Effective systemwide security requires mobile threat detection and privacy measures to be active on as many devices as possible.
Emerging and established technologies hold great potential for addressing our nation's evolving challenges; the trick is in helping government agencies integrate them into their operations.
With communal resource for commonly used components, agencies could devote more time to security postures that are truly unique.
With funding and the help of top experts, the Biden administration can make tangible progress toward modernization, but much work remains to be done.
Old labels for network traffic are out of date with government users connecting from devices outside traditional perimeters, but TIC 3.0 offers a new map.
As the new administration begins to implement its policies, the leadership of the federal CIO and agency CIOs will be critical for delivering better business results and building trust with citizens.
Knowledge-based authentication for call centers is cumbersome and can increase risk of spoofing, but there are tech-based alternatives.
Responding to Steve Kelman's recent blog post, Alan Thomas shares the inside story on 18F's evolution.
The process federal agencies go through to prove a system is secure may actually be making us less secure. This is a problem that we must fix today, not tomorrow.
DevSecOps has the power to set a new standard for the way the DOD -- and the rest of the federal government -- executes work.
Crisis situations like this one can induce the fog-of-war and lead to tradeoffs during remediation. While we may not know the full extent of the damage for some time, as is always the case in an event like this, we need to stop the bleeding. We must not afford the adversary an easy path to more information.
The passage of the IoT Cybersecurity Improvement Act of 2020 means that NIST will start to address the gap in post-market guidance to help organizations adequately address newly discovered vulnerabilities in devices already on their networks.