2021
In 2020, the federal sector’s priority was business continuity, when the pandemic forced a new world of remote work. But now that the dust has settled, 2021 presents a crucial opportunity for the government to...