Authentic8 Blog Category: Federal

Federal Tech Talk: Secure Web Browsing

You may have heard that browsers were not designed with security in mind. Originally created to make the internet more accessible for scientists, the "free" browser soon morphed into a tool that helped advertisers and marketers turn its users into the product.

The rest is (web) history. In the traditional browser ecosystem, consumers pay for their "free" browser with ad clicks and their online usage data. Inherently insecure browsers have become ubiquitous - even in the federal government and its organizations, where taxpayers expect security to be more than an afterthought.

The high price "free" browsers elicit from federal organizations, in terms of weakened IT security and data protection, was the topic of a recent conversation between John Gilroy, host of Federal News Network's podcast Federal Tech Talk, and Thom Kaye, Federal Program Manager at Authentic8.

One highlight of their insightful exchange on How the browser betrays your organization: Thom explains how location data disclosed by

Why You Should Be Fed Up With the Cycle of FUD

The upcoming election has created the perfect opportunity for the $100 billion cybersecurity industry to throw some fear, uncertainty and doubt — colloquially known as “FUD” — into the daily conversation.

Vendors see this as an opportunity to double down on their marketing to help congressional offices “defend democracy.” But they’re selling the same solutions that got these offices in trouble in the first place. Isn’t it time to try a different approach?

It’s important to understand that unlike other branches of government, each congressional office is responsible for their own security when it comes to their IT infrastructure. In many instances, offices outsource management of their systems to contracting agencies, which contributes to the problem.

Additionally, congressional offices and political parties were targets long before the industry took notice. Party staff are juicy targets for social engineering, phishing, and other forms of targeted attacks from APT groups. Stealing the data they’re holding can be a windfall for political adversaries

DOD Looks to the Cloud for Browser Security

The US Department of Defense just published its cloud browser strategy. What's yours?

*

On June 5, 2018, the Defense Information Systems Agency released an unclassified request for information (RFI) outlining its intent to procure a cloud browser for 3.1 million Department of Defense (DOD) employees.

The operators of the most-targeted network in the world have concluded that they'd be more secure and efficient if they kept all public web code off the department's network.

This is significant for the entire cybersecurity market, not just the DOD. With this RFI, an arguably niche, disruptive security solution becomes mainstream. Cloud browsers are now something any organization concerned with online security must consider.

DOD personnel use the web for mission-related activities, support and logistics functions, and morale and well-being. With more than 4 million users worldwide, and with many people operating out of sensitive government facilities, the DOD is also a compelling target for cyberattack. The volume of attacks the department must deal with

Navy NGEN-R: New Network, Usual Suspects

Later this year, the United States Navy intends to award a contract to upgrade their unclassified network, the Navy Marine Corp Intranet (NMCI).

The new contract, Next Generation Enterprise Network Re-compete (NGEN-R) is a multiple award contract that will absorb global networking efforts into a single vehicle that the Navy will administer. Will the Navy get the network needed to “win” in the cyber-battlespace of the future?

*

While the Navy Program Executive Office for Enterprise Information Systems (PEO EIS) has certainly “leaned forward” in its outreach to industry, it hasn’t yet moved full steam ahead into a total embrace of innovation.

By hosting traditional “Industry Days” and other familiar industry outreach initiatives, PEO EIS has ensured that Federal System Integrators (FSIs), who consistently over promise and under deliver on such large programs, will have significant influence over this procurement.

By allowing the FSIs to influence the scope of work, the Navy has ensured it won’t receive the next-gen network needed