Guide
Ways Hackers Look to Exploit Federal Agencies
Federal agencies are often high targets of attackers to obtain access to your environment, steal data, or leak information.
There are 7 common ways hackers try to get into federal agencies. In this guide you'll get:
Descriptions of each type, a couple of which might surprise you
Real-world examples of why hackers want data in that way
Strategies for...
Guide
Federal Cybersecurity Toolkit
Government Cybersecurity: Establishing Solid Foundations
Federal cybersecurity needs can change quickly based on cyberattackers' increasingly damaging methods. Today’s threat landscape requires agencies to embrace proactive vulnerability management measures, such as penetration testing, Red Teaming, and consistent scans and monitoring. While these evolving security demands can be difficult to...
Guide
9 Ways Cyber Attackers Look to Exploit Government Agencies
While any organization is susceptible to cyberattacks, government agencies — federal, regional, state, and local — can be particularly vulnerable due to the highly sensitive data they have access to in order to carry out their duties. But how exactly are cyber attackers managing to breach these agencies and what can be done in order to prevent such attacks?
In this guide, explore about 9 common...
Blog
Proposed HIPAA Update Makes Yearly Pen Testing Mandatory
By Katrina Thompson on Thu, 07/17/2025
In early 2025, significant changes to the HIPAA Security Rule were proposed by the Office of Civil Rights for the Department of Health and Human Services (OCR).
The proposed update to the HIPAA Security Rule, published on January 6, 2025, introduces a significant new requirement: all covered entities and business associates must conduct penetration...
Video
Adopting a Proactive Approach to Federal Cybersecurity
Thu, 07/14/2022
Cyber criminals focus on the easiest targets, which often are federal agencies. A recent White House Executive Order on cybersecurity puts renewed focus squarely on securing federal network infrastructure. The order promotes, among other things, modernizing federal cybersecurity, improving detection of vulnerabilities and incidents, and moving toward a Zero Trust security model. But where do...
Guide
A Proactive Approach to Federal Cybersecurity
Cyber criminals focus on the easiest targets, which often are federal agencies. A recent White House Executive Order on cybersecurity puts renewed focus squarely on securing federal network infrastructure, which means federal agencies must step up their security games, complying with both existing and emerging regulations related to information security.
Among other things, the order promotes...
Datasheet
Department of Energy Core Security Blanket Purchase Agreement (BPA)
Core Security's Blanket Purchase Agreement (BPA) with the Department of Energy (DOE) establishes a cooperative agreement that streamlines the purchase process, allowing Core Security to efficiently fulfill the recurring needs of the DOE, with their specific requirements in mind.
Products
Core Impact
This penetration testing platform provides a framework for efficiently uncovering and safely...
Blog
Ways Hackers Look to Exploit State and Local Governments
Mon, 12/28/2020
Don’t for a minute think that bad actors have no interest in the information you collect in your state or local office. Whether you work for the City Water Department or the Department of Tax and Revenue for your county, you are collecting data that is critical to not only your job – but for all of the organizations and people that work and live within your territory. Even if you aren't employed...
Blog
Adapting to a Changed World: 6 Cybersecurity Predictions for 2021
Tue, 12/22/2020
As a new year looms bright with possibility in front of us, how can we prepare for a world that looks profoundly different than it did a year ago? On the cybersecurity front, we can always anticipate continuing battles with familiar foes, as well as a few new challenges on the horizon. Though we may not have a crystal ball, based on our observations and discussions, here are six predictions for...
Case Study
From Surviving to Thriving: How a Large Healthcare Organization Established a Comprehensive Identity and Access Management Approach
Overview
Healthcare organizations today face extraordinary challenges in a dynamic, complex landscape. During the last two decades, the healthcare industry has seen increasing regulations, an acceleration of technology and workforce growth, acquisitions and consolidation, and the pressure to increase operational efficiencies and decrease overall costs, while meeting growing patient demands....
Blog
Healthcare Identity Governance in the Era of COVID-19: Five Critical Issues Your Organization Can’t Afford to Overlook
Wed, 07/15/2020
The impact of COVID-19 has been far-reaching across nearly every sector. But none has been so greatly disrupted as the healthcare industry. Managing through this crisis has required healthcare systems to expand some aspects of their workforce and redeploy others virtually overnight in order to transform the way they offer services to patients.
Redeploying resources, leveraging a mobile workforce,...
Blog
Interview with a Healthcare Security Expert: William "Buddy" Gillespie, HCISPP
Thu, 05/28/2020
In November we started a wonderful webinar series with industry leader William "Buddy" Gillespie, HCISPP and we introduced that series with a sit down interview. Yesterday, we concluded the series with a webinar titled "Healthcare 2020: Focus on the Future". While the webinar series may be over, our partnership with Buddy will continue and we would like to continue to showcase his knowledge...
Blog
How to Mitigate Data Breaches in Healthcare IT
Wed, 05/27/2020
What once was only science fiction is now our reality, anything and everything can be hacked. For healthcare providers, ‘anything’ includes not only patient records and claims information, but sentient things like drug pumps and pacemakers. In addition, healthcare has operational functionality that make this space particularly challenging. The mobility challenge is particularly unusual because the...
Blog
How Pen-Testing Protects Your Federal Agency
Wed, 05/27/2020
It seems as if government agencies, both locally and nationally, are making headlines for mostly the wrong reasons these days. From scandals to breaches and cybersecurity this has become such a sensitive subject within the past year that these events have left most folks feeling even more on edge. As stated by Thales Data Threat Report, within the past year alone, 33% of government agencies...
Video
Healthcare Identity Governance 101: Six Proven Strategies for Tackling the Biggest Healthcare Information Security Challenges
Tue, 05/26/2020
Healthcare organizations today face extraordinary challenges in a complex landscape. With increasing regulations, the acceleration of technology, and the demand to do more with less, health systems must address these issues head on, while staying focused on delivering quality patient care.
Data breaches in healthcare cost more than $6.45 million on average—higher than any other industry. So the...
Video
Intelligently Mitigate Your Biggest Healthcare Identity Risks
Tue, 05/26/2020
Take the next step in addressing your healthcare organization’s most pressing access-related risks. Watch this on-demand video to learn how you can reveal hidden access risks in your health system to arm yourself with actionable insights.
By increasing your access risk intelligence, you can:
Discover inappropriate access risks prior to internal audits.
Diagnose access risks instantly, and gain...
Blog
Five Major Reasons Healthcare Organizations Need Identity Governance
Tue, 05/26/2020
Ready to better protect your healthcare organization so you can focus on what matters most?
Blog
How to Tackle the Top Five Healthcare Information Security Challenges
Tue, 05/26/2020
Ready to learn more about protecting your healthcare organization with leading-edge identity governance?