Shows & Panels
- The 2014 Big Picture on Cyber Security
- AFCEA Answers
- Ask the CIO
- Building the Hybrid Cloud
- Connected Government: How to Build and Procure Network Services for the Future
- Continuing Diagnostics and Mitigation: Discussion of Progress and Next Steps
- Federal Executive Forum
- Federal Tech Talk
- The Future of Government Data Centers
- The Future of IT: How CIOs Can Enable the Service-Oriented Enterprise
- The Intersection: Where Technology Meets Transformation
- Maximizing ROI Through Data Center Consolidation
- Moving to the Cloud. What's the best approach for me
- Navigating Tough Choices in Government Cloud Computing
- The New Generation of Database
- Satellite Communications: Acquiring SATCOM in Tight Times
- Targeting Advanced Threats: Proven Methods from Detection through Remediation
- Transformative Technology: Desktop Virtualization in Government
- The Truth About IT Opex and Software Defined Networking
- Value of Health IT
- Air Traffic Management Transformation Report
- Cloud First Report
- General Dynamics IT Enterprise Center
- Gov Cloud Minute
- Government in Technology Series
- Homeland Security Cybersecurity Market Report
- National Cybersecurity Awareness Month
- Technology Insights
- The Cyber Security Report
- The Next Generation Cyber Security Experts
Shows & Panels
Search Tags: SANS Institute
A large chunk of the government IT workforce that's charged with implementing the Homeland Security Department's new continuous diagnostics and mitigation initiative still doesn't know much about it. The lack of awareness is most acute with agency inspectors general. But those that have pressed forward with CDM say their networks have already become more secure or less costly.
Under the continuous diagnostics and mitigation program, DHS wants to ensure systems administrators have data on the most pressing threats and vulnerabilities first so they can fix them as soon as possible. John Streufert, DHS's director of federal network resilience, said the recently-awarded dashboard will be set up to do just that.
Federal cybersecurity officials are in knots over the Heartbleed threat. The vulnerability potentially affects a common data encryption system used on internet servers. Homeland Security says federal web servers are OK. Qualys has a free online SSL Server Test that can analyze a web server. Alan Paller, director of research at the cybersecurity education firm SANS Institute, explained the threat to Federal Drive hosts Tom Temin and Emily Kopp.
GSA's cyber dashboard is starting to look a little clearer.
The goal is to more accurately evaluate the security of the government's computer networks and systems. These efforts could bring more consistency to the cyber auditing process and engender more confidence in its results.
Federal employees are eligible for a free one-day training session in early November on implementing continuous monitoring. The goal is to help agencies make good use of the continuous diagnostics and monitoring contract DHS awarded in August.
DHS awards 17 vendors a spot on the continuous diagnostics and mitigation contract. Agencies can now access a common set of tools and services to improve how they monitor and secure their computer networks.
The company says both sites have been scrubbed of malware and vulnerabilities have been closed. The "drive-by" attack that affected the sites is a growing type of cyber hack that looks for holes in popular websites. FederalNewsRadio.com and WTOP.com are available again to users of all Internet browsers.
The newly issued Executive Order gives NIST, DHS several goals and corresponding deadlines over the next year. NIST will work with industry to create a cybersecurity framework. DHS is expanding the information sharing program so industry can receive classified and unclassified cyber threat data more easily and more quickly.
Tags: technology , NIST , Patrick Gallagher , DHS , Bruce McConnell , Jane Holl Lute , Michael Daniel , White House , cybersecurity , information sharing , Verizon , U.S. Chamber of Commerce , Alan Paller , Craig Silliman , Jason Miller
The Defense Department plans to boost the ranks of cybersecurity professionals, increasing cyber staff at U.S. Cyber Command by more than five times to some 4,900 employees. But DoD's plan is daunting in more ways than one. The job qualifications and skills needed for the kinds of positions the Pentagon wants are rare and often require years of training and hands-on experience. And even if DoD looks outside the confines of the Pentagon to fill these roles, it's not entirely clear where the new cyber pros would come from.