Home

Previous Image
Next Image

info heading

info content

Recent Publications
SCADA
Tenable Blog - August 24, 2016

Organizations must secure their SCADA networks while enabling access to those who need it. Here are some tips for meeting security requirements for your critical infrastructure.

NIST-Signs
NextGov: How long can government encryption hold against quantum computers? - August 16, 2016

If you think that quantum computers are the stuff of science fiction, you might be surprised to learn that there are several powerful ones operating right now, and if they realize their full potential, current government encryption levels might not be enough. NIST is even trying to preemptively develop quantum-resistant encryption. Tune into NextGov for the opening shots of the quantum versus encryption war.

HTTPS
The final push to the HTTPS-only standard for federal websites - August 12, 2016

With less than six months to the deadline for agencies to implement HTTPS on all public-facing websites, nearly half of .gov sites remain unprotected. Deploying the secure protocol should be one of the easier security mandates for agencies to meet.

RMF
Tenable Blog - August 11, 2016

Moving beyond periodic certification of information systems to the Risk Management Framework requires standardizing and automating the assessment process.

SMS
SMS is safe for now - August 4, 2016

A suggested phase-out by NIST of SMS for sending one-time passwords has been widely misinterpreted as a threat to two-factor authentication. No need to worry—2FA is not going away and you can still use your mobile phone as a token.

Pokemon
Not if you have a good apps policy in place - July 22, 2016

Commentators are warning of the dangers of the wildly popular game when used on mobile devices for business. But instead of worrying about Pokémon Go, you should have an enforceable policy in place for all apps.

Summer Break
Tenable Blog - July 19, 2016

Summer is the best time for infosec professionals in institutions of higher education to focus on cybersecurity projects: baselining and inventorying, planning regular scans, and implementing new procedures.

audio
Audio-hacking your smart phone - July 8, 2016

Researchers have demonstrated a way to hide voice commands to smart phones so that humans cannot understand them. Who’s talking to your phone?