Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- Ask the CIO
- Building the Hybrid Cloud
- Connected Government: How to Build and Procure Network Services for the Future
- Continuing Diagnostics and Mitigation: Discussion of Progress and Next Steps
- Federal Executive Forum
- Federal Tech Talk
- The Future of Government Data Centers
- The Future of IT: How CIOs Can Enable the Service-Oriented Enterprise
- The Intersection: Where Technology Meets Transformation
- Maximizing ROI Through Data Center Consolidation
- Moving to the Cloud. What's the best approach for me
- Navigating Tough Choices in Government Cloud Computing
- The New Generation of Database
- Satellite Communications: Acquiring SATCOM in Tight Times
- Targeting Advanced Threats: Proven Methods from Detection through Remediation
- Transformative Technology: Desktop Virtualization in Government
- The Truth About IT Opex and Software Defined Networking
- Value of Health IT
- Air Traffic Management Transformation Report
- Cloud First Report
- General Dynamics IT Enterprise Center
- Gov Cloud Minute
- Government in Technology Series
- Homeland Security Cybersecurity Market Report
- National Cybersecurity Awareness Month
- Technology Insights
- The Cyber Security Report
- The Next Generation Cyber Security Experts
Shows & Panels
The Environmental Protection Agency can't keep track of the data it stores in the cloud. EPA's Inspector General says it a subcontractor for a water permit system was using a cloud system to run its share of the operation, but neither the agency nor the prime contractor was aware of it. Albert Schmidt is an IT auditor of Information Resources Management and audits for the EPA's Inspector General. He says this type of cybersecurity problem isn't entirely the agency's fault.
Chris LaPoint, vice president of Product Management for SolarWinds will discuss how his company can help your agency manage its information technology system.
August 26, 2014
Boston University researchers think they've found a new way to build a cybersecurity system. The Modular Approach to Cloud Security wins a $10 million grant from the National Science Foundation's Secure and Trustworthy Cyberspace program. The goal is to build a cloud made up of small functional components, each with their own security capabilities. Ran Canetti is director of the Center for Reliable Information Systems and Cybersecurity at Boston University and leads the project. He explained what a clear and transparent cloud might look like on In Depth with Francis Rose.
Plans for the 11th annual Cybersecurity Awareness Month are underway at the Department of Homeland Security. DHS will partner up with the National Cyber Security Alliance to offer different events each week catered for federal agencies, individuals, and private companies. Week One will focus on the basics of cybersecurity. Starting in Week Two the topics get a little more specific. You can learn about how to develop more secure IT products, including cloud systems, and in Week Four the theme is cybersecurity for small and medium-sized businesses. DHS and the National Cyber Security Alliance hope the outreach will strengthen and build cybersecurity best practices for both private companies and federal agencies.
The Defense Information Systems Agency, which serves as the broker between Defense Department components and commercial providers of cloud computing services, says the certification standards it set for commercial providers may be too arduous for vendors. DoD also launched five pilots to test the use of commercial cloud providers and is reassessing how it develops cloud requirements.
The service will test out a role-based authentication technology on an application in the MilCloud run by DISA. Frank Konieczny, the Air Force's chief technology officer, said the pilot could move into full production in six months. DoD is considering adding the role-based capability to the JIE framework.
Gary Wyckoff, the chief information officer of the Office of Naval Research, said ONR is on the cusp of putting several applications in the cloud. He said mobility is a more difficult road to travel.
Cloud computing could help the federal government respond to a catastrophic nuclear radiation disaster. The National Nuclear Security Administration just finished a test run of a cloud-based data collection system that combines radiation measurements from states across the country. The agency says the inspiration for how the system works comes from observing the impact of the Fukishima reactor leak in Japan. NNSA coordinated the test run with 200 people working from 38 different states. Together they collected and analyzed 21,000 measurements of environmental radiation around the country to see if anything was out of the ordinary. The 200 participants took water and soil samples, and luckily they didn't find anything of catastrophic proportions. NNSA says it's expanding the use of the cloud system to other agencies, too.
The Defense Department soon will name pilot programs for putting more sensitive data in a cloud that's not run by the military. More broadly, the DoD chief information officer plans to change the way the military uses and manages its network. Federal News Radio's Executive Editor Jason Miller joined Emily Kopp on the Federal Drive to discuss where DoD is heading. Read Jason's related article.
Terry Halvorsen, DoD's acting chief information officer, is planning to change the way the military uses and manages its network. The Joint Information Environment is driving many of the modernization efforts across DoD.
The Securities and Exchange Commission is responsible for billions of financial trade records a day, but it took the agency weeks and months and analyze them. The SEC quietly found a way to speed up that process — and save about $3 million at the same time. In part four of our special report, ,Rainmakers and Money Savers, Federal News Radio goes behind the scenes of the Securities and Exchange Commission to examine the work federal employees are doing on a daily basis, resulting in millions of dollars going straight into the federal coffers.
David Rubal, Public Sector Pre-Sales Consulting Manager with Tableau Software, will discuss how his company is helping agencies analyze and process big data.
August 12, 2014
Bajinder Paul, the Federal Trade Commission CIO, said a new modernization roadmap will bring operational capabilities to employees, aggregate policies and major acquisition initiatives across the agency and, most importantly, create a path for innovation.
The Defense Strategies Institute will host its Cloud Tech and Government IT Summit in a little over a month. The summit will run on September 23rd and 24th at the Mary M. Gates Learning Center in Alexandria, Virginia. The Defense Strategies Institute will offer training and educational seminars in a Town Hall format. DSI says federal agency leaders and innovators in cloud computing will join Industry experts for interactive speeches and debates. The overall focus of the summit is acquiring and securing cloud technology for civilian federal agencies and the DoD. DSI says it will also take a deep dive into IT modernization plans, data center consolidations, and IT infrastructure diversification. You can still register to attend the summit and active duty military and government employees can attend for free.
The Environmental Protection Agency is in the dark with its cloud contracts. EPA's Inspector General says the agency doesn't know how many cloud contracts it has, nor how secure they are. For an investigation, the IG chose a contract that met the definition of a cloud system. But the EPA didn't report it as a cloud contract because it didn't have "cloud" in the description. The agency's also using a sub-contractor that's not compliant with the Federal Risk and Authorization Management Program. The IG says the company might not have the capability to access its cloud system hardware so the office can investigate. The EPA didn't even know it was buying a cloud system at the very start of the contracting process. The IG says the agency wasn't aware cloud computing was part of the system it was procuring.
The General Services Administration will add a special cloud category to its IT Schedule 70 contracting vehicle. GSA wants to consolidate the contract's cloud options under a specific special item number. Right now the agency lists the cloud options under a variety of different numbers, so agencies browsing the system can't find them all in one place. GSA says the new approach will help small agencies in particular. The cloud-specific number will have its own subcategories of cloud-specific services, too. GSA wants industry recommendations on how to do it: a request for information is out on how best to differentiate the types of cloud services Schedule 70 includes. The deadline for the cloud industry to respond to GSA's request for information is August 6th. You can find the RFI on Fed Biz Opps.
The Defense Department's testing its own version of cybersecurity standards for cloud systems. The Defense Information Systems Agency is working with all the military branches to find a cybersecurity program that protects the cloud with Level-3 security requirements. DISA's enterprise cloud broker is conducting the software tests. DoD's chief of the risk management oversight division in the chief information officer's office,Kevin Delaney, isn't sure when the tests will be over. He says the development needs to run incrementally so each level of security controls are working right. The tests are coinciding with the deadline for agency cloud systems to earn security certification through the Federal Risk and Authorization Management Program. Right now FedRAMP offers cloud certification for low to moderate security levels.
DISA is working with the services to identify a mission-critical application in the cloud to ensure the additional requirements for Level-3 security are appropriate and achievable. Meanwhile, the FedRAMP program office is beginning to consider what the program will look like in two to three to five years.
New cloud security guidance is out from the Federal Risk and Authorization Management program, or FedRAMP. It includes new security controls and templates for agencies and cloud service providers to implement the new controls. The updates came a day after the deadline for agencies to earn FedRAMP certification for their cloud systems. The updates reflect changes from the National Institute of Standards and Technology's Special Publication 800-53. FedRAMP program manager Matt Goodrich says the latest update is the largest release of new FedRAMP information since the General Services Administration unveiled the whole concept two years ago. Right now federal agencies have 16 different FedRAMP-certified cloud options. Goodrich says those 16 options are already in place in 160 locations across the federal government.
Almost 90 percent of federal chief information officers say their agency has migrated to cloud computing in some way. That's according to a TechAmerica survey of about 60 federal CIOs and federal information technology professionals from 32 different agencies. More than one third of the respondents say they've already migrated their e-mail services, and about one in five have a cloud-based website or webpage service. One of the responding agencies expects to save more than $10 million a year from switching its enterprise e-mail system to the cloud. Federal systems are split in half between using private cloud providers and public cloud providers. Many CIOs are interested in expanding their cloud systems want to add new collaboration tools and a way to test new environments for their agencies.