March 25, 2019
Contingency Planning Isn’t Fun and Games. But Should it Be? premium
“Hope for the best, plan for the worst”. This ancient principle still applies, especially for systems with high availability requirements. Principles are easy to quote, but how does an organization implement them effectively? In its vast compendium of requisite security controls, NIST has created an entire category of requirements for contingency planning. Federal agencies are […]
February 28, 2019
Compliance: It’s Still (an even bigger) Thing premium
You have heard it enough to make you aim a fire extinguisher at your firewall:  “compliance does not mean security”. Compliance work can consume up to 70% of security budgets in Federal government agencies, and it is common to spend more money identifying, documenting, and gaining approval for a remediation than the remediation itself costs. […]
December 5, 2017
The Inside Job: Agencies Struggle to Prevent Cyberattacks from Within premium
Defending against insider threats is a top priority for the U.S. government. When surveyed by MeriTalk, 85% of federal cybersecurity professionals say their agency is more focused on combating insider threats in 2017 than they were just a year ago. An insider threat is manifested as an incident when a person with authorized access to […]
November 16, 2017
7 Must-Have Elements of your Agency’s Incident Response Plan premium
DLT partner, Symantec, has put together a list of seven items you must add to any incident response plan. Here’s how it translates to government agencies. 1. Have a Workable Plan An incident response plan is your roadmap for responding to a cybersecurity attack. In this NextGov interview with Symantec’s Robert Myles and DLT’s Don […]
Government Tech Writer
October 18, 2017
3 Steps for Protecting PII in Government premium
From veterans to tax payers, contractors to military personnel, the U.S. government is one of the world’s largest harbors of personally identifiable information (PII). Year after year of security breaches has done nothing but destroy public trust in the government’s ability to protect PII about citizens, employees, and contractors. Protecting PII is a tricky business. […]
Government Tech Writer
September 19, 2017
[Survey] Regulations, Careless Insiders, and IT Modernization Complicate Federal Cybersecurity premium
Federal IT pros are facing “Herculean tasks” when it comes to security challenges, a new survey conducted by DLT partner, SolarWinds, reveals. Featuring insights from 200 civilian and Department of Defense (DoD) IT decision-makers, the survey explores the security challenges faced by public sector IT professionals, quantifies the sources and types of IT security threats, […]
September 8, 2017
An A-B-C Approach to Security Compliance Challenges premium
When it comes to enhancing their cybersecurity postures, federal agencies have to wade through an entire alphabet soup of regulatory compliance guidelines. From the RMF (Risk Management Framework) to FISMA (Federal Information Security Management Act) and DISA STIGs (Defense Information Systems Agency Security Technical Implantation Guides), there are a number of requirements that agencies must […]
August 22, 2017
[Webinar] Proven Tips to Help You Achieve Compliance with DFARS 7012 premium
Another month, another regulation deadline to comply with. But this time, it’s defense contractors who are in the hot seat. To safeguard defense information in non-federal systems and organizations, U.S. defense contractors and soon all federal agencies, must meet the DFARS 7012 mandate and implement all of the requirements of NIST Special Publication 800-171 Protecting […]
Government Tech Writer
August 21, 2017
Why Cybersecurity Should be Your Top Priority This Federal Year-End premium
If you’re wondering where to spend your federal fiscal year-end dollars, no doubt cybersecurity is top of mind. With threats increasing and constantly evolving, protecting federal systems, networks, and data has never been more important. But this year, there’s a new imperative for federal CIOs – the Presidential Executive Order on Strengthening the Cybersecurity of […]