June 25, 2020
Via: FortuneThere is a “significant risk” of fraud for Paycheck Protection Program loans, the Government Accountability Office (GAO) said Thursday, urging the Small Business Administration to amp up efforts to respond to such risks. In a report released Thursday, the government […]
April 6, 2020
Via: BGREvery corner of the United States has been affected in some way by the novel coronavirus pandemic. Even if your neck of the woods hasn’t been hit particularly hard by COVID-19, the various lockdown and social distancing measures in place […]
August 8, 2019
Via: StateScoopStates struggling to manage their large technology projects often face similar issues in assessing the risk, optimal contract length or quality assurance of potential new services. A handbook released this week by 18F, a civic innovation office within the General […]
August 30, 2018
Via: ZDnetA severe security flaw impacting routers and disclosed four years ago has once again returned to the field, but this time, medical devices are potentially at risk. The vulnerability, known as Misfortune Cookie, has been assigned a severity rating of […]
May 22, 2018
Via: CIOCloud services are here to stay, and they are taking over more enterprise functions every year. Where once cloud services were limited to simple storage or contact management, core functions like ERP have now moved to the cloud. And with […]
Cybersecurity, Policy, State & Local
April 10, 2018
Via: StateScoopArizona announced Monday that it will use a single cybersecurity firm to monitor and manage the risks to computer systems in all 133 state agencies. The company, RiskSense, is based in neighboring New Mexico and was chosen over other potential […]
October 3, 2017
Via: ZDnetSoftware-as-a-service delivers significant benefits and advantages over traditional installations, but data security cannot be overlooked. Here, we discuss high-level policy considerations such as how to classify data based on its sensitivity, assign risk levels, and set access privileges based on […]
July 12, 2017
Via: CIOGovernance, risk and compliance (GRC) refers to a strategy for managing an organization’s overall governance, enterprise risk management and compliance with regulations. Think of GRC as a structured approach to aligning IT with business objectives, while effectively managing risk and […]
September 23, 2016
Via: CIOIn the world of medical device security, success comes down to having the capability to fail gracefully. This is not as oxymoronic as it might seem, Kevin Fu told an audience at the Security of Things Forum in Cambridge, Mass., […]
May 27, 2016
Via: FCWThe Social Security Administration presents an inviting target for hackers. But IT officials maintain that so far at least, outsiders have not been able to find their way in. As a precaution, SSA employs penetration testers — outsiders who try […]
April 6, 2016
Via: ArsTechnicaNoScript, Firebug, and other popular Firefox add-on extensions are opening millions of end users to a new type of attack that can surreptitiously execute malicious code and steal sensitive data, a team of researchers reported. The attack is made possible […]