Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- Ask the CIO
- Connected Government: How to Build and Procure Network Services for the Future
- Continuing Diagnostics and Mitigation: Discussion of Progress and Next Steps
- Federal Executive Forum
- Federal Tech Talk
- The Intersection: Where Technology Meets Transformation
- Maximizing ROI Through Data Center Consolidation
- Moving to the Cloud. What's the best approach for me
- Navigating Tough Choices in Government Cloud Computing
- The New Generation of Database
- Satellite Communications: Acquiring SATCOM in Tight Times
- Transformative Technology: Desktop Virtualization in Government
- Value of Health IT
Shows & Panels
The Veterans Affairs Department is under pressure from Congress to improve its cybersecurity. A recent hearing found VA's networks have been breached several times by nation states. VA also has struggled to fix long-standing cyber vulnerabilities. Federal News Radio was first to report in June 2013 allegations that a former senior IT executive at the agency was bullied into signing deficient security certifications. All of this is leading lawmakers and others to ask, how safe is the data of more than 20 million veterans? We explore VA's cyber issues in our ongoing special report, VA Cyber Efforts in the Hot Seat.
Rep. Jackie Walorski (R-Ind.) introduced the Veterans Information Security Improvement Act that would explicitly require VA to take steps to repair operational and procedure holes in its network and computer security processes.
Documents obtained by Federal News Radio show VA's financial audit found material weaknesses, including the failure to remove terminated employees from accessing the network, and the lack of a formal process for monitoring, preventing installation and removing unauthorized application software on agency systems. House Veterans Affairs lawmakers continue to press VA to make changes to their cybersecurity posture more quickly. VA officials say they have a multi-layered defense to include outside network monitoring by external partners, active scanning of Web applications and source code, and protection of servers, workstations, network and gateways, among other security efforts.
Documents obtained by Federal News Radio show VA failed for the 15th year in a row its consolidated financial statement audit with regard to security controls.
In a message to senior executives, Secretary Eric Shinseki said that Stephen Warren now will hold the title of executive in charge, Office of Information and Technology and chief information officer. The title change comes as the House Veterans Affairs Committee is turning up on the heat once again on the agency's ability to secure its systems and protect data.
A recent briefing between the House Veterans Affairs Committee, VA IT executives and DHS ended with the lead majority staff member walking out before the meeting ended. The rising tensions between the House Veterans Affairs committee's majority and VA come as a report surfaced showing veterans are at a higher risk of identity theft than the average citizen.
House Veterans Affairs Committee Chairman Jeff Miller (R-Fla.) and ranking member Michael Michaud (D-Maine) sent Secretary Eric Shinseki a letter asking for an explanation on why VA didn't tell the committee about multiple nation state attacks. The lawmakers call for VA to offer credit monitoring services to tens of millions of veterans.
The Veterans Affairs Department has been compromised by at least eight different nation state organizations that stole data from its systems, House lawmakers and other experts say. VA officials say there always are risks, but their computer security is better than ever before.
Exclusive: VA's security shortcuts put millions of veterans' data at risk, former VA cyber official alleges
The Veterans Affairs Department denies claims that systems or data are in danger. But Jerry Davis, the former deputy assistant secretary for information security in VA's Office of Information and Technology, asserts in documents that he was bullied into signing security certifications that were deficient as a condition of his departure from VA for a new job at NASA.