The changing cybersecurity landscape demands evolving technology and policy to help Federal agencies combat cyber threats and build resilience. MeriTalk spoke with Bryan Rosensteel, public sector cybersecurity architect at Cisco’s Duo Security, about the expansion of agency networks beyond traditional perimeters, how the Continuous Diagnostics and Mitigation (CDM) program is adapting to the changing landscape, and how dynamic authentication can help agencies stay ahead of bad actors. […]
The final TIC 3.0 guidance released in July provided Federal agencies with increased flexibility for ensuring security in their cloud and mobile solutions as they drive forward on their modernization journeys. How are the new trust zones and zero trust working together? How is the new guidance helping agencies modernize while maintaining security? […]
As agencies have gone remote, they have had to evolve their cyber security strategies to adjust to their new telework reality. What challenges are they encountering as they make this shift? How can they adopt or adapt “bring your own device” (BYOD) plans to ensure the security of agency applications and data? […]
The COVID-19 pandemic has driven Federal agencies to leap to maximum telework capacity on short notice. While many were able to kick telework into high gear in only a matter of days because of previous or ongoing IT modernization investments, the requirement to change fast and on the fly underscores the vital need for modernization – in the case of a pandemic or not. […]
We’ve spent the last several months in a bit of a surreal version of normal but there is light at the end of the proverbial tunnel. When we emerge from the current environment, the reality is that we will be better off from a security perspective than we were when we went in. The additional need to increase the capacity of access of cloud-based apps, VPN or “other” have required us to think a lot harder about the security that comes along with this extra access to the point where “building it in” makes a lot more sense than “bolting it on.” […]
Sean Frazier, advisory CISO at Duo Security, carries an earlier cloud industry pedigree than most, and as such a long historical view of the sector’s ever-increasing influence on the technology capabilities of industry and government. […]
In September 2019, the National Institute of Standards and Technology (NIST) released its Zero Trust Architecture draft, setting the tone for the future of Federal cybersecurity and a move toward enterprise-wide zero trust implementation. […]
Most of us have a standard list of go-to passwords for various logins and websites – each fluctuating slightly with upper or lowercase letters, extra numbers, symbols and punctuation. Some of us keep them scribbled on a notepad, while others click “remember me” when logging onto sites, to speed up the process and relieve the stress of remembering them time and time again. […]
With growing interest in cloud, mobility, and zero-trust technology, industry leaders in the identity credential access and management (ICAM) space are seeing a divergence between the existing policy of Common Access Card (CAC) and personal identity verification (PIV) cards, and new technology. […]