Dec 09, 2014 By Jean-Paul Bergeaux In

Lessons from recent news in cyber security

The recent news surrounding cyber security has been hard to keep up with. Just a few examples include the discovery of the ShellShock vulnerability, breaches at Home Depot, Kmart and Dairy Queen, and APT (Advanced Persistent Threat) operations believed to be executed by nation-states, such as Operation Archangel* and Operation SandWorm. And...

Read More

Nov 25, 2014 By Jean-Paul Bergeaux In

Is Your Agency Ready for Cyber Analytics?

According to the U.S. Computer Emergency Readiness Team (US-CERT), in 2013, federal agencies were the target of 46,160 cyber attacks – an increase of 33 percent over the previous year. The growing sophistication of cyber threats against government agencies underscores the need for a more proactive defense posture. GovExec, in partnership with...

Read More

Nov 11, 2014 By Jean-Paul Bergeaux In

Cyber espionage is getting real. And public.

In the last week, cyber espionage went from whispered but unconfirmed stories to publically confirmed incidents of national significance. Three major breaches of the Federal Government have been revealed in the news lately, first by DHS, then the White House and now USPS.  In the past, these types of hacks were only rumors in the intelligence...

Read More

Nov 04, 2014 By Lee Vorthman In

NCSAM: The NIST Cyber Security Framework and its Effectiveness

Today we take a look at how U.S. government agencies are meeting their cyber security challenges during the 11th Annual National Cyber Security Awareness Month (NCSAM), by focusing on the protection of critical infrastructure. GovDataDownload talked with Lee Vorthman, NetApp’s chief security architect about the National Institute of Standards...

Read More

Oct 29, 2014 By loh In

Q&A with SwishData’s CTO, Jean-Paul Bergeaux

GovDataDownload is pleased to present a guest Q&A from Jean-Paul Bergeaux, CTO at SwishData. In the discussion below Jean-Paul discusses the evolution of public sector cybersecurity, the rise of Continuous Diagnostics and Monitoring (CDM) and how he sees cybersecurity policies strengthening over the next 12-18 months. Please tell us about...

Read More

Oct 21, 2014 By Brandon Hoffman In

Use Network Models to Get a Clear View of Your Network Security

As agencies move to refresh large-scale global infrastructure, experts are building in security on the front end. A key part of the security challenge is understanding what exists today, how it is (or isn’t) being secured, and then designing the security requirements in tandem with the new system/network. The problem is that most complex or...

Read More

Sep 30, 2014 By Jean-Paul Bergeaux In Blog

Public Cloud Usage for Federal agencies – The Three Most Compelling Use Cases

Federal use of cloud resources has begun to mature, and with this maturity Federal organizations have started to hone-in on the best uses of private and public cloud resources for them.  While private clouds have had strong adoption, with the environment more-or-less completely under the control of the agency, it is only recently that the most...

Read More

Sep 25, 2014 By Jean-Paul Bergeaux In

Patch your BASH systems NOW!

A new vulnerability that NIST has now identified as CVE-2014-6271 is being compared to Heartbleed for severity and scale. The name “SHELL SHOCK” is being thrown around as a nickname and it was originally posted on here and here. The ramifications are much larger than the simple identification as security expert Kenn White...

Read More

Sep 18, 2014 By Andrey Zhuk In Blog

Tackling the BYOD and Rogue Application Challenge

In today’s world, smart devices and great new applications are everywhere.  Along with making our lives easier, they make the lives of security admins and chief information security officers (CISOs) a nightmare.  To state the issue in laymen’s terms: BYOD policy and rogue applications are akin to the Trojan horse inside the sophisticated...

Read More

Sep 03, 2014 By Andy Kicklighter In Blog

Data-Centric Security is Needed to Stem Rising Federal Data Breaches

New revelations by the GAO of federal security incidents provide further evidence, as if we needed it, that traditional security approaches on their own are no match against today’s sophisticated attacks on agency networks. The rising tide of breaches points to an urgent need for agencies to move to a data-centric model for protecting...

Read More