bnv.fnr.search/tags;tile=1;pos=top;sz=728x90;ord=
11:09 am, October 2, 2014

Search Result

Search Tags:  Cybersecurity

Federal Cyber Security Education and Training

Cyber attacks are a growing vulnerability for our homeland security and broader national interests - and federal employees are on the front lines. In fact, Politico recently reported that Congress and other government agencies face an average of 1.8 billion cyber attacks per month. Both the number of attacks and their sophistication continue to increase at an alarming rate.

In many instances, the key to successfully combating an attack is stopping it at its entry point, which is often the unsuspecting federal employee. For example, the Politico report pointed out that "…attacks are increasingly focused on infiltrating application software on Hill staffer computers…,"noting:

    In the last five months of 2009, 87 Senate offices, 13 Senate committees and seven other offices were attacked by spear-phishing attacks, which appeared as e-mail messages to staffers urging them to open infected attachments or click on bad links.
It is critical that federal employees understand the possible types of cyber attacks in order to guard against them. Creating an awareness of cyber threats is only the beginning. Addressing a persistent and evolving threat requires persistent and evolving training. A number of key elements are required for any near-term or long-term cyber security training effort to succeed.
  • Cyber security must be an agency priority. Cyber security education and training are much like any other agency initiative: if leadership indicates that something is a priority, agency employees will take action. Agency leadership must make it clear that cyber security education and training are a priority, model the behavior they ask of their employees, and dedicate resources to address the problem and its solution. If they do so, federal employees will respond accordingly.
  • Education and training must be continuous. Hackers, terrorists, and other bad cyber actors do not wait for reporting requirements or other compelling organizational issues to decide when to attack - they just do. Education and training efforts should be ongoing, consistently updated, and test employees' understanding of the topic on a regular basis. Agencies must be as persistent and agile in their training as cyber attackers are in their efforts to do harm.
  • All agency employees must be included in training. All agency employees, and their contractors, are vulnerable to cyber attacks. No grade level is too high or too entry-level to be excluded from standard education and training.
  • Reporting and accountability measures must be implemented. Accountability mechanisms should be used to not only identify those personnel who have or have not received cyber security training, but also on how well they retain the information they have learned. The use of cyber security quizzes or other mechanisms to test the workforce's cyber knowledge provide a quantitative measure of the effectiveness of the training program as well as targeting specific personnel or subjects for deeper training.


  • The techniques used to attack information networks and exploit information are quickly evolving to the point where it is almost impossible to distinguish intrusion activity. The federal government must use an educated workforce on the cyber threat as a force multiplier as part of its cyber security strategy. Individual employees and agencies must share the responsibility for anticipating and preventing cyber attacks from succeeding.

    Tags: technology , Trusted Advisor Blog , cybersecurity , cyber , Congress , Senate , Politico

    Friday - 03/19/2010, 05:28pm EDT

Schmidt: U.S. can fight cyberwar

Learn more in today's cybersecurity update.

Tags: technology , cybersecurity , Cybersecurity Update

Monday - 03/08/2010, 04:05pm EST

Fatal System Error: design flaws put federal systems at risk

Expert says the federal government has a lot of clout that it's not using. In its buying power, it needs to insist on safer software when they buy it ... things can move in the right direction.

Tags: Cybersecurity Update , cybersecurity , Financial Times , Fatal System Error: The Hunt for the New Crime Lor , Joseph Menn

Friday - 03/05/2010, 09:36am EST
Listen

Former E-Gov Administrator Karen Evans praises Obama IT priorities

"Continuing commitment to information technology" earns kudos from leader of Bush administration's IT operation.

Tags: management , technology , best practices , cybersecurity , Karen Evans , DHS , homeland security

Thursday - 02/18/2010, 06:38pm EST
Listen

Industry Chatter: Dr. Stan Sloane of SRA International

SRA Chief Executive Officer believes in a greater focus on preventing intellectual property loss.

Tags: Industry Chatter , contracting , technology , cybersecurity , Congress , budget , Stan Sloane , SRA International , health IT , Karen Evans

Thursday - 02/18/2010, 01:51pm EST
Listen

Industry Chatter: Ed Hammersla of Trusted Computer Solutions

Trusted Computer Solutions COO delves into cybersecurity, acquisition, and more.

Tags: contracting , technology , best practices , cybersecurity , Ed Hammersla , Trusted Computer Solutions , Industry Chatter

Wednesday - 02/17/2010, 08:30pm EST
Listen

New alliance in the battle for cybersecurity

There is a new alliance in the battle for cybersecurity. Though neither side has confirmed it, The Washington Post recently reported that Google has asked the NSA to help investigate the mid-December cyber attack against its networks "to better defend Google - and its users - from future attack." This partnership demonstrates the increasing interdependencies between the public and private sector in defending against cyber threats.

Tags: technology , Trusted Advisor Report , cybersecurity , Google , NSA , cyber

Wednesday - 02/17/2010, 04:44pm EST

DHS Chief Information Officer Richard Spires reviewing all agency's IT projects

CIO has reviewed half of the 79 major IT investments at the agency, and says so far none have been deemed "fatally flawed."

Tags: technology , management , best practices , cybersecurity , homeland security , DHS , Richard Spires , Margie Graves

Monday - 02/15/2010, 06:28pm EST
Listen
  •  
  • 245
  •