Mediaboss Marketing

Court hearings into the EncroChat encrypted phone network compromised by French police have been delayed after lawyers requested prosecutors to disclose further evidence on law enforcements capabilities to decrypt communications.

The National Crime Agency (NCA) has made more than 1,550 arrests under Operation Venetic after the French Gendarmerie harvested millions of supposedly secure messages from the EncroChat cryptophone network, which police say was used by criminal groups.

Defence lawyers have argued that the disclosure of evidence has been made more difficult because disclosure officers do not understand the technical detail in documents relating to police hacking of the EncroChat encrypted phone network.

The courts are preparing to hear up to a dozen preparatory hearings that will decide on the lawfulness, admissibility and reliability of material retrieved from the EncroChat network the decisions in which will be binding on future prosecutions.

The NCA has not disclosed details of how many people have been charged under Operation Ventetic, the UKs response to the takedown of EncroChat, but it is understood that around 450 defendants are contesting their prosecutions across the UK.

Jonathan Kinnear QC is overseeing the national strategy for all 250 prosecution cases in the UK including dealing with legal challenges to the admissibility of EncroChat evidence for the Crown Prosecutions Organised Crime Division.

Speaking at a preparatory hearing, he said prosecution lawyers were working to process requests for discovery from defence lawyers.

He told a court that defence lawyers had submitted documents from public websites, some of which were marked top secret or top secret strap one in evidence.

We have been working on a response to defence disclosure requests and re-reviewing the disclosure position over the course of last week and this weekend, he said.

Given the complexity of the issues, including the technical nature of them and the sheer volume of the material involved, we have not yet completed that review. These are important issues that have an impact not just on this case, but on a significant number of other cases.

Defence lawyers raised new questions about the capabilities of law enforcement to decrypt live communications after Belgian and Dutch police announced they had infiltrated a second secure cryptophone network, Sky ECC.

Belgian and Dutch police disclosed during a press conference on 10 March 2021 that they had intercepted more than one billion encrypted messages from the Sky Cryptophone network, and had decrypted half of them.

Defence lawyers have raised questions over whether the joint operation between the UK, France and Holland had the ability to decrypt messages from EncroChat. If true, they argue, that would undermine facts presented in earlier court hearings.

If it turns out there have been investigations with the NCA or other British agencies, and that involves decryption of messages whilst in transmission, this is clearly disclosable and goes to the heart of the case, one defence lawyer told a judge the day after the announcement.

Experts are divided over how the French Gendarmerie obtained the decrypted messages, notes and photographs from the EncroChat network.

Classified documents leaked by former CIA whistleblower Edward Snowden show that the US and the UK have invested heavily in highly sensitive programmes to break the encryption of online communications.

The NSA and GCHQ developed capabilities to break the encryption web mail, encrypted chat, encrypted voice over IP (VoIP), virtual private networks (VPNs) and the encryption used by 4G mobile phone services.

Snowden documents reveal that theNSAs mission was to weaken encryption technologies by influencing encryption standards, forming partnerships with telecommunications companies and inserting vulnerabilities into commercial encryption systems.

Both EncroChat and Sky ECC phones use a form of encryption known as elliptical curve cryptography (ECC), which is suited to mobile applications as it offers small faster and more secure cryptographic keys than other forms of encryption.

Secure encryption relies on the ability of software to generate secret prime numbers randomly, often using pseudo-random number generators, to calculate encryption keys which are difficult for intelligence agencies to predict.

Internal NSA memos reported byThe New York Times suggest that the NSA had compromised at least one random number generator, called the Dual EC ERBG, which was adopted by the US National Institute of Standards and Technology and the International Standard Organisation.

Security company RSA, which used Dual EC ERBG by default in some of its security products, subsequently advised its customers to switch to alternative pseudo-random number generators.

A judgment by the Court of Appeal on 5 February 2021, however, found that French police had been able to use a software implant to access messages from phone handsets before they had been encrypted. They were automatically forwarded to a server set up by the French digital crime unit, C3N.

Defence lawyers said in a preliminary hearing that they suspected that disclosure officers do not understand a lot of the technical details in documents related to Operation Venetic.

There is far more likely to be a reliable disclosure exercise if there is an expert assisting a disclosure officer or even an expert appointed as a disclosure officer who can understand the significance of the material, one lawyer said.

The lawyer said the defence team had requested prosecution disclosure in November last year, but that it was making further reactive requests for disclosure following the takedown of Sky ECC in Belgium.

French investigators broke the supposedly secure EncroChat encrypted mobile phone network, used by 50,000 people worldwide, including 9,000 in the UK, in April 2020, after gaining access to the EncroChat servers discovered in a datacentre run by OVH in Roubaix.

Investigators installed software implants on tens of thousands of mobile phone handsets which, according to the court of appeal, retrieved supposedly secure messages, photographs and notes from the phones before they were encrypted.

The French have refused to disclose any details to the courts in the UK and European countries bringing prosecutions against EncroChat users about how the implants work, citing national defence reasons.

Further hearings have been put back to late April or early May.

Read this article:
EncroChat hearings delayed as lawyers seek disclosure on police hacking - ComputerWeekly.com

In 2013, Edward Snowden revealed the NSA collects personal data on every American, as well as many more people worldwide. The shockwave of the revelations still ripples today.

The NSA is the U.S. National Security Agency. Although it ostensibly works to protect U.S. citizens and interests, the NSA monitors every American and the people of many allied countriesall with the backing of the U.S. government and large portions of Congress.

But its not only the NSA spying on its own people. Its counterparts at the CIA (Central Intelligence Agency) are also spying on and hacking targets of interest.

Here are eight ways the NSA is still spying on you, right now, according to documents leaked by Edward Snowden and further investigation by the press.

In 2018, the NSA acquired data from over 600 million phone calls and text messages. It proceeded to delete many of them, citing technical irregularities but didnt specify how many were expunged from servers. The USA FREEDOM Act, passed in 2015, puts the onus on telecommunication providers to hold on to phone records, after which they can be requested by the NSA rather than the spy agency keeping tabs on them directly.

This has meant that the overall extent of phone records collected by the NSA has gone downbut its hard to take their word at face value. After all, it wouldnt be the first time that the NSA has straight up lied about its surveillance policies.

Facebook, Google, Apple, and six other leading online services have all gone on record as having given their customers data to the NSA, as legally required by the PRISM program. Data shared includes emails, messages, and documents.

When the NSA finds a security hole in a popular consumer device, it does not fix the security hole, but instead exploits it. The NSAs hacking unit, Tailored Access Operations, has developed a whole range of hacking exploits. These enable the NSA to break into consumer electronics devices and IT systems as it sees fit.

The NSA has made the job of hacking security devices easier for itself by coercing many manufacturers to build vulnerabilities into products. The NSA supposedly created new guidelines surrounding this practice after the Snowden revelations but refuses to say what those guidelines are.

If that isnt enough, the NSA is known to intercept shipments of computers and phones to put backdoors on them. The backdoor circumvents security measures of the device, allowing the NSA to spy on the end user.

When you move around town, cell phone towers can calculate your exact position. Though the NSA claims it no longer collects this bulk data itself, cell phone providers are still required to do so, and they, in turn, must surrender those records to the NSA when ordered by a court.

By far the worst aspect of this unwieldy power is that you dont even have to be the subject of an inquiry yourself. The data of millions can be handed over, without notice, because you had even the most tangential connection to a person under surveillance.

The internet connects different continents via undersea fiber optic cables that carry staggering amounts of data. In some places, the NSA has deals with local intelligence agencies to tap into these cables; in others, it does so on its own. The NSA even uses submarines to attach snooping bugs to wires deep beneath in the ocean.

In Brazil, Germany, and other countries, the NSA has broken into the internal networks of major telecommunications providers, intercepting the data they gather and weakening the security of their systems. It collects every email and phone call it can.

Through agreements and hacking, the NSA can access credit card networks, payment gateways, and wire-transfer facilities around the world. This monetary surveillance allows the NSA to follow every cent of your money and know where it comes from and what you spend it on.

Another revelation in the Snowden documents was that the NSA asks senior officials in the White House, State Department, and Pentagon to share personal information they have on foreign leaders.

The leaked memo revealed that over 200 confidential phone numbers were handed over to the NSA, which proceeded to tap their conversations. The NSA didnt spare countries friendly to the U.S. either, with German leader Angela Merkel also one of the ones targeted.

Cookies, or small packets of data that relay location history and used to serve you with targeted ads, have also been collected by the NSA. The spy agency has honed in on them to identify users around the world as prime hacking targets.

While NSA surveillance extends across the globe, there is still a lot you can do to safeguard your internet privacy. Check out this list of top privacy tips and always be conscious of what youre sharing, with whom youre sharing, and how you share it.

Johnny 5 is the founding editor of the blog and writes about pressing technology issues. From important cat privacy stories to governments and corporations that overstep their boundaries, Johnny covers it all.

Clap for this post. Or share your thoughts!

Read more:
10 Ways the NSA Is Spying on You Right Now | ExpressVPN Blog

DateLocationTournament NameDirectorMar 20-21HanfordSt. Patty's Day CloverfestStan HansenMar 27-28Sparks, NVNSA's Nevada KickoffStan HansenMar 27-28HanfordHanford No FoolinStan HansenApr 3MercedCenCal Easter 1-Day Sanctioned FriendlyStan HansenApr 10-11FresnoFresno Softball FrenzyStan HansenApr 17-18Las Vegas, NVLas Vegas Spring MayhemStan HansenApr 17-18TulareYoung at Heart TournamentStan HansenApr 17-18MantecaManteca's Spring Flowers-CANCELLEDStan HansenApr 24-25TurlockTurlock Spring ClassicStan HansenApr 24-25BakersfieldBakersfield Fastpitch FeverStan HansenMay 1-2SalinasThe Return to SalinasStan HansenMay 1-2FresnoFresno May MayhemStan HansenMay 1-2MantecaThe Manteca 12 ClassicStan HansenMay 8-9Albany, ORMother's Day in OregonStan HansenMay 8-9ClovisClovis Mother's Day ClassicStan HansenMay 15-16Yuba CitySchool's Out in Yuba CityStan HansenMay 15-16LancasterThe Battle for LancasterStan HansenMay 15-16MercedNSA's 10 Classic [Dudley Sports Scholarship Event]Stan HansenMay 15-16TurlockForget School FinalsStan HansenMay 22-23TulareTulare Summer RoundupStan HansenMay 22-23San DiegoSan Diego's Beach BattleStan HansenMay 29-30HanfordOut of School BlowoutStan HansenMay 29-30TorranceSoCal Memorial Day TournamentStan HansenMay 29-30Elk GroveElk Grove's Summer KickoffStan HansenMay 29-30SonoraMemorial ClassicLani ConklinJun 5-6LodiNSA League All-Star TournamentStan HansenJun 5-6Bend, ORBend's Summer ClashStan HansenJun 5-6Kingman, AZThe Kingman Heat WaveStan HansenJun 5-6ModestoZoom into JuneStan HansenJun 5-6ClovisClovis Blazin' BasesStan HansenJun 5-6CarmichaelSchool's OutStan HansenJun 11-13Mesquite, NVMesquite's Friday Night Lights (Night Play)Stan HansenJun 12-13Sparks, NVNevada Summer ShootoutStan HansenJun 12-13PalmdalePalmdale SlugfestStan HansenJun 12-13Albany, ORAlbany's Sliding into SummerStan HansenJun 12-13MercedMerced Fastpitch ChallengeStan HansenJun 12-13Pismo BeachRide the WaveLynn StuartJun 19-20Pendleton, ORTri-State Father's Day ChallengeStan HansenJun 19-20BakersfieldSweat it out in BakersfieldStan HansenJun 19-20TurlockFather's Day ClassicStan HansenJun 26-27PalmdaleNSA Southern California State ChampionshipStan HansenJun 26-27TracyTouch 'Em All in TracyStan HansenJun 26-27BarstowBarstow's Summer HeatwaveStan HansenJun 26-27ReddingNorCal State Warm-UpStan HansenJul 2-4ModestoNSA Northern California State ChampionshipStan HansenJul 3-4Arroyo GrandeFire CrackerLynn StuartJul 10-11FresnoGet Ready for SummerStan HansenJul 10-11SonoraMountain BlastLani ConklinJul 10-11Albany, ORThe Mid-Summer ClassicStan HansenJul 17-19Las Vegas, NVLas Vegas Midnight Madness (Night Play)Stan HansenJul 17-18MercedNSA's 16/18 ClassicStan HansenJul 17-18Elk GroveNorCal World Series WarmupStan HansenJul 17-18HanfordCenCal World Series WarmupStan HansenJul 17-18LancasterSoCal World Series WarmupStan HansenJul 17-18Arroyo GrandeSummer BashLynn StuartJul 24-25StocktonStockton Summer SlamStan HansenJul 24-25FresnoThe Fresno InvitationalStan HansenJul 24-25San DiegoSan Diego's World Series Warm-upStan HansenJul 28-Aug 1ClovisPacific Coast Western World SeriesStan HansenJul 31-Aug 1ModestoBack to SchoolStan HansenAug 7-8Albany, ORThe Albany Back to School ClassicStan HansenAug 7-8Santa Maria"Catch the Spirit" in Santa MariaStan HansenAug 7-8TurlockWounded WarriorsStan HansenAug 7-9ReddingHot Summer Nights (Night Play)Stan HansenAug 13-15Mesquite, NVMesquite's Night Owl (Night Play)Stan HansenAug 14-15ClovisHot Summer DaysStan HansenAug 14-15Elk GroveElk Grove's 14 ClassicStan HansenAug 14-15SacramentoNSA's Return to SacramentoStan HansenAug 21-22SalinasSalinas Summer SizzleStan HansenAug 21-22BakersfieldKalie Boyer Memorial TournamentStan HansenApr 21-22MantecaDog Days of SummerStan HansenAug 27-29St George, UTUtah's Fight Night (Night Play)Stan HansenAug 28-29HanfordSoftball QuestStan HansenAug 28-29StocktonBattle of the BatsStan HansenAug 28-29Arroyo GrandeFall ShowdownLynn StuartSep 4-5TorranceSoCal Labor Day BrawlStan HansenSep 4-5ModestoRainbow Labor DayStan HansenSep 4-5MaderaSwing into SeptemberStan HansenSep 4-5Paso RoblesLabor Day ClassicLynn StuartSep 11-12Yuba CityThe Duel in Yuba CityStan HansenSep 11-12Las Vegas, NVSwing for the Fences in VegasStan HansenSep 11-12LancasterSliding out of SummerStan HansenSep 11-12TurlockEnd of SummerStan HansenSep 11-12Klamath Falls, ORWelcome to Klamath FallsStan HansenSep 18-19TulareTulare Fall ShowdownStan HansenSep 18-19San DiegoThe Seaside SlugfestStan HansenSep 18-19CarmichaelBack to SchoolStan HansenSep 25-26Albany, ORNSA Oregon's State ChampionshipStan HansenSep 25-26BakersfieldPretty in PinkStan HansenSep 25-26MercedNSA's 14 ClassicStan HansenSep 25-26Elk GroveNSA's NorCal Scholarship TournamentStan HansenOct 2-3TracyFor the Love of SoftballStan HansenOct 2-3HanfordPlay for the PrideStan HansenOct 2-3BarstowNo Pain No Gain in BarstowStan HansenOct 9-10Albany, ORNSA Oregon's Cancer Awareness TournamentStan HansenOct 9-10LancasterNever Give Up Cancer Awareness TournamentStan HansenOct 9-10Modesto"Think Pink" Cancer Awareness TounrnamentStan HansenOct 9-10Santa MariaPink-BallLynn StuartOct 16-17Yuba CityThe Yuba City RumbleStan HansenOct 16-17FresnoFight for the CureStan HansenOct 16-17TustinSupport the Fight in TustinStan HansenOct 23-24Hanford/TulareGhost and GoblinsStan HansenOct 23-24Modesto/TurlockNSA's Zombie BashStan HansenOct 23-24San DiegoHalloween HavocStan HansenOct 23-24Kingman, AZArizona Halloween Witch HuntStan HansenOct 30-31BarstowBarstow's Halloween HauntStan HansenOct 30-31Medford, ORMedford's Monster MashStan HansenOct 30-31ClovisNSA Team AppreciationStan HansenNov 6-7ModestoNSA Fall West PacStan HansenNov 6-7Paso RoblesWinter StormLynn StuartNov 13-14BakersfieldLast Chance TournamentStan HansenNov 13-14ReddingNorCal Fall ClassicStan HansenNov 13-14TurlockTurlock Winter BlastStan HansenNov 20-21ModestoModesto Turkey TrotStan HansenNov 20-21SalinasGet Ready for ThanksgivingStan HansenNov 20-21FresnoThe Fresno PilgrimfestStan HansenNov 20-21Las Vegas, NVNevada NSA's Toys for TotsStan HansenNov 27-28ClovisClovis Holiday SpecialStan HansenNov 27-28StocktonStockton's Winter ClassicStan HansenDec 4MercedReindeer Games Canned Food DriveStan HansenDec 4-5Yuba CityYuba City's Toys 4 TotsStan HansenDec 4-5San DiegoSanta's in San DiegoStan HansenDec 11-12HanfordHanford's Toys 4 TotsStan HansenDec 18-19ClovisLast Call in ClovisStan Hansen

See the rest here:
NSA California

/ Published March 24, 2021

NSA released today the first video of its new Cybersecurity Collaboration Center speaker series. In these talks, NSA experts will share insights, lessons, and contributions of their cybersecurity work. The Center works with government and industry partners to protect U.S. National Security Systems, the Department of Defense (DoD) and the Defense Industrial Base (DIB).

In this first video, the Deputy Chief Operations Officer for NSAs Cybersecurity Collaboration Center, United States Navy Lieutenant Zachary Dannelly sat down with Dr. Josiah Dykstra, Cybersecurity Collaboration Center technical fellow, to talk about his experiences in the past year co-piloting Protective Domain Name System (PDNS) as a service with the Department of Defense Data Crime Center (DC3) and partners from the Defense Industrial Base. Additionally, Dannelly spoke about the motivation for the pilot, lessons learned, and insights for those who may adopt this technology in the future.

The PDNS Pilot examined over 4 billion DNS queries to and from participating networks, flagged more than 3,500 malicious domains, and blocked more than 13 million suspicious connections. By leveraging information created by PDNS logs, Lt. Dannelly and his team were able to locate and eliminate malware in both company networks and employee devices. While there are many layers to cybersecurity, PDNS has proven through this pilot to be a low cost and scalable solution network defenders can add to their toolboxes.

The cybersecurity collaboration center augments and amplifies NSAs ability to prevent and eradicate threats to NSS, DoD, and the DIB through our industry partnerships. The center combines partner insights with NSA intelligence to detect adversary activity, creates innovative new tradecraft to discover and track adversaries, and mitigates threats through the development and sharing of mitigation guidance to inform the NSS, DoD, and the DIBs ability to prevent and eradicate threats.

View the video on our Youtube channel and learn more about PDNS in NSAs recent release, Selecting a Protective DNS Service.

See the rest here:
NSA Cybersecurity Collaboration Center Releases First Speaker Series Video on Protective D - 62nd Airlift Wing

The recent SolarWinds Senate hearing and a flurry of subsequent briefings have unearthed new questions around the attack, which acting director of the U.S. Cybersecurity and Infrastructure Agency (CISA) Brandon Wales called the most complex and challenging hacking incident the agency has come up against.As impacted agencies and private enterprises work to pick up the pieces, theres debate over the best ways to tackle systemic weaknesses and improve cyber intelligence sharing across the board. But one thing everyone can agree on is that traditional security approaches which have failed to change with the digital times are in dire need of an overhaul.

The SolarWinds breach, along with nearly every major cyber attack today, involved the compromise of identity and subsequent manipulation of privileged access. While presenting forensic analysis of the attack at NISTs most recent Information Security and Privacy Advisory Board meeting, CISA technical strategist Jay Gazlay put it bluntly: Identity is everything now.

While Gazlay acknowledged that very few could pull off such a highly sophisticated digital supply chain attack without being detected, his message was clear: traditional, perimeter-centric security wont cut it. We can talk about our network defenses. We can talk about the importance of firewalls and network segmentation. But really, identity has become the boundary, and we need to start readdressing our infrastructures in that matter, he said, according to Federal News Networks report on the briefing.

Of course, SolarWinds is far from the first major attack to prompt action. But Gazlay warned that attackers are constantly innovating, and that protections many agencies put in place after the 2015 Office of Personnel Management breach are likely inadequate today since so many resources have shifted to the cloud.

Theyre going after the identities that give them access to all the data holdings much broader campaigns, he said, according to Federal News Network. That makes trust store and identity management compromises much more impactful, and frankly, a much higher target. As we move into a cloud infrastructure where all that matters is the expectation that you are who you say you are, to get access to cloud infrastructures, this becomes even more pernicious.

This focus on identity is accelerating the shift toward Zero Trust, a never trust, always verify approach that includes authenticating and authorizing every identity human or non-human before granting access. While the concept isnt new, its safe to say Zero Trust is going mainstream as hybrid and multi-cloud environments become the norm.

The U.S. National Security Agency (NSA) recently released guidance for embracing a Zero Trust approach, noting these principles can better position [cybersecurity professionals] to secure sensitive data, systems, and services.

As we focus on helping agencies and enterprises secure identities throughout the cycle of accessing critical assets, these recommendations resonated strongly with our CyberArk team. Heres a look at our top takeaways from the NSAs Zero Trust directive:

Outsider, Insider It Doesnt Matter. Always Assume Breach

NSA authors write, Contemporary threat actors, from cyber criminals to nation-state actors, have become more persistent, more stealthy, and more subtle; thus, they demonstrate an ability to penetrate network perimeter defenses with regularity. They urge agencies and organizations to consciously operate and defend resources with the assumption that an adversary already has presence within the environment.

In the public sector, weve seen the great lengths to which legitimate, authorized users will go to exfiltrate information and accomplish ill-intentioned objectives. An assume breach mindset does not discriminate between outsiders or insiders instead, every identity and access request is presumed malicious until proven otherwise. And the question shifts from Have I been breached? to Do I have the right alarm systems and motion-sensing lights in place to detect and respond before its too late?

Least Privilege Is Foundational to Zero Trust

Motives vary. Adversaries might try to establish persistence in the environment and hide their activity; the SolarWinds attacker used the sophisticated Golden SAML technique to do this successfully. Or, attackers might aim straight for the domain controller or cloud console in search of sensitive data to steal or hold for ransom, or to cause disruption by shutting down critical systems or deleting files. No matter what theyre after, attackers usually follow the same steps: acquire credentials for an identity, move laterally and vertically to escalate privileges, then use this privileged access to compromise sensitive data and assets.

The most effective way to break this chain and shrink the overall attack surface is to enforce least privilege security controls across all identities, devices and apps from the endpoint to the cloud. NSA authors write that data-centric Zero Trust models allow the concept of least privileged access to be applied for every access decision, where the answers to the questions of who, what, when, where, and how are critical for appropriately allowing or denying access to resources.

When It Comes to Zero Trust, 1+1=3

Theres no cybersecurity silver bullet, and likewise, Zero Trust cannot be achieved with one vendor or solution its not about a specific technology, its an approach, and a mindset. Instead, it requires a holistic, layered approach that integrates disparate but related cybersecurity capabilities into a cohesive engine for cybersecurity decision-making, write NSA authors.

By placing Privileged Access Management at the core of this defense-in-depth strategy, not only can defenders protect against the leading cause of breaches, they can also minimize the attacks impact. Consider this scenario: an attacker successfully compromises an agencys vulnerability management platform, runs an authentication scan and pinpoints every vulnerable and misconfigured identity within the hybrid cloud environment essentially scoring a step-by-step playbook for the attack. By protecting these powerful tools with Privileged Access Management controls, such as vaulting and rotating privileged credentials and monitoring sessions to detect risky activity, agencies can dramatically limit exposure and keep that playbook out of reach.

Its Okay to Start Small. But the Time to Start Is Now.

Conceptually, Zero Trust makes perfect sense. But NSA authors warn that putting it into practice will take time. Instead, they encourage a phased, risk-based approach. Incorporating Zero Trust functionality incrementally as part of a strategic plan can reduce risk accordingly at each step, they write. Among the NSAs key Zero Trust design recommendations is to architect from the inside out, first protecting critical data and assets, such as Tier 0 systems, then securing all paths to access them.

TheIdentity Defined Security Alliance framework can help with scoping and tiering the various technology components that will require protection at the identity level.

In SolarWinds shadow, many agencies are feeling pressure to address their greatest identity-related vulnerabilities quickly. This NSA directive offers valuable prioritization guidance for achieving quick wins to drive down risk, while laying the groundwork for a phased Zero Trust implementation strategy.

In the famous words of Bob Dylan, The times, they are a-changin. Drive resilience in this new threat landscape by embracing a Zero Trust model. And trust CyberArk to help along the way. As the recognized leader in protecting privileged access with multiple Department of Defense customers and 130+ installations across the U.S. federal government, were uniquely positioned to help agencies meet todays modern security and compliance requirements.

*** This is a Security Bloggers Network syndicated blog from CyberArk authored by Kevin Corbett. Read the original post at: https://www.cyberark.com/blog/cisa-and-nsa-the-times-they-are-a-changin-identity-is-everything-now/

Continue reading here:
CISA and NSA: The Times, They Are A-Changin. Identity is Everything Now - Security Boulevard