Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- Ask the CIO
- Connected Government
- Consolidating Mission-critical Systems
- Constituent Servicing
- Continuous Monitoring: Tools and Techniques for Trustworthy Government IT
- The Data Privacy Imperative: Safeguarding Sensitive Data
- Eliminating the Pitfalls: Steps to Virtualization in Government
- Federal Executive Forum
- Federal Tech Talk
- Government Cloud Brokerage: Who, What, When, Where, Why?
- Government Mobility
- Mission-critical Apps in the Cloud
- Mobile Device Management
- The Modern Federal Threat Landscape
- The Path from Legacy Systems
- Understanding the Intersection of Customer Service and Security in the Cloud
Shows & Panels
Why still so many cyber weaknesses at agencies?
Friday - 10/7/2011, 4:49pm EDT
Federal News Radio
Cyber threats are increasing — by 650 percent in the last five years — but agencies are still plagued by cyber vulnerabilities, the Government Accountability Office concluded in a recent report.
The problem is not for lack of cyber laws, said Patricia Titus,Vice President of CISO at Unisys, in an interview with In Depth with Francis Rose. Titus was the first Chief Information Security Officer at the Transportation Security Administration, and she worked in IT at the State and Defense departments.
Congress passed the Federal Information Security Management Act (FISMA) ten years ago. Senators have also introduced the Cybersecurity and Internet Freedom Act of 2011 to modernize FISMA. And just last week, the White House set new cybersecurity safeguards, such as creating an information-sharing committee and appointing a senior official at each agency to oversee classified information.
Additional guidelines might help strengthen agencies' cyber weaknesses, but it could also "just add another layer of complexity," Titus said. She said the problem is agencies need to implement those laws and that is where the real "breakdown" in cybersecurity comes.
Agencies like GAO allow for some oversight. But more oversight than that is unlikely to come in this budget environment, she said.
Titus said she agreed with the GAO report recommendation for private-public partnerships. What agencies need now is a "clearinghouse" or "honest broker" where companies can report cyber breaches.
Currently, "we don't seem to have a good way of getting information shared back and forth between the private sector and the public sector that allows the private sector some protection," she said.
This story is part of Federal News Radio's daily Cybersecurity Update. For more cybersecurity news, click here.