Posts

Cybersecurity Homeland Security

Zero trust security means that no one is trusted by default from inside or outside the network, and verification is required from everyone trying to gain access to resources on the network. A port scan is used to probe an IP address for open ports to identify accessible network services and applications. Automated theorem proving and other verification tools can be used to enable critical algorithms and code used in secure systems to be mathematically proven to meet their specifications. Applications are executable code, so general practice is to disallow users the power to install them; to install only those which are known to be reputable – and to reduce the attack surface by installing as few as possible. They are typically run with least privilege, with a robust process in place to identify, test and install any released security patches or updates for them. After decades of private-sector organizations more or less being left to deal with cyber incidents on their own, the scale