Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- Ask the CIO
- Building the Hybrid Cloud
- Connected Government: How to Build and Procure Network Services for the Future
- Continuing Diagnostics and Mitigation: Discussion of Progress and Next Steps
- Federal Executive Forum
- Federal Tech Talk
- The Intersection: Where Technology Meets Transformation
- Maximizing ROI Through Data Center Consolidation
- Moving to the Cloud. What's the best approach for me
- Navigating Tough Choices in Government Cloud Computing
- The New Generation of Database
- Satellite Communications: Acquiring SATCOM in Tight Times
- Targeting Advanced Threats: Proven Methods from Detection through Remediation
- Transformative Technology: Desktop Virtualization in Government
- Value of Health IT
Shows & Panels
In this edition of Inside the Reporter's Notebook, Executive Editor Jason Miller shares news and buzz about the IT and acquisition communities.
DHS says it found out about the Heartbleed vulnerability at the same time everyone else did. But unlike most other organizations, it had to wade through layers of legal negotiations before it could help federal agencies fix the cyber vulnerability in their own systems.
Agencies are getting smarter about cyber. The Homeland Security Department and General Services Administration are fine-tuning a contracting vehicle for tools that let agencies not only monitor their computer networks 24/7, but also fix things that go wrong. The umbrella term for the tools is continuous diagnostics and mitigation (CDM). Xceedium is a supplier of CDM software products. Ken Ammon, the chief strategy officer of Xceedium, told Federal Drive hosts Tom Temin and Emily Kopp what's in store for phase two of CDM.
The agency that runs federal employees' (401)k-style Thrift Savings Plan needs to do a better job monitoring potential cyber incidents against its website, strengthen security at its data centers and come up with a plan for tracking all of its technology hardware. That's according to recent audits of the TSP program undertaken by the Labor Department, which were presented to the Federal Retirement Thrift Investment Board Monday.
The Securities and Exchange Commission is asking 50 registered investment advisers and broker-dealers for more information about how they protect their systems from cyber attacks.
In this edition of Inside the Reporter's Notebook, Executive Editor Jason Miller shares news and buzz about the IT and acquisition communities. GSA and SBA continue their ongoing quarrel over the Office Supplies 3 contract, and April marks the three-year anniversary of NSTIC's release.
Verizon's annual data breach report says federal employees cause nearly 60 percent of reported cyber attacks in government. And 34 percent of those breaches come from small mistakes, like emailing documents to the wrong person. Mark Forman, former administrator of the Office of e-Government and IT or the first federal CIO, is vice president for IT services and cloud initiatives at TASC. He tells In Depth with Francis Rose you and your co-workers could be the reason for a cyber breach at your agency.
HealthCare.gov users told to change passwords after government's Heartbleed probe
"Inside the DoD's Reporter's Notebook" is biweekly feature focused on news about the Defense Department and defense community as gathered by Federal News Radio DoD Reporter Jared Serbu.
Federal Managers Association President Pat Neihaus, and Andy Medici and Nicole Blake Johnson from the Federal Times will give us an update on a number of different pay issues affecting feds.
April 16, 2014
Federal cybersecurity officials are in knots over the Heartbleed threat. The vulnerability potentially affects a common data encryption system used on internet servers. Homeland Security says federal web servers are OK. Qualys has a free online SSL Server Test that can analyze a web server. Alan Paller, director of research at the cybersecurity education firm SANS Institute, explained the threat to Federal Drive hosts Tom Temin and Emily Kopp.
A House panel recently held back-to-back hearings: one with NASA Administrator Charles Bolden on the agency's budget request, and the other with the authors of a report on security at NASA centers. NASA is under pressure to show Congress it's tightening security following a high-profile case of a Chinese spy and other cybersecurity breaches that have flown under the radar. NASA requested a review of its security procedures after spotting some red flags. Joe Thompson, project director of the National Academy of Public Administration, organized the review. He told Federal Drive hosts Tom Temin and Emily Kopp about the study. Read Federal News Radio's related article.
Changes come in the wake of a NASA-commissioned report on the issue of foreign nationals' access to sensitive information. The study, which has not been released to the public, found the agency had failed to establish a central management structure for those workers' access to data and didn't impose consequences when its policies were violated.
The market research firm says 25,000 customers potentially had their credit card information exposed during the breach. Deltek says there is no evidence that usernames and passwords were misused.
Agencies are still facing several challenges when it comes to cybersecurity. They continue to deploy new technologies and business practices to fend off the cyber threats, but the Government Accountability Office says the number of data breaches has more than doubled over the last several years. Greg Wilshusen, director of Information Security Issues at the GAO, joined Federal Drive hosts Tom Temin and Emily Kopp to discuss the problem and GAO's ideas for fixing it.
House Veterans Affairs Committee members are fed up with repeated cybersecurity problems. They want the VA to improve its cybersecurity once and for all. A new bill tells the department exactly how to do it. The legislation is among the most prescriptive cyber bills that any agency has seen in almost a decade. Federal News Radio Executive Editor Jason Miller shares reactions to the bill with Federal Drive hosts Tom Temin and Emily Kopp. Read Federal News Radio's related article.
Rep. Jackie Walorski (R-Ind.) introduced the Veterans Information Security Improvement Act that would explicitly require VA to take steps to repair operational and procedure holes in its network and computer security processes.
The next version of cloud security standards is under development, even as agencies race to comply with current ones. The General Services Administration and the departments of Defense and Homeland Security are kicking off FedRAMP 2.0 by incorporating new NIST guidance. Federal News Radio Executive Editor Jason Miller joined Federal Drive hosts Tom Temin and Emily Kopp to explain how the agencies are keeping different standards aligned. Read Federal News Radio's related article.
DoD CIO Teri Takai clarifies the Pentagon plans to use the FedRAMP baseline. DHS and GSA are working together to ensure the continuous diagnostics and monitoring program and FedRAMP are aligned. But questions remain around how other cyber initiatives fit into the cloud security program.
The Pentagon plans to more than triple its cybersecurity staff in the next few years to defend against Internet attacks that threaten national security, Defense Secretary Chuck Hagel said. By 2016, the Pentagon should have 6,000 cyber professionals.