Articles

Tips for staying secure with online hobbies

For this month on Cyber360, we're looking at ways to stay safe with your hobbies in the digital world.

Social Media: Share with care

Introduction

CMS is using the Cybersecurity and Infrastructure Security Agency (CISA) Zero Trust Maturity Model (ZTMM) to transition to a ZT architecture (ZTA). The ZTMM framework includes five pillars to guide agencies towards a ZTA, and one of those pillars focuses on devices.  This blog post is a deeper dive into the device threat protection function within the Devices pillar. 

Tips for online financial security

This month, Cyber360 at CMS is focused on financial security. As we move more of our financial lives online, from banking to investing, the need for strong cybersecurity has never been greater. Here are some ways you can protect yourself and your finances.

Tap payments: A smarter way to pay

Tips for enhancing security in digital communities

In our interconnected world, the digital safety of our communities—spanning from online social networks to neighborhood interactions—is more crucial than ever. Ensuring that these spaces are secure not only protects individuals but also preserves the integrity and trust within these communal networks. Here are some areas to keep in mind.

Social media privacy and security

Background

The cybersecurity field is ever-evolving, with new threats and technologies emerging constantly. Staying informed about these trends is crucial for protecting our systems and data at CMS.

What is the News?

In this post, we'll explore the top 5 emerging trends in cybersecurity that are transforming how we defend against cyber threats. Understanding these trends will help you stay ahead in the rapidly changing digital security landscape.

In the ever-evolving landscape of cybersecurity, organizations continuously seek effective methods to bolster their defenses against potential threats. One such method gaining traction is the concept of Purple Team engagements. This blog post aims to provide a high-level understanding of what a Purple Team is, the teams involved, and the overarching purpose of these engagements, specifically within the Centers for Medicare and Medicaid Services (CMS).

What is a Purple Team?

The ​​CFACTS application is migrating to AWSCloud for better performance and efficiency. The updated system is known as CFACTS-Cloud. We will be posting updates regularly to help you navigate this transition. 

You can now explore CFACTS-Cloud, preview new enhancements, and test new features. 

Why is database scanning important?

CMS databases and large data stores are a prime target for attackers because of the volume of sensitive information stored on CMS systems. That includes personally identifiable information (PII), protected health information (PHI), provider and beneficiary information, and intellectual property. 

Tips for families to stay safe online

This month's focus for Cyber360 is navigating cybersecurity as a family. In the digital age, where every household gadget can connect to the internet, cybersecurity is no longer just an individual concern—it's a family affair. From toddlers who can navigate a tablet before they can walk to grandparents who've embraced video calling with gusto, everyone's online. This interconnectedness, while bringing families closer, also opens up new vulnerabilities to cyber-attacks.

Why is the ISPG website (CyberGeek) open to the public?

When we set out to provide one authoritative home for CMS security and privacy information, ISPG leadership decided to make this information “public if possible”. That means instead of putting things behind a CMS login barrier by default, we go through a careful process to determine whether the information can safely be made public. If so, it is published here on our website. There are many benefits to this approach: