The advanced persistent threat signals where the pointed end of the security spear is for agencies, but the static compliance mindset fostered by regulations such as FISMA is a weakness and needs to change.
Read More Here

The once-a-year snapshot of security compliance might get agencies good marks, but it doesn’t assure their ongoing security. Continuous monitoring of systems and security is now seen as a key best practice.
Read More Here

APTs and modern malware all but ensure that no IT system can be completely secure, so a renewed focus needs to be placed on protecting sensitive data through technologies such as information rights management.
Read More Here

The release of hundreds of thousands of sensitive and secret government documents shook agencies and showed that not all the threats are new and unknown and that there are no easy answers.
Read More Here

The good thing is that there’s plenty of robust technology that can be used against the new generation of threats. But finding the people with the knowledge and talent to employ it effectively is something else.
Read More Here