Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- Ask the CIO
- Building the Hybrid Cloud
- Connected Government: How to Build and Procure Network Services for the Future
- Continuing Diagnostics and Mitigation: Discussion of Progress and Next Steps
- Federal Executive Forum
- Federal Tech Talk
- The Future of Government Data Centers
- The Future of IT: How CIOs Can Enable the Service-Oriented Enterprise
- The Intersection: Where Technology Meets Transformation
- Maximizing ROI Through Data Center Consolidation
- Moving to the Cloud. What's the best approach for me
- Navigating Tough Choices in Government Cloud Computing
- The New Generation of Database
- Satellite Communications: Acquiring SATCOM in Tight Times
- Targeting Advanced Threats: Proven Methods from Detection through Remediation
- Transformative Technology: Desktop Virtualization in Government
- The Truth About IT Opex and Software Defined Networking
- Value of Health IT
- Air Traffic Management Transformation Report
- Cloud First Report
- General Dynamics IT Enterprise Center
- Gov Cloud Minute
- Government in Technology Series
- Homeland Security Cybersecurity Market Report
- National Cybersecurity Awareness Month
- Technology Insights
- The Cyber Security Report
- The Next Generation Cyber Security Experts
Shows & Panels
Search Tags: Cybersecurity
Michael Daniel, the Obama administration's cybersecurity coordinator, says he wants to dismantle the most common method of cyber protection: passwords. Even as cyber threats continue to grow more sophisticated and destructive, passwords are weakening and proving easier to crack than ever. The solution lies in the National Strategy for Trusted Identities in Cyberspace (NSTIC), which calls for a broad "identity ecosystem" to replace simple passwords.
DISA is working with the services to identify a mission-critical application in the cloud to ensure the additional requirements for Level-3 security are appropriate and achievable. Meanwhile, the FedRAMP program office is beginning to consider what the program will look like in two to three to five years.
The Defense Department's testing its own version of cybersecurity standards for cloud systems. The Defense Information Systems Agency is working with all the military branches to find a cybersecurity program that protects the cloud with Level-3 security requirements. DISA's enterprise cloud broker is conducting the software tests. DoD's chief of the risk management oversight division in the chief information officer's office,Kevin Delaney, isn't sure when the tests will be over. He says the development needs to run incrementally so each level of security controls are working right. The tests are coinciding with the deadline for agency cloud systems to earn security certification through the Federal Risk and Authorization Management Program. Right now FedRAMP offers cloud certification for low to moderate security levels.
With stories of cyberattacks making the news almost daily, it has become more important than ever to protect the critical infrastructure supporting private industry. That's the goal behind a cybersecurity framework mandated by President Obama, developed by the National Institutes of Standards and Technology (NIST), and now being implemented by the Department of Homeland Security (DHS). In this edition of "AFCEA Answers," we'll get insights into the progress on the framework from Bobbie Stempfley, Deputy Assistant Secretary for Cybersecurity Strategy and Emergency Communications with DHS's National Protections and Programs Directorate. Stempfley will outline the importance of the voluntary nature of the framework, explain the need for highly trained cybersecurity professionals, and discuss how DHS works with other federal agencies and key public and private stakeholders.
Chandra McMahon, Lockheed Martin's vice president for commercial markets, discusses NSA's accreditation system that tests cybersecurity companies against 21 separate focus areas.
The Federal Communications Commission is challenging telecoms to work more closely with it to improve the nation's cybersecurity. FCC Chairman Tom Wheeler says he is not planning more regulations, rather he is asking the companies to share responsibility. Federal News Radio's Executive Editor Jason Miller joined Tom Temin and Emily Kopp on the Federal Drive to discuss the FCC's plans. Read Jason's related article.
Cybersecurity projects and programs are getting some hefty backing from the Senate.
Chairman Tom Wheeler said he wants to build on the initial success of the critical infrastructure cybersecurity framework released by the White House in February. He said it's not a matter of new regulations, but creating a joint approach to improving the network security across the entire communications sector. Rep. Mike Rogers (R-Mich.) renews hope for Congress to pass information sharing legislation this year.
Congress is closer to cybersecurity legislation that tries to protect infrastructure from attacks. But Congress, and all the other organizations that make policy that affects the Internet, may be asking the wrong questions. Jay Healey, director of the Cyber Statecraft Initiative at the Atlantic Council, writes about the future of cybersecurity in National Interest Magazine. He explains on In Depth with Francis Rose what questions Congress should be asking.
The Department of Defense recognizes that it and American companies are prime targets for hackers, whether they be a nation-state or individuals. So it's put in place an operating strategy. That strategy is comprised of 5 elements: 1) a defensible architecture; 2) global situational awareness and a common operating picture; 3) a concept for operating in cyberspace; 4) trained and ready cyber forces; and 5) capacity to take action when authorized.