Alan Paller

  • How NIST can help close the cyber gap between CIOs and auditors

    In the American Innovation and Competitiveness Act, Congress told NIST to take a deep dive into how agencies understand and use the special publications and Federal Information Processing Standards for cybersecurity that it produces.

  • DHS gives cyber hunters a better type of license

    The Homeland Security Department launched a new type of red team effort where they break into an agencies’ networks over the next 90 days and help them make long-term, sustainable fixes.

  • Where do agencies go now post-cyber sprint?

    The Office of Management and Budget just posted the latest data from its 30-day cyber sprint. Alan Paller of the SANS Institute and a task force of industry experts offer their insight on what are the next steps agencies should be taking to improve their cybersecurity.

  • Alan Paller: Cyber priorities post-cybersprint

    For agency managers responsible for cybersecurity, the last few weeks have been challenging. The data breach affecting millions might have been the direct responsibility of the Office of Personnel Management, but the response has been all-of-government – starting with the now-concluded 30-day cyber sprint. Cyber is a matter of technology, skill and people. Alan Paller, the director of research at the SANS Institute, joined Jared Serbu on the Federal Drive to offer some perspective on what CIOs and cybersecurity officers need to do next.

  • Letter to the Editor: Archuleta should’ve stayed

    Alan Paller and John Pescatore of the SANS Institute explain why Katherine Archuleta’s departure may not be a fair nor effective means for addressing the cybersecurity problems at OPM.

  • After OPM cyber breach, what’s the next step for agencies?

    President Barack Obama said ”significant vulnerabilities” exist and will continue to accelerate in government and private sector systems, unless changes are made.

  • Alan Paller, Director of Research, SANS Institute

    The Office of Personnel Management starts notifying employees today that their personal information may have been compromised. As many as 4 million current and former federal employees may be affected. Now the question is, has the government learned anything from this incident, or is it lurching from crisis to crisis? SANS Institute’s Director of Research Alan Paller joined Tom Temin on the Federal Drive for a look ahead.

  • DHS striving to avoid ‘tragic mistake’ under cyber program

    Under the continuous diagnostics and mitigation program, DHS wants to ensure systems administrators have data on the most pressing threats and vulnerabilities first so they can fix them as soon as possible. John Streufert, DHS’s director of federal network resilience, said the recently-awarded dashboard will be set up to do just that.

  • Alan Paller, Director of Research, SANS Institute

    Federal cybersecurity officials are in knots over the Heartbleed threat. The vulnerability potentially affects a common data encryption system used on internet servers. Homeland Security says federal web servers are OK. Qualys has a free online SSL Server Test that can analyze a web server. Alan Paller, director of research at the cybersecurity education firm SANS Institute, explained the threat to Federal Drive hosts Tom Temin and Emily Kopp.

  • Federal News Countdown: Lerner held in contempt, DoD triples cybersecurity staff

    Alan Paller of the SANS Institute and Jenny Mattingley of Shaw Bransford & Roth counted down the top federal stories of the week with Francis Rose.