Traditional IT security has always focused on static, well-controlled IT environments. However, with the advent of BYOD policies and more and more mobile devices connecting to workplace networks, a new, more fluid paradigm has evolved. How does IT make the shift and take charge of these dynamic and very difficult to control environments?

Over the last several years, great efforts have been made to implement the US Federal Government’s “Cloud First” strategic initiative to develop, promote, and streamline the “on ramp process” for Federal agencies to adopt and migrate to cloud architecture through Federal Risk and Authorization Management Program (FedRAMP).

Black hat hackers make more money than white hat hackers.  A lot more.  The 2015 Symantec Internet Security Threat report states that a hacker can sell a credit card number for about $50 on the black market.  If you can steal 100,000 numbers in a few months, you stand to earn about $5 million.  This money pales in comparison to what a bad actor can get for a purloined medical record:  about $500 per record, according to the same report.  Steal 100,000 of those, and you’ll get a whopping $50 mil

The Dark Web:  the name conjures up visions of nefarious characters doing despicable things under the cover of specialized technology that keeps them a step ahead of the law, who are hopelessly outnumbered.  Many people believe the Dark Web is like dark matter:  mysterious, undetectable, and vaster by far than our customary world.

The first order of business in cybersecurity, indeed in IT management in general, is to have a reliable system inventory:  physical systems, virtual machines, software and associated configurations and vulnerabilities, and – most importantly – data.  Asset inventory is not just common sense, though, it’s the law.  The NIST 800-53 sec

As straightforward and commonplace as patch management might be, it is still a big security hole for many organizations.  The 2015 Verizon threat report states, “…99.9% of the exploited vulnerabilities had been compromised more than a year after the associated CVE was published”.  In other words, completely preventable exploits were succe

At this point, it probably seems like there’s almost as much information out there about how to combat cybersecurity threats as there are threats themselves. Every day there’s a new report that contains a wealth of valuable – and sometimes, disturbing – information. It’s enough to make a federal IT pro feel overwhelmed.
Like so many other things, though, it’s helpful to remember that the foundation for a successful approach to defending against cyber threats can ultimately be boiled down to a few core best practices:

An advanced persistent threat (APT) is a network attack in which an unauthorized individual gains access to a network and then stays in the network, undetected, for a long period of time.[1] APTs use multiple phases to break into networks and avoid detection. During this period of time, the attacker will scan the network for confidential information.  There are usually five phases of an APT attack. The first is reconnaissance, in which the attacker leverages information to understand the target.

2014 was a banner year for high-profile security breaches. The Sony hack, big box store data breaches, and the rumblings of problems at the federal government’s Office of Personnel Management all contributed to a problematic year for IT, business and government leaders.

Many of these breaches stemmed from inadequately protected on-premise systems, but what’s been going on with cloud security? For answers look no further than DLT partner, Alert Logic’s newly released 2015 Cloud Security Report.

Bring Your Own Device (BYOD) programs are popping up across corporate America. Yet many in the U.S. government still eye this cost-saving strategy (less infrastructure = reduced IT footprint) with caution.

Security and liability are among the top concerns that are stalling widespread adoption with many government officials finding BYOD programs to be “more trouble than they’re worth” (Forrester).