Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- Ask the CIO
- Connected Government
- Consolidating Mission-critical Systems
- Constituent Servicing
- Continuous Monitoring: Tools and Techniques for Trustworthy Government IT
- The Data Privacy Imperative: Safeguarding Sensitive Data
- Eliminating the Pitfalls: Steps to Virtualization in Government
- Federal Executive Forum
- Federal Tech Talk
- Government Cloud Brokerage: Who, What, When, Where, Why?
- Government Mobility
- Mission-critical Apps in the Cloud
- Mobile Device Management
- The Modern Federal Threat Landscape
- The Path from Legacy Systems
- Understanding the Intersection of Customer Service and Security in the Cloud
Shows & Panels
In an effort to provide a better environment for commenting, we have changed our comment platform. In order to comment on a story, you will first need to create a Disqus account if you do not already have one. It's easy! Sign up for an account below by clicking in the "Leave a message" field and then clicking on the blue Disqus icon. Alternatively, you can now comment using your Facebook, Twitter or Google accounts.
Federal News Radio understands how important anonymity is to some commenters. Like our previous platform, our new system allows users to identify their comments with a screen name (instead of their first and last name) if they so choose. Find more information about creating a screen name and other frequently asked questions about Disqus here.
Our comment policy itself has not changed. Federal News Radio encourages users to express their opinions by posting comments that have a positive and constructive tone; are on topic, clear and to-the-point; and are respectful towards others and their opinions. Our goal is to maintain a civil dialogue in which readers feel comfortable. Federal News Radio reserves the right to remove comments and block users that do not follow these criteria.comments powered by Disqus
The Education Department's new security operations center reached initial operations capability in 2013 featuring six tools to improve the protection of its network and data. Steve Grewal, Education's chief information security officer, said a move to cloud and mobile computing requires the agency to have more visibility and accountability into how vendors protect its network.
March 6, 2014
Agencies must use only cloud services that have been approved under the Federal Risk Authorization and Management Program (FedRAMP) by June. OMB will receive more details on agency progress with the latest quarterly update through PortfolioStat. Meanwhile, FedRAMP's security baseline will be revised this summer.
Navy Cyber Forces, already headquartered in Suffolk, Va., will take over responsibility for building the knowledge workforce the Navy terms the "information dominance corps."
Departments have a week to finalize their plans to implement information security continuous monitoring by 2017. State and DHS already are heading down the new cyber path, and are excited to take advantage of the standard suite of products and services under the CDM contract.
Maryland officials have signed an agreement with the National Institute of Standards and Technology to more clearly define the development of the National Cybersecurity Center of Excellence in the state.
Government officials, associations and companies are offering insight and comments on the recently released White House cyber framework.
Sen. Tom Coburn's (R-Okla.) report on cybersecurity and critical infrastructure in the federal government examined more than 40 inspector general audits and revealed gaping holes in the security of agencies' systems.
The goal is to more accurately evaluate the security of the government's computer networks and systems. These efforts could bring more consistency to the cyber auditing process and engender more confidence in its results.
Phyllis Schneck, the deputy undersecretary for cybersecurity in the National Protection and Programs Directorate at DHS, said the department's goal is to further the trust relationship with industry around sharing and understanding cybersecurity threats.
February 6, 2014
The inconsistent way inspectors general review the security of federal networks and computers is causing uncertainty around what is working and what isn't in the federal government. A recent State Department IG management alert is a prime example of this growing disconnect.
Early pilots in DHS information sharing project appears to show that bureau-level IT systems built decades ago can share information with one another, and also protect against data privacy problems.
Former federal CISO Pat Howard offers tips to waterproof your agency's information security continuous monitoring strategy.
Phyllis Schneck, the deputy undersecretary for cybersecurity at DHS, said the department will release a voluntary cyber program on Feb. 14 as part of the deliverables under President Barack Obama's 2013 Executive Order. Schneck said among her top priorities is to continue to build a trust relationship with the assorted public and private sector stakeholders.
GSA and DoD release six suggestions for how to better integrate cybersecurity in the acquisition progress. The recommendations are one of the deliverables under the cyber Executive Order President Obama signed last February. GSA will release a RFI in the coming weeks to let industry and others comment on how best to begin implementation.
More agencies are recognizing the growing importance of keeping data private after recent information leaks and cyber breaches. The Federal Trade Commission is among the agencies at the head of the pack and is relying on best practices.
Rep. Jeff Miller (R-Fla.) wants answers from the Veterans Affairs Department after its latest privacy and cyber breach of the data of more than 5,000 veterans through its eBenefits portal. VA says it has fixed the software defect and its Data Breach Core Team is investigating what happened.
A new white paper from SafeGov recommended ways for agencies to move to an integrated cloud and cyber approach and away from one that is fragmented and ad hoc in many respects. Karen Evans, a co-author of the report and a former Office of Management and Budget administrator for e-government and IT, said agencies need a clearer picture of how this integration could happen.
The Defense Information Systems Agency says an eventual commercial cloud buy probably won't be bundled into a single contract vehicle, but in the meantime, DoD needs to work through challenges involving security, approval policy and network operations.
How can you tell if your system has been compromised? Internet security firm Mandiant says there are numerous signs. Included are evidence of unauthorized use of valid accounts, trace evidence & partial files, command and control activity, known and unknown malware, suspicious network traffic, valid programs used for other purposes and files that have obviously been accessed by attackers. IT managers are reminded that threats can slip in undetected and lay dormant for long periods of time before striking.
How do you shop securely online. The Center for Internet Security says you should "know your online merchants. Limit online shopping to merchants you know and trust. Only go to sites by directly typing the URL in the address bar. If you are unsure about a merchant, check with the Better Business Bureau or the Federal Trade Commission to ensure its legitimacy. Confirm the online seller's contact information in case you have questions or problems. Use a credit card, not a debit card. Credit cards are protected by the Fair Credit Billing Act and may reduce your liability if your information is used improperly.