Guide
Ways Hackers Look to Exploit Federal Agencies
Federal agencies are often high targets of attackers to obtain access to your environment, steal data, or leak information.
There are 7 common ways hackers try to get into federal agencies. In this guide you'll get:
Descriptions of each type, a couple of which might surprise you
Real-world examples of why hackers want data in that way
Strategies for...
Guide
Federal Cybersecurity Toolkit
Government Cybersecurity: Establishing Solid Foundations
Federal cybersecurity needs can change quickly based on cyberattackers' increasingly damaging methods. Today’s threat landscape requires agencies to embrace proactive vulnerability management measures, such as penetration testing, Red Teaming, and consistent scans and monitoring. While these evolving security demands can be difficult to...
Guide
9 Ways Cyber Attackers Look to Exploit Government Agencies
While any organization is susceptible to cyberattacks, government agencies — federal, regional, state, and local — can be particularly vulnerable due to the highly sensitive data they have access to in order to carry out their duties. But how exactly are cyber attackers managing to breach these agencies and what can be done in order to prevent such attacks?
In this guide, explore about 9 common...
Guide
Avoiding Compliance Surprises - Financial Technology
Compliance is so important in today’s business economy (some might say it is the economy of business) because it is the “pass” that allows you to play. Ensure it, and you can play anywhere.
Go without it, and you’re benched. From fees to jail time, PR costs to reputational damage, being caught not complying with legal standards for protecting critical systems, information, and proprietary...
Blog
Proposed HIPAA Update Makes Yearly Pen Testing Mandatory
By Katrina Thompson on Thu, 07/17/2025
In early 2025, significant changes to the HIPAA Security Rule were proposed by the Office of Civil Rights for the Department of Health and Human Services (OCR).
The proposed update to the HIPAA Security Rule, published on January 6, 2025, introduces a significant new requirement: all covered entities and business associates must conduct penetration...
Video
Adopting a Proactive Approach to Federal Cybersecurity
Thu, 07/14/2022
Cyber criminals focus on the easiest targets, which often are federal agencies. A recent White House Executive Order on cybersecurity puts renewed focus squarely on securing federal network infrastructure. The order promotes, among other things, modernizing federal cybersecurity, improving detection of vulnerabilities and incidents, and moving toward a Zero Trust security model. But where do...
Guide
A Proactive Approach to Federal Cybersecurity
Cyber criminals focus on the easiest targets, which often are federal agencies. A recent White House Executive Order on cybersecurity puts renewed focus squarely on securing federal network infrastructure, which means federal agencies must step up their security games, complying with both existing and emerging regulations related to information security.
Among other things, the order promotes...
Datasheet
Department of Energy Core Security Blanket Purchase Agreement (BPA)
Core Security's Blanket Purchase Agreement (BPA) with the Department of Energy (DOE) establishes a cooperative agreement that streamlines the purchase process, allowing Core Security to efficiently fulfill the recurring needs of the DOE, with their specific requirements in mind.
Products
Core Impact
This penetration testing platform provides a framework for efficiently uncovering and safely...
Blog
Ways Hackers Look to Exploit State and Local Governments
Mon, 12/28/2020
Don’t for a minute think that bad actors have no interest in the information you collect in your state or local office. Whether you work for the City Water Department or the Department of Tax and Revenue for your county, you are collecting data that is critical to not only your job – but for all of the organizations and people that work and live within your territory. Even if you aren't employed...
Blog
Adapting to a Changed World: 6 Cybersecurity Predictions for 2021
Tue, 12/22/2020
As a new year looms bright with possibility in front of us, how can we prepare for a world that looks profoundly different than it did a year ago? On the cybersecurity front, we can always anticipate continuing battles with familiar foes, as well as a few new challenges on the horizon. Though we may not have a crystal ball, based on our observations and discussions, here are six predictions for...
Case Study
From Surviving to Thriving: How a Large Healthcare Organization Established a Comprehensive Identity and Access Management Approach
Overview
Healthcare organizations today face extraordinary challenges in a dynamic, complex landscape. During the last two decades, the healthcare industry has seen increasing regulations, an acceleration of technology and workforce growth, acquisitions and consolidation, and the pressure to increase operational efficiencies and decrease overall costs, while meeting growing patient demands....
Blog
Five Major Drivers of IGA and PAM for Financial Services Organizations Today
Fri, 09/25/2020
Financial services information security continues to be a top priority across the entire financial sector—and for good reason. The Verizon Data Breach Investigations Report found that financial profit or gain was the primary motivation in 71 percent of all information security incidents, making financial services organizations a prime target for attack.
According to the Bitglass’ Financial Breach...
Blog
How to Deal with Changing Financial Cybersecurity Regulations
Thu, 08/27/2020
Late last year the New York State of Financial Services (DFS) announced that New York would be proposing a "first in the nation" rule on cyber-security to go into effect on March 1, 2017 which would impact any bank, insurance company and anyone else covered by DFS. The rule requires any regulated company design a cybersecurity program that assesses its risks to ensure the safety and soundness of...
Video
8 Ways to Tackle the Biggest Access-Related Challenges in Financial Services
Mon, 08/17/2020
Financial services organizations today face extraordinary challenges in a dynamic, complex landscape. During the last two decades, the financial services sector has seen everything from increasing cybersecurity threats, data breaches, and cyberattacks to intensified regulatory compliance, an acceleration of digital transformation, and the pressure to increase operational efficiencies and decrease...
Blog
Healthcare Identity Governance in the Era of COVID-19: Five Critical Issues Your Organization Can’t Afford to Overlook
Wed, 07/15/2020
The impact of COVID-19 has been far-reaching across nearly every sector. But none has been so greatly disrupted as the healthcare industry. Managing through this crisis has required healthcare systems to expand some aspects of their workforce and redeploy others virtually overnight in order to transform the way they offer services to patients.
Redeploying resources, leveraging a mobile workforce,...
Blog
How Financial Services Organizations Can Mitigate Their Top Identity-Related Access Risks
Mon, 06/01/2020
Financial services organizations face numerous challenges in a constantly changing landscape. With increased cybersecurity threats, intensified regulatory requirements, an acceleration of digital transformation, large-scale mergers and acquisitions, and growing customer expectations, these organizations must pursue strategies and programs that mitigate risks, safeguard valuable data, and protect...
Blog
Interview with a Healthcare Security Expert: William "Buddy" Gillespie, HCISPP
Thu, 05/28/2020
In November we started a wonderful webinar series with industry leader William "Buddy" Gillespie, HCISPP and we introduced that series with a sit down interview. Yesterday, we concluded the series with a webinar titled "Healthcare 2020: Focus on the Future". While the webinar series may be over, our partnership with Buddy will continue and we would like to continue to showcase his knowledge...