For the federal government, every month is essentially National Cyber Security Awareness Month (NCSAM) — cybersecurity is always a concern.
However, the Department of Homeland Security and the National Cyber Security Alliance (NSCA), a public-private partnership, have been using October to annually mark National Cyber Security Awareness Month since 2004. The DHS says the month is “designed to engage and educate public and private sector partners through events and initiatives to raise awareness about cybersecurity, provide them with tools and resources needed to stay safe online, and increase the resiliency of the nation in the event of a cyber incident.”
As part of NCSAM, the White House is promoting an NSCA initiative, “Lock Down Your Login,” a public-private campaign designed to get Americans to use stronger methods of authentication, such as a fingerprint or a one-time code, for their online accounts. The White House estimates that such authentication technology could have prevented as much as 62 percent of successful data breaches last year.
At FedTech, we’ll be using NCSAM to highlight how federal agencies are working to enhance cybersecurity. In the spirit of DHS’ strategy of underscoring different cybersecurity themes in each of the five weeks of October, here is a look five different aspects of federal cybersecurity recently covered in FedTech.
Be sure to check back at fedtechmag.com/security throughout October for our continuing coverage of federal cybersecurity.
Authentication can help agencies ensure the integrity of their networks and IT systems and also keep track of employees to prevent insider attacks.
How the Government Will Focus on Multifactor Authentication
To protect government data and systems, agencies will turn their focus to improving authentication.
Commerce, State Departments Take Steps to Combat Insider Security Threats
Data breaches caused by federal employees, either knowingly or unwittingly, are a major concern at agencies, but security controls are not enough to tackle the threat.
Encryption aids agencies by keeping data secure, so that even if there is a breach, malicious actors will gain access to information with no value.
How Federal Agencies Can Improve Cybersecurity with Better Data Encryption
Recent data breaches within the government show the importance of protecting data itself and not just erecting perimeter security.
For Federal Agencies, a Deluge of Data Requires Security — Everywhere
Data security is a paramount concern for federal agencies no matter how and where their information is stored.
Keeping data protected at federal agencies requires more than just perimeter defenses, such as firewalls. Security needs to evolve to meet increasingly complex threats.
The Future of Federal Cybersecurity Is in Predictive Security Intelligence
The Department of Homeland Security’s Continuous Diagnostics and Mitigation program is one tool agencies are using to get ahead of threats.
Automated Cybersecurity Tools Can Aid Agencies Facing a Talent Gap
Automating IT security functions can help agencies overcome staffing shortages while they bulk up their cybersecurity workforces.
Data Loss Prevention
Beyond protecting data from outside threats, agencies need to ensure that their employees —whether by accident or malicious intent — do not remove sensitive data from the agency’s systems.
When an Employee Leaves Your Agency, Make Sure Your Data Doesn’t
There are some clear lessons federal agencies can learn from the FDIC data breach about protecting sensitive data.
Network Security: 3 Best Practices Feds Should Follow
Network protection remains a major issue, but agencies may see improvement with a new approach.
Federal officials and agency IT leaders are constantly trying to devise and implement strategies to counter cyberattacks.
White House Names Gregory Touhill as First Federal CISO
Touhill will be charged with leading and coordinating cybersecurity policy across the entire federal government.
Federal Officials Call for New Approaches to Cybersecurity IT, Budgeting
Some officials say that what is hampering cybersecurity efforts is not a lack of technology, but budgeting and organizational structures.