Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- Ask the CIO
- Connected Government
- Consolidating Mission-critical Systems
- Constituent Servicing
- Continuous Monitoring: Tools and Techniques for Trustworthy Government IT
- The Data Privacy Imperative: Safeguarding Sensitive Data
- Eliminating the Pitfalls: Steps to Virtualization in Government
- Federal Executive Forum
- Federal Tech Talk
- Government Cloud Brokerage: Who, What, When, Where, Why?
- Government Mobility
- Mission-critical Apps in the Cloud
- Mobile Device Management
- The Modern Federal Threat Landscape
- The Path from Legacy Systems
- Understanding the Intersection of Customer Service and Security in the Cloud
Shows & Panels
Search Tags: HSPD-12
More than eight years after the White House issued Homeland Security Presidential Directive-12 requiring the issuance of secure identity cards, governmentwide and agency-specific initiatives provide hope the smart cards can be more than "glorified ID cards." NIST and GSA are developing an identity exchange in the cloud. DHS and IRS are putting their cards to use at a local level for both building and computer access.
Tags: technology , acquisition , identity management , Tom McCarty , DHS , Kshemendra Paul , Information Sharing Environment , Sharon James , IRS , Naomi Lefkovitz , NIST , cloud computing , information sharing , back-end attribute exchange , GSA , PortfolioStat , AFCEA Bethesda , ACT-IAC , standards based acquisition model , Jason Miller
The agency is changing its approach to the Einstein tool to keep up with the changing technology. Mark Weatherford, under secretary for cybersecurity, said on Agency of the Month that DHS is helping agencies be more proactive in defending their networks. He isn't worried about the turnover in his office.
The department is trying to figure out the best way to manage the cards of contract employees after they leave the department. Every agency using a managed service provider for secure identity card issuance faces a similar challenge. Commerce also is working on integrating physical and logical access systems.
The National Institute of Standards and Technology is making it easier for agencies to test the use of logical access control for applications.
The agency turns to teams of experts to review how departments are meeting the Trusted Internet Connections (TIC) initiative. DHS plans to expand the use of Blue Teams to the implementation of continuous monitoring and two-factor authentication under Homeland Security Presidential Directive-12.
The agency will hold a workshop July 25 to review the second draft of FIPS 201-2.
NIST, DHS experts say protecting smartphones and tablets shouldn't be any different than securing typical desktop or laptop computers. DHS will release mobile security reference architecture to help agencies understand common concepts. NIST is updating security control guide with 250 new requirements, including mobile controls.
In a new report to Congress, the administration said continuous monitoring is taking hold, but HSPD-12 still is floundering. OMB also reported agencies spent $13.3 billion on cybersecurity last year and that government employees make up 60 percent of the cyber workforce.
The Defense Information Systems Agency created a Defense-wide directory of email addresses in support of their enterprise email system. But the real value in the listing of every military and civilian employee, contractor and retiree email address may be in securing information in a new way through the use of access based identity management. NIST is testing how to best use secure identity cards in the cloud.
Tags: technology , Alfred Rivera , DISA , Donna Dodson , NIST , cloud computing , Army , enterprise email , identity management , Common Access Card , Cybersecurity , DoD , information sharing , Jason Miller
Federal News Radio's Jason Miller offers his top stories of 2011 and predictions for 2012.
Tags: technology , acquisition , 2011 and Beyond , Jason Miller , Dan Gordon , Cybersecurity , acquisition workforce , shared services , cloud computing , mobile , open government , identity management , NSTIC , E-Government Fund