11:37 am, May 23, 2015

National Cybersecurity Awareness Month

What is National Cybersecurity Awareness Month?

October is National Cybersecurity Awareness Month and it is an opportunity to engage public and private sector stakeholders - especially the general public - to create a safe, secure, and resilient cyber environment. Everyone has to play a role in cybersecurity. Constantly evolving cyber threats require the engagement of the entire nation from government and law enforcement to the private sector and most importantly, the public.

Cyberspace is woven into the fabric of our daily lives and the world is more interconnected today than ever before. We enjoy the benefits and convenience that cyberspace provides as we shop from home online, bank using our smart phones, and interact with friends from around the world through social networks. The Department of Homeland Security is committed to raising cybersecurity awareness across the nation and to working across all levels of government, the private sector, and internationally to protect against and respond to cyber incidents.

This year marks the tenth anniversary of National Cybersecurity Awareness Month sponsored by the Department of Homeland Security in cooperation with the National Cybersecurity Alliance and the Multi-State Information Sharing and Analysis Center.

October 11th Cybersecurity Update - Cyber Anon Search

Recent revelations about online National Security Agency surveillance have sparked an uptick, in use of anonymous web browsing services. Computerworld reports, companies offering that service are seeing a spike in usage. A startup called Disconnect Search launched Monday, and by yesterday morning had more than 400 thousand searches. Duck-Duck-Go had 54 million searches in May, before Snowden went public. Last month, it had 116 million. Because the company doesn't collect user information, it can't say how many individuals have used the service. Anonymous search companies let visitors use their usual search engines, but the queries are routed through the companies' servers, removing an identification of the searcher.

Friday - 10/11/2013, 08:47am EDT

October 11th Cybersecurity Update - Facebook Search

Facebook is getting rid of a privacy feature that let users limit who can find them. No longer will you be able to restrict who can see your timeline in the social network. Facebook says it is an old search setting that a small percentage of its nearly 1.2 billion users still rely on. It says there are other ways to control what people can find out about you.

Friday - 10/11/2013, 08:45am EDT

October 10th Cybersecurity Update - Head of NSA Defends Agency's Surveillance Programs

The head of the National Security Agency is appealing to the cybersecurity industry to defend his agency's surveillance programs. Speaking at a Maryland conference, Army General Keith Alexander says media reports have focused on what the NSA could be doing with the data it gathers, rather than what it actually is doing. He calls the reporting "sensationalized" and says it could impact cyber legislation in Congress. Meanwhile, the open-records website Muck Rock says the NSA has seen a one-thousand percent rise in Freedom of Information Act requests since Edward Snowden began leaking information.

Thursday - 10/10/2013, 12:39pm EDT

October 10th Cybersecurity Update - Missed Patches

Federal computers stand in danger of being left vulnerable to the latest cybersecurity threats. That goes for both servers and desktop PCs. Microsoft this week issued 26 security patches for a variety of operating systems. But only skeleton IT staffs are on duty at many agencies. John Pescatore is director of emerging technologies at the SANS Institute. He tells Computerworld, if furloughed workers' machines are turned off, they are difficult to patch. Those machines would be open to attack when employees return and flip them back on. But Pescatore says most of the government's security staff was considered essential and remains on the job.

Thursday - 10/10/2013, 12:38pm EDT

October 9th Cybersecurity Update - Cybersecurity web pages hosted by NIST

Cybersecurity related web pages the National Institute of Standards and Technology hosts are mostly unavailable because of the shutdown. The message on NIST's homepage says the National Vulnerability Database and the NIST Internet Time Service web sites are still available.

Thursday - 10/10/2013, 12:37pm EDT

October 10th Cybersecurity Update - Smartphone Malware

Malware from smartphones is a growing danger to enterprise networks, according to new research from Juniper Research. They say users are more aware of security concerns than ever, but doing less about them. Juniper says as many as 80 per cent of smartphones aren't protected from malware.

Thursday - 10/10/2013, 08:48am EDT

Cybersecurity Bill

Leaders of the Senate Intelligence Committee are nearing agreement on a cybersecurity bill. It's meant to encourage companies to share cyber threat information with each other and the government. Federal News Radio's Jared Serbu reports.

Wednesday - 10/09/2013, 06:54pm EDT

Agencies face 'catch-22' in planning for cyber threats

Your agency's chief information security officer has a problem that might not have a solution. The online ecosystem of apps and mobile devices is creating a perfect storm of incoming threats and financial challenges. Hord Tipton, executive director of the information security non-profit (ISC), is the former chief information officer of the Interior Department.

Wednesday - 10/09/2013, 02:38pm EDT

October 9th Cybersecurity Update - Microsoft Reward

Microsoft is making good on its promise to reward hackers that find security flaws in its software. The company has given its first 100-thousand-dollar bounty to cybersecurity researcher James Forshaw, who works for London-based Context Information Security. Microsoft says Forshaw came up with a new exploitation technique. The details are a secret until Microsoft can successfully address it. It says Forshaw's discovery will help Microsoft develop defenses against entire classes of cyber attacks.

Wednesday - 10/09/2013, 01:07pm EDT

October 9th Cybersecurity Update - Microsoft Gov Cloud

Microsoft wants to up its presence in the hotly contested federal cloud computing market. It launches a dedicated, government-only cloud. That means the facilities are located in the continental United States, and staffed by U-S citizens. Only data and applications of federal, state and local agencies will be housed there. In a blog post, Microsoft's cloud chief Satya Nardella says the Windows Azure US Government Cloud has already received federal security approval. It was granted provisional authority to operate under the General Services Administration's FedRAMP program. Nardella says federal customers are among the most demanding.

Wednesday - 10/09/2013, 01:06pm EDT

October 8th Cybersecurity Update - 'Anonymous' Hackers Indicted

A federal grand jury has indicted 13 members of a key Internet hacking group for a wide-ranging series of cyber attacks. The defendants are part of Anonymous. They are accused of targeting governments, trade associations, financial institutions and other entities - any site that goes against the Anonymous philosophy of making all information free for everyone, without regard for copyright laws or national security concerns.

Tuesday - 10/08/2013, 07:00pm EDT

October 8th Cybersecurity Update - NSA Data Snags

Technical flaws are holding back the National Security Agency from deploying its gigantic new data center in Utah. The Wall Street Journal reports, for more than a year the facility has been hit by a series of fires and explosions caused by electrical arcing. In some instances, the jolts destroyed hundreds of thousands of dollars worth of equipment. An N-S-A spokeswoman says the problem has been mitigated through testing. The Army Corps of Engineers oversees construction. A spokesman there says the contractor is fixing the problem. But that account is disputed by an independent Corps investigator. The data center covers a million square feet and has so far cost 1 point 4 billion dollars.

Tuesday - 10/08/2013, 06:59pm EDT

October 8th Cybersecurity Update - The People Who Made a Difference In Security in 2013 Nominations

Nominations are open for The People Who Made a Difference In Security in 2013. The SANS Institute will recognize the winners December 16th at the SANS Cyber Defense Initiative conference in Washington. Nominations are open until November 8th. You can find details at Federal News Radio dot com, slash In Depth. DC, SANS plans on celebrating the most dedicated and innovative "People Who Made a Difference in Security in 2013."

Tuesday - 10/08/2013, 06:58pm EDT

Cyber Policy Change

New guidance is on the way to change the way you secure your computer systems. The Office of Management and Budget is finalizing the policy to implement federal information system continuous monitoring. It's been three years since the last major cyber policy change. Federal News Radio executive editor Jason Miller is here with exclusive details of the new policy, Inside the Reporter's Notebook.

Monday - 10/07/2013, 05:44pm EDT

October 7th Cybersecurity Update - Policy

We've all heard: continuous monitoring is the buzz word in federal cybersecurity. The Office of Management and Budget is trying to decide what agencies should monitor. OMB Director Sylvia Burwell is reviewing the first major cyber policy change in three years. When she's done, expect more clarity on the types of systems and information that are supposed to be watched 24-7. Federal News Radio's Jason Miller reports, those in the know are applauding the cautious approach. They don't want a continuous monitoring policy absent detail to stoke public fears of another government surveillance program.

Monday - 10/07/2013, 03:19pm EDT

October 4th Cybersecurity Update - Monitoring Delay

The shutdown is delaying a six-Billion-dollar government-wide continuous monitoring system. A key contractor MacAfee tells Next Gov: the Obama administration was going to issue task orders this week. That did not happen. The Homeland Security Department is paying for the cyber surveillance technology. It will let agencies choose among a vendor's various threat sensors...displays and consulting services.

Monday - 10/07/2013, 03:18pm EDT

October 4th Cybersecurity Update - Adobe Security

Adobe asks for help from Federal Law Enforcement after a security breach. Hackers accessed customer information, including encrypted financial records, and source code for Adobe products. The company is offering one year of credit monitoring to affected parties.

Friday - 10/04/2013, 05:05pm EDT

October 4th Cybersecurity Update - Adobe Breach

Adobe has issued a warning that cyber attackers managed to lift information on 2 point 9 million customers. Adobe says it lost names, encrypted credit card numbers and passwords. It's offering free, one-year credit monitoring to affected individuals. Perhaps worse in the long run, Adobe says the cyber thieves obtained source code for numerous Adobe products. In a blog post, the company says it contacted the federal Computer Emergency Readiness Team. US CERT issued its own warning about the Adobe breach.

Friday - 10/04/2013, 03:17pm EDT

Threat information sharing builds better cyber standards, expert says

Anne Neuberger, director of the National Security Agency's Commercial Solutions Center, explains the pluses and minuses of public-private partnerships for the cybersecurity world.

Thursday - 10/03/2013, 05:05pm EDT

October 3rd Cybersecurity Update - Fear of Hackers During Shutdown

Steven VanRoekel fears hackers will prey on government websites "skeleton crews" are covering because of the shutdown. Van Roekel tells the Wall Street Journal he could call employees back if an attack happened during the shutdown. But VanRoekel calls that delayed response scenario "worrisome".

Thursday - 10/03/2013, 03:21pm EDT
  • 3