Authentic8 Blog Category: Federal

Why You Should Be Fed Up With the Cycle of FUD

Illustration: Why You Should Be Fed Up With the Cycle of FUD - Authentic8 Blog

The upcoming election has created the perfect opportunity for the $100 billion cybersecurity industry to throw some fear, uncertainty and doubt — colloquially known as “FUD” — into the daily conversation.

Vendors see this as an opportunity to double down on their marketing to help congressional offices “defend democracy.” But they’re selling the same solutions that got these offices in trouble in the first place. Isn’t it time to try a different approach?

It’s important to understand that unlike other branches of government, each congressional office is responsible for their own security when it comes to their IT infrastructure. In many instances, offices outsource management of their systems to contracting agencies, which contributes to the problem.

Additionally, congressional offices and political parties were targets long before the industry took notice. Party staff are juicy targets for social engineering, phishing, and other forms of targeted attacks from APT groups. Stealing the data they’re holding can be a windfall for political adversaries

DOD Looks to the Cloud for Browser Security

Illustration: DOD Looks to the Cloud for Browser Security - Authentic8 Blog

The US Department of Defense just published its cloud browser strategy. What's yours?

*

On June 5, 2018, the Defense Information Systems Agency released an unclassified request for information (RFI) outlining its intent to procure a cloud browser for 3.1 million Department of Defense (DOD) employees.

The operators of the most-targeted network in the world have concluded that they'd be more secure and efficient if they kept all public web code off the department's network.

This is significant for the entire cybersecurity market, not just the DOD. With this RFI, an arguably niche, disruptive security solution becomes mainstream. Cloud browsers are now something any organization concerned with online security must consider.

DOD personnel use the web for mission-related activities, support and logistics functions, and morale and well-being. With more than 4 million users worldwide, and with many people operating out of sensitive government facilities, the DOD is also a compelling target for cyberattack. The volume of attacks the department must deal with

Navy NGEN-R: New Network, Usual Suspects

Illustration: Navy NGEN-R: New Network, Usual Suspects - Authentic8 Blog

Later this year, the United States Navy intends to award a contract to upgrade their unclassified network, the Navy Marine Corp Intranet (NMCI).

The new contract, Next Generation Enterprise Network Re-compete (NGEN-R) is a multiple award contract that will absorb global networking efforts into a single vehicle that the Navy will administer. Will the Navy get the network needed to “win” in the cyber-battlespace of the future?

*

While the Navy Program Executive Office for Enterprise Information Systems (PEO EIS) has certainly “leaned forward” in its outreach to industry, it hasn’t yet moved full steam ahead into a total embrace of innovation.

By hosting traditional “Industry Days” and other familiar industry outreach initiatives, PEO EIS has ensured that Federal System Integrators (FSIs), who consistently over promise and under deliver on such large programs, will have significant influence over this procurement.

By allowing the FSIs to influence the scope of work, the Navy has ensured it won’t receive the next-gen network needed