The 2024 Thales Data Threat Report highlights the unique security challenges faced by U.S. Federal agencies. This report reveals new cybersecurity strategies as well as key differences between federal and global survey responses, providing valuable insights to stay ahead in the evolving security landscape. Key Findings40% of USFED agencies and organizations report having experienced a ransomware attack47% of agencies reported breaches in 2021,...

Stateful hash-based signature (HBS) schemes are digital signature schemes believed to be resistant to the threat posed by a cryptographically relevant quantum computer. NSA’s CNSA 2.0 encourages vendors to adopt stateful HBS schemes as defined in SP 800-208 immediately for all software and firmware code signing, with a requirement to support them by 2025. SP 800-208 requires that all stateful HBS key generation and signature algorithms b...

Registration for this event is now closed. Save the date for Cipher Summit 2024! Attendees will hear from their peers, industry pundits, and technology experts about the current federal cybersecurity landscape and learn about the solutions needed to help solve the most pressing security issues. This event will feature sessions on topics including the future of cybersecurity, cloud security, and securing AI. Cipher Summit serves as Thales TCT'...

Save the date for Cipher Summit 2023! Attendees will hear from their peers, industry pundits, and technology experts about the current federal cybersecurity landscape and learn about the solutions needed to help solve the most pressing security issues. This event will feature sessions on topics including: The Future of Network Security Cloud Security Best Practices Quantum Resistant Security Data Protection at the Edge Cipher Summit serves as...

Organizations create data at unprecedented rates, all the time, in various locations including local storage, data lakes, and increasingly in public clouds. To protect data and comply with data protection and privacy requirements, you need visibility into the data you are collecting and storing to determine what data is sensitive and what is not.With complete visibility, you can easily uncover and close your gaps, make better decisions about t...

Certificate-based, multi-factor authentication is a mainstay security technique used by the U.S. Federal Government to ensure the identities of entities within a Public Key Infrastructure (PKI). Two primary components of multi-factor authentication are "what you have"--such as a securely stored private key--and "what you know", a password to unlock access to the securely-stored credentials. For human users, multi-factor authentication is easil...

How FedEX, UPS & DHL Customers were Tricked by an Advanced Phishing Campaign File-borne attacks are on the rise, and 80% of successful breaches are new, unknown, or zero-day attacks that are not recognized by traditional signature-based detection solutions, such as antivirus. An example of this is an April 2020 attack that delivered Dridex ransomware to FedEx, UPS, and DHL customers. Sophisticated phishing emails--cleverly disguised to app...

Protecting your Intellectual Property and Online Transactions Certificate-based, multi-factor authentication is a mainstay security technique used by the U.S. Federal Government to secure access to agency networks, protect the identities of users, and ensure that a user is who they claim to be. Evolving needs around cloud applications and mobile devices, combined with rising threats, and the need to reduce costs, require entirely new considera...

We are at digital war and data is the target. No organization is immune from data security threats and the US Federal government is no exception. More than half of federal data is now stored in the cloud, and a significant portion is sensitive. Yet, despite this exposure, in the 2020 Thales Data Threat Report 99% of federal government respondents say at least some of their sensitive data in the cloud is not encrypted. IT security departments m...

Historically, organizations have taken a perimeter based approach to cyber security, with the belief that a strong perimeter protected the IT infrastructure behind it. But, as agencies modernize legacy systems and move apps, systems and workloads to the cloud – and more employees, contractors and citizens connect remotely and from multiple devices – something is happening across federal networks; the perimeter is dissolving. Data i...