Biometric Authentication Biometric authentication is a security process that relies on unique biological characteristics of individuals to verify their identity. Biometric authentication systems compare physical or behavioral traits to those that are stored in their database. An authentication is confirmed when both samples match. Biometric authentication is often used to manage access to physical and digital […]
Help Desk/Service Desk What is a help desk? It may seem like the obvious answer is that a help desk is there to resolve technical issues. Of course, this is true, but there is actually a broad scope of services that help desks can support beyond the obvious troubleshooting of crashes and blue screens of death. The primary objective […]
Cybersecurity training: Need “…a red-hot poker to open up my eyes, it’s so boring” Reeves et al.1 authored an illuminating review of cybersecurity training and how it’s going these days. Spoiler alert: not great! While a large number of cybersecurity officers assert that employee education and training is their highest priority and have invested in security […]
Mobile First Website Design
Over the last several years, Google has been working towards the advancement of mobile-first indexing1. Mobile-first indexing means that Google primarily uses the mobile version of a webpage for ranking and indexing purposes. If your website has separate mobile and desktop URLs, Google will display the mobile URL to mobile users, and the desktop URL to desktop users, […]
By the end of 2022, federal agencies must comply with a 2019 directive1 from the National Archives and Records Administration (NARA) and the Office of Management and Budget (OMB) to transition to electronic records. The directive states that the following must happen by December 31, 2022: Federal agencies will manage all permanent records in an electronic format […]
Why should Local Government Outsource IT? The complexity of planning and maintaining technology is a consistent challenge to local governments, as the threats to cybersecurity are ever-increasing but the resources of local governments are, generally, not. While local government workers may well be doing their best, their effort is often insufficient to assess and address […]
Business Email Compromise
What is Business Email Compromise? The Cybersecurity and Infrastructure Security Agency (CISA) explains a social engineering attack as an incident where “…an attacker uses human interaction (social skills) to obtain or compromise information about an organization or its computer systems.”1 An attacker may seem innocuous or even charming, and may claim to be a new hire, a […]
Avoid SQL Injection Attacks
How do we avoid SQL Injection Attacks? Structured Query Language (SQL) is a language designed to manipulate and manage data in a database. A SQL injection (SQLi) attack is a common type of cybersecurity attack that targets databases using specifically crafted SQL statements to create interferences with queries that an application makes to its database. A SQLi attack […]
.gov Domain Name Trust and Security In April 2021, the General Services Administration (GSA) transferred oversight of the .gov top-level domain (TLD) to the Cybersecurity and Infrastructure Security Agency (CISA). This transfer came with a mandate to enhance security for the domain, which is considered to be critical infrastructure. Eric Goldstein1, Executive Assistant Director for CISA’s Cybersecurity Division […]
Is Your Organization Cyber Resilient?
Cyber resilience is defined as the ability of an organization to continue to function, even in a degraded manner, after components of the organization have been disrupted due to information system failures that randomly occur or are consequences of a cyberattack. 1 We often think of the quality of “resilience” as a feature of one’s […]