Organizations must secure their SCADA networks while enabling access to those who need it. Here are some tips for meeting security requirements for your critical infrastructure.
If you think that quantum computers are the stuff of science fiction, you might be surprised to learn that there are several powerful ones operating right now, and if they realize their full potential, current government encryption levels might not be enough.…
With less than six months to the deadline for agencies to implement HTTPS on all public-facing websites, nearly half of .gov sites remain unprotected. Deploying the secure protocol should be one of the easier security mandates for agencies to meet.
Moving beyond periodic certification of information systems to the Risk Management Framework requires standardizing and automating the assessment process.
A suggested phase-out by NIST of SMS for sending one-time passwords has been widely misinterpreted as a threat to two-factor authentication. No need to worry—2FA is not going away and you can still use your mobile phone as a token.
Commentators are warning of the dangers of the wildly popular game when used on mobile devices for business. But instead of worrying about Pokémon Go, you should have an enforceable policy in place for all apps.
Summer is the best time for infosec professionals in institutions of higher education to focus on cybersecurity projects: baselining and inventorying, planning regular scans, and implementing new procedures.
Researchers have demonstrated a way to hide voice commands to smart phones so that humans cannot understand them. Who’s talking to your phone?
Although penetration testing might be viewed as one of the more glamorous jobs in cybersecurity – think of Tom Cruise in Mission Impossible hacking into a CIA computer while dangling horizontally from cables in a heavily protected room – it might come…
In cybersecurity as in national security, remembrance and eternal vigilance are essential to maintaining our freedom.