Tag Archives: cybersecurity

Your Privacy and the iPhone–What You Need to Know

Posted on by

Cybersecurity practices, privacy policies, intelligence community best practices are all hot event topics on GovEvents.com. These topics are also garnering intense media focus with the ongoing battle between the Justice Department and Apple to provide access to data on the phone of the main suspect in the mass shooting in San Bernardino, CA. While the back and forth between the FBI and Apple has been well documented in the media, it is a complex issue in terms of what it really means for us as citizens and government professionals.[Tweet "Your Privacy and the iPhone -- what it really means for us. #GovEventsBlog"]

The background: Following the San Bernardino shooting, the FBI realized there may be critical evidence on the shooter's iPhone, which they have been unable to access.  The FBI hopes this information will shine a light on the motivation and any terrorist ties.

The reason the FBI cannot get into the phone without Apple's help comes down to one setting that anyone can turn on or off in seconds. Within Settings, users enter their passcode to lock the phone. Once that's done, a screen appears with the option to "Erase Data. Erase all data on this iPhone after 10 failed passcode attempts."  This makes traditional hacking attempts useless. However, the shooter had an older version iPhone and iOS, which, according to the FBI, means Apple has the ability to override this erase feature and access this phone. Newer phones, and those that have updated iOS, would not be accessible as this 'loophole' was eliminated as part of a 2014 operating system update. Continue reading

2016 Federal Event Market

Posted on by

Since we did fairly well on our predictions last year, we decided to drag the crystal ball out of storage and take a look at what we think the federal event market will look like in 2016.

  • More creativity in events - with budgets loosening up for travel and training and event attendance rising, the stress level of the federal event industry is going down. Between adapting to the new normal of longer approval cycles and knowing that events are again on the "need to have" list for federal professionals, event planners can once again turn their attention to innovation. From better integration of social channels, to creative ways to present information, we expect to see some changes to business as usual for federal events.
  • Cybersecurity remains hot - The OPM breach drove home how vulnerable federal systems are to today's threat landscape. With the completion of the Cyber Sprint, agencies have cleaned up their basic security hygiene and now are focused on implanting the policies that came out of the government-wide security exercise. Look for cyber events to be more tactical and less theoretical in nature to support the action-oriented plans of federal IT teams.
  • Video - while MTV may not be showing videos anymore, federal events will be utilizing this medium more and more. With video becoming affordable and easier to produce and stream, even with just a smartphone, federal meeting planners will take advantage of the medium to draw more eyes to their content and expand the life of the information presented at shows. Bandwidth concerns being a thing of the past and the creation of cloud-based, user-friendly video apps makes video a viable option for training.
  • Physical security - as much as we hate to think about it, in the past year we've seen lone gunmen and terrorists target large gatherings. In 2016, we expect to see event planners take a number of additional security steps including taking a closer look at attendee lists, more detailed emergency communication plans, use of metal detectors and security screenings, and more overt reminders of emergency exits, etc., for audiences in large venues.

We'd love to hear your feedback on our predictions and feel free to add yours in the comments. Here's to an exciting 2016!

2015 Predictions: Reality Check

Posted on by

Last December, we pulled out our crystal ball and called out a couple trends we thought would make a big impact in 2015. Now it's time to take a look back and see how well our predictions fared.[Tweet "A look back at how well our 2015 event predictions fared. #GovEventsBlog"]

  • Virtual events - We predicted that virtual events would grow due to the tight budgets for travel and training. While webinars continued to be popular mediums for delivering training and some events looked into hybrid formats, there was not a huge jump in virtual events, but they held steady. In fact, we saw in-person attendance increase this year. Prediction Grade: C+
  • Smaller Events - This prediction looked at the trend of having more localized/specialized smaller events as opposed to (or in addition to) large conferences. Of all the events posted on our site last year, one quarter would be considered small. While the large, traditional conferences are seeing an uptick in attendance and interest, there is still a huge market for small, targeted events. Grade: B
  • Big Data - We thought 2015 would be the year of Big Data-focused events, but with a number of high profile data breaches in government, cybersecurity remained the top priority.[Tweet "We thought 2015 would be the year of Big Data-focused events. #GovEventsBlog"] However, within those cyber events there was a lot of discussion about how Big Data can be used to prevent and detect breaches. Big Data events were strong in terms of number of events and its #3 rank in top search terms on the GovEvents site behind "cybersecurity" and "job fair". Grade: B
  • Attracting Millennials - We have seen changes in the federal meeting space that are both keeping up with the times and meeting the needs of Millennials. From more active social media presence to photo backdrops to promote event selfie sharing to changing up traditional agendas, we see events looking for ways to differentiate themselves to draw audiences of all ages. Grade: C+

[Tweet "Our 2015 government event predictions faired pretty well. #GovEventsBlog"]Our 2015 government event predictions faired pretty well. In a future post we'll lay out our thoughts for what 2016 may look like for federal events.

The Case of the Disappearing Links

Posted on by

While we were at the AUSA Annual Meeting & Exposition a couple of weeks ago, we heard from a number of attendees that they have had trouble accessing information from emails because of a change in policy at DoD. New email security measures within DoD and throughout the federal agencies are taking live links out of emails (stripping links) and, in some cases, removing characters from the URLs. This means even if you copy and paste the web address it may not work if there are missing characters.[Tweet "New email policies at DoD/federal agencies are removing links/URLs from messages. #GovEventsBlog"]

The motivation behind this is likely to thwart foreign hacking attempts and phishing schemes where hackers will send an email that looks like it is from an official/legitimate source but contains links that, when clicked, take users to sites with malicious code.  We've written here before about the need to educate all employees, not just those in IT, as to their role in cyber security. Simply removing access to links does little to educate people about their role in protecting government data and systems.

While we applaud the effort to step up security, the practice of link stripping is concerning for all involved. Federal employees shared their frustrations with their inability to navigate to information they need to stay informed, be it a news article, registration for a training opportunity, or to download a whitepaper.[Tweet "Federal employees shared their frustrations with this new practice of link stripping. #GovEventsBlog"]

We encourage our members to communicate concerns to their IT departments and we'll do our part in talking to IT managers as well. But as we all know, policy, once enacted, is hard to change. So how do we work around this new reality? A couple ideas:

  • Make key events or news visible and accessible from your home page. If you are trying to drive people to a specific link, "advertise" it on your homepage. Email recipients may not be able to get to the exact page, but they should be able to find your home page and get to the info contained in an email message.
  • Look for other venues to drive people to links. If your audience cannot access links to your content at work, see how you can drive them via more "personal" channels. Look into Facebook ad campaigns or upping the number of posts you put on Twitter and/or LinkedIn.
  • Think about plain text. Everything old may be new again. While it may not be as pretty, plain text emails may help get better conversion rates. You can also try a mix of HTML, where in addition to the embedded links, you also list the URLs within the message.

We'd love to hear your feedback. For our government users, have you found a work around to stripped links? Let us know in the comments.

Top Events for Cybersecurity Month

Posted on by

October is Cybersecurity Month and many organizations have taken the call to use these 31 days to educate and collaborate on solutions for a more secure cyber world. With over 70 cybersecurity events posted for the month of October on GovEvents, we wanted to highlight some of our picks for must attend events this month.[Tweet "Check out the top #government focused events for #Cybersecurity month #GovEventsBlog"]

  • October 7: Creating a Culture of Cybersecurity at Work (webinar) - The National Association of Counties will hold a series of webinars throughout the month with this one focusing on how organizations can enhance their security practices with widely available training and educational resources.
  • October 13: Closing the Desktop Security Vulnerability (webinar) - The combination of connectivity and skill can increase the risk of malicious intrusion at the desktop. This event, featuring the director of the National Information Assurance Partnership (NIAP), will talk through NIAP's new requirements as well as the new Peripheral Sharing Switch Protection Profile (PSS PP 3.0).

Continue reading