Gov’t, Judicial IT Systems Beset by Access Control Bugs

October 1, 2024 at 05:16PM Numerous high- and critical-severity bugs were discovered in government agency software platforms, posing security risks to sensitive personal data such as Social Security numbers and voter registrations. Security researcher Jason Parker exposed vulnerabilities in 19 platforms, including an issue with Georgia’s voter cancellation portal. Outdated systems and inadequate funding contribute … Read more

Modernize Federal Cybersecurity Strategy with FedRAMP

January 18, 2024 at 12:14PM Government modernization of cybersecurity strategies, including FedRAMP adoption and value-driven digital ecosystem development, is crucial to combat evolving cyber threats. Challenges like outdated technology, budget constraints, and disjointed security operations hinder progress. Yet, strategic investments in endpoint detection and response solutions and FedRAMP-authorized products can enhance security operations and empower … Read more

FedRAMP Rev. 5: How Cloud Service Providers Can Prepare

October 23, 2023 at 03:04AM The Federal Risk and Authorization Management Program (FedRAMP) has approved new Revision 5 (Rev. 5) baselines that align with NIST’s “SP 800-53 Rev. 5.” Changes in FedRAMP include updated security controls, documentation, and templates, as well as new control families and increased focus on privacy and customization. Cloud service providers … Read more