Security

Secure websites and a secure online presence foster trust between the public and government.

More News and Events on Security

99 posts

NIST Publishes NICE Cybersecurity Workforce Framework

Categorizing and Describing Cybersecurity Work for the Nation The National Initiative for Cybersecurity Education (NICE) is pleased to announce the release of Special Publication 800-181, the NICE Cybersecurity Workforce Framework. This publication serves as a fundamental reference to support a workforce capable of meeting an organization’s cybersecurity needs. It provides organizations with a common, consistent

Aug 22, 2017

NIST Crafts Next-Generation Safeguards for Information Systems and the Internet of Things

Information systems—from communications platforms to internet-connected devices—require both security and privacy safeguards to work successfully and protect users in our increasingly complex and interconnected world. Toward these ends, the National Institute of Standards and Technology (NIST) has issued a new draft revision of its widely used Special Publication (SP) 800-53, Security and Privacy Controls for Information

Aug 22, 2017

‘Cybersecuring’ the Internet of Things

I recently had the chance to talk with the legendary Vint Cerf, one of the founding fathers of the internet. We had a wide-ranging discussion about the past, present and future of the internet, network security and what it would take to successfully, safely and reliably merge the digital and physical worlds, a concept known

Jun 29, 2017

FedRAMP 5th Anniversary

This week we are excited to celebrate FedRAMP’s fifth birthday! The program has come a long way over the past five years, as we have been able to grow and transform the program to continue to meet the evolving needs of our partners .

Jun 13, 2017

FICAM’s New Resources Help Solve Government’s Identity Management Challenge

In today’s digital world, it’s imperative that government agencies safeguard citizens’ physical and electronic security. In the world of Federal IT, adopting and advancing cybersecurity can’t be accomplished in one day, or by one agency. Federal agencies must work together to tackle complex problems and stay ahead of evolving network threats. The Federal Identity, Credential,

Jun 12, 2017

Hybrid Cloud: A Key to Phasing in New Technologies

Like any newer technology, cloud computing has faced adoption challenges. IT managers understand the huge potential efficiency improvements and savings that cloud computing can bring to their agencies, but also have questions about security, compatibility, and funding. With these concerns and without a clear path to cloud computing, many agencies continue to maintain on-premises solutions.

Jun 08, 2017

Federalist Is out of Beta and Open for Business

If you’re a program manager or a federal web developer you’ve probably been given a seemingly simple task: Create a basic website as part of a new initiative at your agency. The hardest part is often not crafting the content or designing the prototype, but getting the security and privacy compliance in order to launch

Jun 05, 2017

From Launch to Landing: How NASA Took Control of Its HTTPS Mission

18F Editor’s note: This is a guest post by Karim Said of NASA. Karim was instrumental in NASA’s successful HTTPS and HSTS migration, and we’re happy to help Karim share the lessons NASA learned from that process. In 2015, the White House Office of Management and Budget released M-15-13, a “Policy to Require Secure Connections

May 26, 2017

Cybersecurity: Protecting Manufacturing Technology and Innovation

Recently a segment on my favorite morning news program stopped me in my tracks. The young and attractive hosts (why are they always so young and attractive?) were demonstrating new appliances including a smart refrigerator. The fridge was equipped with all kinds of high-tech features including touch screen displays, a camera inside that allows you

May 04, 2017

DHS Study on Mobile Device Security

The Department of Homeland Security (DHS) has submitted a report to Congress that details current and emerging threats to the Federal government’s use of mobile devices and recommends security improvements to the mobile device ecosystem. The DHS Science and Technology Directorate (S&T) led the study in coordination with the National Institute of Standards and Technology

May 04, 2017

DotGov Domain Registration Program to Provide HTTPS Preloading in May

Effective May 15, 2017, GSA’s DotGov Domain Registration Program will begin providing HSTS Preloading services for federal agencies. This new service helps ensure that visitor communication with .gov websites is not modified or compromised, and hostile networks cannot inject malware, tracking beacons, or otherwise monitor or change visitor interactions online.

Apr 12, 2017

To Get Things Done, You Need Great, Secure Tools

To folks new to government, one of the most surprising differences between our work and work in the private sector are the barriers in accessing commercially available software, and commercially available Software-as-a-Service (SaaS) in particular. There are good reasons for these barriers: the government places premiums on considerations such as security, privacy, accessibility, license management,

Apr 11, 2017

Laying the Foundation for a More Secure, Modern Government

Summary: Building on efforts to boost Federal cybersecurity & as part of National Cybersecurity Awareness Month, today we’re releasing a proposed guidance to modernize Federal IT. America’s spirit of ingenuity and entrepreneurship created the world’s most innovative economy and keeps us dominant in today’s digital age. Indeed, in 1985 about 2,000 people used the Internet;

Oct 28, 2016

The Data Briefing: Help Predict the Future of Federal Government Data

In December, I plan to write two postings detailing a scenario analysis for the next ten years of the Federal government’s data technologies. Governments are on the cusp of amazing technological advances propelled by artificial intelligence, blockchain technologies, and the Internet of Things. Also, governments will face new challenges such as the recent global cyber

Oct 26, 2016

Federal Cybersecurity Challenges

These days, when you turn on the news you almost always see another hack, leak, or breach putting sensitive information at risk. But we’ve been focusing on keeping federal agency information systems secure for a long time. For October’s Cybersecurity Awareness Month, the WatchBlog takes a look at federal cybersecurity challenges. What is the threat?

Oct 25, 2016

Further Enhancing the Federal Government’s Privacy Practices

Summary: The Office of Management and Budget is releasing updated guidance on the role and designation of Senior Agency Officials for Privacy. The digital economy has transformed how citizens interact with their Government. Government services related to immigration, student loans, health insurance, and veterans’ benefits are just a sample of the services now available online.

Sep 30, 2016