Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- Ask the CIO
- Building the Hybrid Cloud
- Connected Government: How to Build and Procure Network Services for the Future
- Continuing Diagnostics and Mitigation: Discussion of Progress and Next Steps
- Federal Executive Forum
- Federal Tech Talk
- The Future of Government Data Centers
- The Future of IT: How CIOs Can Enable the Service-Oriented Enterprise
- The Intersection: Where Technology Meets Transformation
- Maximizing ROI Through Data Center Consolidation
- Mitigating Insider Threats in Virtual & Cloud Environments
- Modern Mission Critical Series
- Moving to the Cloud. What's the best approach for me
- Navigating Tough Choices in Government Cloud Computing
- The New Generation of Database
- Satellite Communications: Acquiring SATCOM in Tight Times
- Targeting Advanced Threats: Proven Methods from Detection through Remediation
- Transformative Technology: Desktop Virtualization in Government
- The Truth About IT Opex and Software Defined Networking
- Value of Health IT
- Air Traffic Management Transformation Report
- Cloud First Report
- General Dynamics IT Enterprise Center
- Gov Cloud Minute
- Government in Technology Series
- Homeland Security Cybersecurity Market Report
- National Cybersecurity Awareness Month
- Technology Insights
- The Cyber Security Report
- The Next Generation Cyber Security Experts
Shows & Panels
Search Tags: Cybersecurity
SCMagazineUS.com reports that the malware author who uses the handle "iraq_resistance" is believed to be part of the cyber-jihad organization "Brigades of Tariq ibn Ziyad."
People exercise risk management, consciously and unconsciously, every day.
Many of us drive on a daily basis. Some speed, and risk the chance of getting caught, while others are more conservative and drive the exact speed limit. We base our decision on whether or not to exceed the speed limit on the information available to us at the time, including our knowledge, past experiences, or the conditions we see in front of us. We weigh the risks against impacts and consequences, making decisions based upon our tolerance for the outcomes. The same is true for federal cyber risk management.
Securing federal information and assets in cyberspace is the primary driver behind cybersecurity. Even so, other factors help define risk, including the potential for negative publicity if a cyber breach occurs, the impact to budget/performance plans if FISMA grades fall short, or the potential for investigations or congressional hearings if the burning issue of the day burns a bit too bright for too long. Federal cyber risk management fundamentally boils down to making risk decisions based upon an agency's risk tolerance - and the drivers behind an agency's tolerance vary across the federal government.
Risk is defined as the likelihood of a future event that may have unintended or unexpected consequences. Federal agencies make the best cyber risk management decisions by using data and information to evaluate the agency's strengths and weaknesses for delivering on its cyber mission in the context of potential threats.
Agencies must use information and data from various disparate sources across the enterprise to make these decisions, including audit log information, vulnerability data, asset information, the agency's regulatory compliance status, external and internal threat activity, human capital risks to the cybersecurity mission, and many more. As challenging as it may be for agencies to consume large volumes of disparate data, it is a challenge that is essential to overcome for agencies to make the best cyber risk management decisions.
Is this achievable? Absolutely. The business intelligence movement established the foundation allowing agencies to minimize risk exacerbated by ad-hoc decision-making. Leveraging business intelligence capabilities for cybersecurity enables agencies to aggregate data across technical and organizational stovepipes and to provide agency cybersecurity leaders with mechanisms for making informed, risk decisions. By better understanding the cyber landscape, federal cybersecurity leaders can - much like our speeding driver example - understand "how fast" to drive and make better investment decisions when addressing enterprise cybersecurity risks.
The Performance Work Statement (PWS) defines the requirements for the Contractor to provide non-personal services for Information Technology (IT) support to the United States Army Chief Information Officer (CIO)/G6, Cyber Information Assurance Directorate.
Learn more in today's cybersecurity update
Fort Meade contractor Zytel to be acquired for $28.6M, Mozilla halts Firefox security updates
Learn more about what the 500-page guide details
Learn more in today's Cybersecurity Update
Learn more in today's cybersecurity update
Anti-US hacker takes credit for 'Here you have' worm
Cybersecurity is among the federal government's top priorities…and with good reason. The cyber threat is complex and evolving rapidly. According to the U.S. Government Accountability Office (GAO), the number of cyber incidents reported by federal agencies increased by 400% over a four year period. Also, cyber threats come from multiple sources (e.g., terrorists, criminal organizations, hackers, disgruntled insiders, rogue nations, etc.) with a host of motivations for, and resources to, attack.
To beat the cyber threat, federal Chief Information Security Officers (CISOs) must assess risk, develop cybersecurity policies, and build the operational infrastructure to execute an agency cybersecurity program. They also need experienced cybersecurity professionals - that's where we come in… A dedicated cybersecurity firm - and the market leader in providing risk management, governance, operations, and compliance services to the federal government - our team takes pride in being the government's trusted advisor for cybersecurity.
In this space, we will share our insights on the news, challenges, and policies that drive decision-making and problem solving around cybersecurity in the federal government. By discussing key cybersecurity topics in this blog, and highlighting those of other federal community thought leaders in our companion "Trusted Advisor Series" on WTOP radio, we hope to add value to this critical dialogue. We look forward to sharing this online experience with you. - KCG's Trusted Advisor