bnv.fnr.news/main;news=stories;tile=1;pos=top;sz=728x90,970x90;ord=
5:37 am, August 28, 2014

VA Cyber Efforts in the Hot Seat

The Veterans Affairs Department is under pressure from Congress to improve its cybersecurity. A recent hearing found VA's networks have been breached several times by nation states. VA also has struggled to fix long-standing cyber vulnerabilities. Federal News Radio was first to report in June 2013 allegations that a former senior IT executive at the agency was bullied into signing deficient security certifications. All of this is leading lawmakers and others to ask, how safe is the data of more than 20 million veterans? We explore VA's cyber issues in our ongoing special report, VA Cyber Efforts in the Hot Seat.

House lawmakers lose patience with VA, introduce prescriptive cyber bill

Rep. Jackie Walorski (R-Ind.) introduced the Veterans Information Security Improvement Act that would explicitly require VA to take steps to repair operational and procedure holes in its network and computer security processes.

Thursday - 04/03/2014, 03:23pm EDT
Listen

VA cyber saga continues as audit shows continued holes in network security

Documents obtained by Federal News Radio show VA's financial audit found material weaknesses, including the failure to remove terminated employees from accessing the network, and the lack of a formal process for monitoring, preventing installation and removing unauthorized application software on agency systems. House Veterans Affairs lawmakers continue to press VA to make changes to their cybersecurity posture more quickly. VA officials say they have a multi-layered defense to include outside network monitoring by external partners, active scanning of Web applications and source code, and protection of servers, workstations, network and gateways, among other security efforts.

Thursday - 12/19/2013, 05:24pm EST
Listen

Documents reveal weaknesses in VA's security controls

Documents obtained by Federal News Radio show VA failed for the 15th year in a row its consolidated financial statement audit with regard to security controls.

Thursday - 12/19/2013, 02:49pm EST

VA's Warren given CIO title as House ramps up cyber investigation

In a message to senior executives, Secretary Eric Shinseki said that Stephen Warren now will hold the title of executive in charge, Office of Information and Technology and chief information officer. The title change comes as the House Veterans Affairs Committee is turning up on the heat once again on the agency's ability to secure its systems and protect data.

Wednesday - 10/30/2013, 05:38pm EDT

Exclusive: Serious doubts remain about VA's ability to secure veterans' data

A recent briefing between the House Veterans Affairs Committee, VA IT executives and DHS ended with the lead majority staff member walking out before the meeting ended. The rising tensions between the House Veterans Affairs committee's majority and VA come as a report surfaced showing veterans are at a higher risk of identity theft than the average citizen.

Wednesday - 08/07/2013, 08:32pm EDT
Listen

House lawmakers press VA for more details, assurances after cyber attacks

House Veterans Affairs Committee Chairman Jeff Miller (R-Fla.) and ranking member Michael Michaud (D-Maine) sent Secretary Eric Shinseki a letter asking for an explanation on why VA didn't tell the committee about multiple nation state attacks. The lawmakers call for VA to offer credit monitoring services to tens of millions of veterans.

Friday - 06/14/2013, 12:33pm EDT
Listen

Lawmakers, IG expose further vulnerabilities in VA's cybersecurity

The Veterans Affairs Department has been compromised by at least eight different nation state organizations that stole data from its systems, House lawmakers and other experts say. VA officials say there always are risks, but their computer security is better than ever before.

Wednesday - 06/05/2013, 09:13am EDT
Listen

Exclusive: VA's security shortcuts put millions of veterans' data at risk, former VA cyber official alleges

The Veterans Affairs Department denies claims that systems or data are in danger. But Jerry Davis, the former deputy assistant secretary for information security in VA's Office of Information and Technology, asserts in documents that he was bullied into signing security certifications that were deficient as a condition of his departure from VA for a new job at NASA.

Monday - 06/03/2013, 06:01am EDT
Listen