Shows & Panels
- Accelerate and Streamline for Better Customer Service
- Ask the CIO
- The Big Data Dilemma
- Carrying On with Continuity of Operations
- Client Virtualization Solutions
- Data Protection in a Virtual World
- Expert Voices
- Federal Executive Forum
- Federal IT Challenge
- Federal Tech Talk
- Feds in the Cloud
- Health IT: A Policy Change Agent
- IT Innovation in the New Era of Government
- Making Dollars And Sense Out of Data Center Consolidation
- Navigating the Private Cloud
- One Step to the Cloud, Two Steps Toward Innovation
- Path to FDCCI Compliance
- Take Command of Your Mobility Initiative
Shows & Panels
Why still so many cyber weaknesses at agencies?
Friday - 10/7/2011, 4:49pm EDT
Federal News Radio
Cyber threats are increasing — by 650 percent in the last five years — but agencies are still plagued by cyber vulnerabilities, the Government Accountability Office concluded in a recent report.
The problem is not for lack of cyber laws, said Patricia Titus,Vice President of CISO at Unisys, in an interview with In Depth with Francis Rose. Titus was the first Chief Information Security Officer at the Transportation Security Administration, and she worked in IT at the State and Defense departments.
Congress passed the Federal Information Security Management Act (FISMA) ten years ago. Senators have also introduced the Cybersecurity and Internet Freedom Act of 2011 to modernize FISMA. And just last week, the White House set new cybersecurity safeguards, such as creating an information-sharing committee and appointing a senior official at each agency to oversee classified information.
Additional guidelines might help strengthen agencies' cyber weaknesses, but it could also "just add another layer of complexity," Titus said. She said the problem is agencies need to implement those laws and that is where the real "breakdown" in cybersecurity comes.
Agencies like GAO allow for some oversight. But more oversight than that is unlikely to come in this budget environment, she said.
Titus said she agreed with the GAO report recommendation for private-public partnerships. What agencies need now is a "clearinghouse" or "honest broker" where companies can report cyber breaches.
Currently, "we don't seem to have a good way of getting information shared back and forth between the private sector and the public sector that allows the private sector some protection," she said.
This story is part of Federal News Radio's daily Cybersecurity Update. For more cybersecurity news, click here.