Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- Ask the CIO
- Building the Hybrid Cloud
- Connected Government: How to Build and Procure Network Services for the Future
- Continuing Diagnostics and Mitigation: Discussion of Progress and Next Steps
- Federal Executive Forum
- Federal Tech Talk
- The Intersection: Where Technology Meets Transformation
- Maximizing ROI Through Data Center Consolidation
- Moving to the Cloud. What's the best approach for me
- Navigating Tough Choices in Government Cloud Computing
- The New Generation of Database
- Satellite Communications: Acquiring SATCOM in Tight Times
- Targeting Advanced Threats: Proven Methods from Detection through Remediation
- Transformative Technology: Desktop Virtualization in Government
- The Truth About IT Opex and Software Defined Networking
- Value of Health IT
Shows & Panels
The goal is to more accurately evaluate the security of the government's computer networks and systems. These efforts could bring more consistency to the cyber auditing process and engender more confidence in its results.
Phyllis Schneck, the deputy undersecretary for cybersecurity in the National Protection and Programs Directorate at DHS, said the department's goal is to further the trust relationship with industry around sharing and understanding cybersecurity threats.
February 6, 2014
The inconsistent way inspectors general review the security of federal networks and computers is causing uncertainty around what is working and what isn't in the federal government. A recent State Department IG management alert is a prime example of this growing disconnect.
Early pilots in DHS information sharing project appears to show that bureau-level IT systems built decades ago can share information with one another, and also protect against data privacy problems.
Former federal CISO Pat Howard offers tips to waterproof your agency's information security continuous monitoring strategy.
Phyllis Schneck, the deputy undersecretary for cybersecurity at DHS, said the department will release a voluntary cyber program on Feb. 14 as part of the deliverables under President Barack Obama's 2013 Executive Order. Schneck said among her top priorities is to continue to build a trust relationship with the assorted public and private sector stakeholders.
GSA and DoD release six suggestions for how to better integrate cybersecurity in the acquisition progress. The recommendations are one of the deliverables under the cyber Executive Order President Obama signed last February. GSA will release a RFI in the coming weeks to let industry and others comment on how best to begin implementation.
More agencies are recognizing the growing importance of keeping data private after recent information leaks and cyber breaches. The Federal Trade Commission is among the agencies at the head of the pack and is relying on best practices.
Rep. Jeff Miller (R-Fla.) wants answers from the Veterans Affairs Department after its latest privacy and cyber breach of the data of more than 5,000 veterans through its eBenefits portal. VA says it has fixed the software defect and its Data Breach Core Team is investigating what happened.
A new white paper from SafeGov recommended ways for agencies to move to an integrated cloud and cyber approach and away from one that is fragmented and ad hoc in many respects. Karen Evans, a co-author of the report and a former Office of Management and Budget administrator for e-government and IT, said agencies need a clearer picture of how this integration could happen.
The Defense Information Systems Agency says an eventual commercial cloud buy probably won't be bundled into a single contract vehicle, but in the meantime, DoD needs to work through challenges involving security, approval policy and network operations.
How can you tell if your system has been compromised? Internet security firm Mandiant says there are numerous signs. Included are evidence of unauthorized use of valid accounts, trace evidence & partial files, command and control activity, known and unknown malware, suspicious network traffic, valid programs used for other purposes and files that have obviously been accessed by attackers. IT managers are reminded that threats can slip in undetected and lay dormant for long periods of time before striking.
How do you shop securely online. The Center for Internet Security says you should "know your online merchants. Limit online shopping to merchants you know and trust. Only go to sites by directly typing the URL in the address bar. If you are unsure about a merchant, check with the Better Business Bureau or the Federal Trade Commission to ensure its legitimacy. Confirm the online seller's contact information in case you have questions or problems. Use a credit card, not a debit card. Credit cards are protected by the Fair Credit Billing Act and may reduce your liability if your information is used improperly.
Devices such as smartphones and tablets are being used more and more often for online shopping and the Center for Internet Security is warning that means the volume of attacks against them will increase as well. The "center" says every time you download an app, you open yourself to potential vulnerabilities. Their advice is to research those apps you plan to download to verify their legitimacy. Update all apps when notified and disable Bluetooth and Near Field Communications when not in use to reduce the risk of your data, such as a credit card number, being intercepted by a nearby device.
Recently several large U.S. companies were hacked online and like other victims of similar attacks, they were not aware until well after the attack happened. In some cases it was months. Online security firm Mandiant says, often attacks are blamed on malware, but they say 46% of compromised machines have no malware on them. Mandiant says hackers can navigate through conventional safeguards easily leaving little or no trace.
Senate lawmakers won out over the debate about whether or not to merge the E-Government Fund with the Federal Citizen Services Fund. DHS also receives $166 million for cybersecurity programs in the fiscal 2014 spending bill.
GSA made the first set of awards under the continuous diagnostics and mitigation (CDM) contract.
Concerns about health care website security easing as recent testing successfully completed
The White House and the Information Sharing Environment released the Strategic Implementation Plan for the President's National Strategy for Information Sharing and Safeguarding. The plan details 16 initiatives that span federal, state, local and tribal governments as well as private sector and international partners.
January 16, 2014
Federal News Radio Executive Editor Jason Miller joins host Mark Amtower to talk about a number of Federal IT issues.
January 13, 2014