Shows & Panels
- AFCEA Answers
- Ask the CIO
- The Big Data Dilemma
- Carrying On with Continuity of Operations
- Connected Government
- Constituent Servicing
- Continuous Monitoring: Tools and Techniques for Trustworthy Government IT
- The Cyber Imperative
- Cyber Solutions for 2013 and Beyond
- The Data Privacy Imperative: Safeguarding Sensitive Data
- Expert Voices
- Federal Executive Forum
- Federal IT Challenge
- Federal Tech Talk
- Mission-critical Apps in the Cloud
- The Modern Federal Threat Landscape
- The Path from Legacy Systems
- The Real Deal on Digital Government
- The Reality of Continuous Monitoring... Is Your Agency Secure?
- Veterans in Private Sector: Making the Transition
Shows & Panels
Search Tags: Cybersecurity
What is DHS's role in cyber security. DHS uses intrusion detection tools to monitor .gov network traffic for malicious activity and uses this resulting data to address cyber vulnerabilities. In addition, DHS issues bulletins and alerts that provide information on potential cyber threats. Last year, DHS issued more the 5,000 alerts and advisories, which it shared with various government, private sector, and critical infrastructure stakeholders; as well as the public.
Suzanne Spaulding, the nominee to be the deputy undersecretary of the National Protection and Programs Directorate, told Senate lawmakers DHS had to reduce the number of federal devices that will be covered by the CDM program because of budget shortfalls.
Tags: technology , DHS , Suzanne Spaulding , Senate Homeland Security and Governmental Affairs Committee , cybersecurity , Einstein , continuous monitoring , FISMA , Congress , Cyber Workforce , Jason Miller
Jim Williams and Rick Holgate from ACT-IAC will fill us in on next month's 2013 Executive Leadership Conference in Williamsburg Virginia.
September 17, 2013
Tags: technology , 2013 Executive Leadership Conference , ACT-IAC , Jim Williams , Daon , Rick Holgate , ATF , cybersecurity , Healthcare IT , public safety , law enforcement , mobile computing , mobile device management , John Gilroy , information technology , Federal Tech Talk
Cyber criminals --what's their M.O.? USCERT says Attackers focus on exploiting client-side systems (your computer) through various vulnerabilities. They use these vulnerabilities to take control of your computer, steal your information, destroy your files, and use your computer to attack other computers. A low-cost way attackers do this is by exploiting vulnerabilities in web browsers. An attacker can create a malicious web page that will install Trojan software or spyware that will steal your information.
To promote cyber security practices and develop these core capabilities, DHS says it is working with critical infrastructure owners and operators to create a Cyber security Framework - a set of core practices to develop capabilities to manage cyber security risk. These are the known practices that many firms already do, in part or across the enterprise and across a wide range of sectors. The draft Framework will be complete in October.
While the threat of a Sept. 11-style attack may not be as great, terrorism, either of the lone-wolf or state-sponsored variety, still poses a threat to the U.S. Agencies are moving to protect themselves in areas such as cybersecurity.
The Office of the Director of National Intelligence said the lead agencies under the IC IT Enterprise program launched a standard desktop, a secure community cloud and an apps store in mid-August. Al Tarasiuk, the assistant DNI and intelligence community chief information officer, said the key to this effort was having an ICwide agreed-upon security architecture and policies.
How strong is your password? Cyber criminals are running a wide-ranging password-guessing attack against some of the most popular blogging and content management systems on the net. The Fort Disco cracking campaign began in late May this year and is still going on. The UK based Register reports Four strains of Windows malware are associated with the campaign, each of which caused infected machines to phone home to a hard-coded command and control domain
Techweek has been reporting that two large botnets have targeted various content management systems, including WordPress and Joomla. The most recent attacks were labeled as Fort Disco, which began in late May 2013, according to Arbor Networks. Arbor has found six command and control servers, running over 25,000 infected Windows machines that were used to attack CMS systems using brute force or basically running through large lists of possible passwords.
The Department of Energy first reported in August 14,000 current and former employees had their Personally Identifiable Information stolen. The department now says that number is nearly four times what it had originally thought.