Generic

Cybersecurity News

 

Treasury Secretary warns of cyber threats to financial sector
FCW
07/16/14

Treasury Secretary Jacob Lew warned of the dangers of cyberattacks on the financial sector in a July 16 speech in New York City, calling the cyber defense of businesses and government "a central test for all of us going forward."Lew beseeched financial services firms and vendors that serve them to use the Obama administration’s framework document for managing cyber risk for critical infrastructure, and joined other administration officials calling on Congress to pass a cybersecurity bill to bolster public-private information sharing of threats and to protect firms from liability for sharing such information.


Lew says financial industry could do more to prevent cyberattacks
The Washington Post
07/17/14

Treasury Secretary Jack Lew said July 16 that banks and credit unions have faced 250 distributed denial-of-service attacks since 2011 — a type of cyberassault that officials believe could disrupt the U.S. financial system.Lew said the Treasury Department will launch the Financial Sector Cyber Intelligence Group to circulate warnings about cyber­threats and thwart electronic incursions.


Feds declare big win over Cryptolocker ransomware
Computer World
07/15/14

Even as security researchers reported that the hacker gang responsible for the Gameover Zeus botnet had begun distributing new malware, U.S. government officials claimed victory over the original and said that the Cryptolocker ransomware that the botnet had been pushing has been knocked out.


A new age in cyber security: Public cyberhealth
Dark Reading (commentary)
07/17/14

Managing mass cyber infections is challenging. Our adversaries are well funded, agile, and adaptive. They are also constantly seeking the next weakness to exploit. Clean-up operations require broad global cooperation from law enforcement, domain registrars, security vendors, sinkhole operators, and most importantly, victims -- who must largely "opt-in." The recent Justice Department DOJ effort aimed at disrupting several mass cyber infections was one of the first and largest experiments of its kind in cyberhealth notification and inoculation, and is a blueprint for good public cyberhealth.


Report: Administration, Congress, others must better shield electricity grid vs. cyber attack
Roll Call
07/15/14

A high-level report on the security of the electricity grid is complimentary of the Obama administration’s efforts to protect it and faults Congress for not doing enough. Yet protecting the grid — "the most critical of critical infrastructure" and "the backbone of our modern society" — requires more action from everyone, from the executive branch to the Hill to industry, the report for concludes. It details the nature of the threat, from which countries it emanates, what has been done about it and should be done about it in all branches of government, from the state regulatory level to within the private sector.


Chinese hackers extending reach to smaller U.S. agencies, officials say
The New York Times
07/16/14

After years of cyberattacks on the networks of high-profile government targets like the Pentagon, Chinese hackers appear to have turned their attention to far more obscure federal agencies. Law enforcement and cybersecurity analysts in March detected intrusions on the computer networks of the Government Printing Office and the Government Accountability Office.


Tech decisions driving Michigan's public safety expansion
GCN
07/07/14

In the last decade, the state of Michigan has achieved near blanket coverage of its Public Safety Communications System (MPSCS), a digital voice IP network of federal, state, tribal and private public safety agencies and police departments across the state.Today, 1,460 agencies are knitted together via the network, an order of magnitude more than the 152 linked in 2002. The growth is attributed to three primary factors: economies of scale, increased equipment interoperability and resiliency in the network.


How to approach declining federal IT spending
Next Gov
09/17/14

More efficient federal information technology systems will require fewer dollars, according to a new report from Deltek that predicts agency IT spending will fall from $101 billion to $94 billion in five years. Deltek factors in IT spending that often is left out of the overarching budget numbers, such as technology for the judicial and legislative branches and the intelligence community, as well as IT embedded in large defense systems.


How to spot opportunities in VA's health record quest
Washington Technology
07/16/14

The story of federal electronic health records (EHRs) has taken another turn, with solicitations released by of the Defense and Veterans Affairs departments.. The VA thinks its Veterans Health Information Systems and Technology Architecture (VistA) Evolution Program could be the standardized EHR format across VA and the DOD – and they aim to prove it by pursuing DOD’s Department Healthcare Management Systems Modernization (DHMSM) contract, now in its third revision.


DeSalvo: Time for the heavy lifting on health record interoperability
FCW
07/17/14

The federal government is fleshing out the details of a 10-year plan to put in place interoperability standards for electronic health records. The Office of the National Coordinator for Health IT recently outlined basic policy building blocks in a vision paper.Six months into her tenure, ONC head Dr. Karen DeSalvo is now leading the charge to get comments from vendors, clinicians and other stakeholders to develop technical standards, certification for EHR systems, and privacy and security protections for health records, while also guaranteeing consumer access to individual records.


As cyber attackers get more sophisticated, so must agencies' protections
Federal News Radio
07/18/14

At a recent panel discussion, federal agency and private sector information security experts examined cyber prevention tactics and warned cyber criminals are stepping up their game with no signs of stopping. This includes launching more sophisticated attacks, yet on the opposite end, skewing simple in hacking tactics too.


Why a detection-centric approach to cybersecurity is the wrong path for federal
Next Gov (op-ed)
07/16/14

Surely, detection is a key component of any security program. But should our government be spending more time on detection than prevention? The answer is no. Here's what’s wrong with a detection-centric approach, how to build prevention into systems and ways to strike an appropriate balance between prevention and detection.


Teaming up to train, recruit cyber specialists
FCW
07/18/14

Two of the Department of Energy's advanced research laboratories are joining with Bechtel to recruit and train cybersecurity specialists to protect critical infrastructure.Lawrence Livermore National Laboratory said in a July 15 statement that it was joining Bechtel BNI and Los Alamos National Laboratory in a program aimed at training a new class of cyber defense professionals. Bechtel co-manages both labs with the University of California and other partners.


Senate hearing calls for changes to cybercrime law
Dark Reading
07/16/14

In the wake of Microsoft's seizure of No-IP servers and domains, private and public sector representatives met to discuss what can be done to address the problem of botnetsk with panelists at a Senate Judiciary Committee hearing calling for changes to the Computer Fraud and Abuse Act (CFAA) and other legislation that addresses cybercrime.


Northern Command nominee: U.S. behind in cyber defense
FCW
07/18/14

A Navy admiral nominated to head the joint command responsible for defending the U.S. homeland and aerospace acknowledged in his confirmation hearing that the country is lagging in its cyber-defense of critical infrastructure.Adm. William Gortney, who has been tapped to head the U.S. Northern Command and the North American Aerospace Defense Command, also told the Senate Armed Services Committee on July 10 that he was unaware of a formal coordinating mechanism between Northern Command and the Department of Homeland Security for responding to cyberattacks.


DISA shutters Alabama DECC
C4ISR & Networks
07/16/14

The Defense Information Systems Agency is moving forward with plans to centralize IT operations, closing a defense enterprise computing center (DECC) in Huntsville, Alabama. The latest closure is expected to save the Defense Department $3.2 million per year. DISA now has 10 DECCs, a decrease from 18 in 2008. Overall the closures—part of the broader Federal Data Center Consolidation Initiative, and also in line with the department’s transition to the Joint Information Environment (JIE)—are expected to save DoD $17 million per year.


Army moving enterprise apps to core data centers
Defense Systems
07/14/14

In line with its data center consolidation plan started three years ago, the Army has begun moving its enterprise systems and applications to designated core data centers.The migration represents the first step in establishing policies and procedures for the centralization of data hosting, according to an Army release. The entire migration is slated to be completed by the end of fiscal 2018.


Senate would trim president's defense IT budget by $500M
FCW
07/15/14

The Senate Appropriations Defense Subcommittee approved a bill July 15 that would provide $500 million less for defense IT than President Barack Obama’s budget requested.A bill summary provided by the subcommittee justified the lower figure -- which it said was 3 percent below the president’s request -- by saying, :trimming IT funding will help prioritize and better target non-cybersecurity IT investments in an era of fiscal constraint."


Senate bill proposes $61.6M in cuts to Pentagon IT programs
C4ISR & Networks
07/17/14

The Obama administration requested about $11 billion for all Defense Department information technology activities next year. However, in a report accompanying its 2015 military spending bill, the Senate Appropriations Defense subcommittee proposes several sizable cuts, and is calling on DoD to trim duplicative programs.


Identity management will get a mobile makeover by 2017
Information Week - Bank Systems & Technology
07/16/14

The proliferation of mobile devices has led to a new consumer paradigm -- many consumers think and act in a “mobile-first” way. In financial services, devices are moving from simple information servicesto transaction providersor more complex solutions, with adoption growing. A key building block to this trend is a high-quality method of determining identity. In the first of a two-part series, how mobile will change user authentication and risk management in financial services is explored.


Report says oil companies still complacent on cybersecurity
Government Technology
07/11/14

Oil companies and others with critical infrastructure are ill-prepared to thwart computer system threats, even though more than two-thirds have had at least one significant security compromise in the past year, according to a new report from the Ponemon Institute.Just 17 percent of the 599 security executives at utility, oil, gas, energy and manufacturing companies surveyed by the research group said they had deployed most of their major information technology initiatives meant to fend off cyberattacks. And only 28 percent of the respondents said security was one of the top five strategic priorities at their organizations.


New docs show DHS was more worried about critical infrastructure flaw in '07 than it let on
Computerworld
07/09/14

The Department of Homeland Security has mistakenly released hitherto little-known details on Aurora, an experiment conducted in 2007 in which researchers destroyed a 27-ton diesel generator via a cyberattack on its control system.The document suggests that DHS was considerably more concerned about the threat to critical industrial control systems highlighted by Aurora than it generally let on. Security experts have long maintained that the DHS and industry stakeholders have downplayed potential threats to critical infrastructure and have done nothing to address the problem.


Cyber threats put energy sector on red alert
The Hill
07/15/14

Officials working to protect the nation from online threats are casting a wide net as they seek to guard against hackers and foreign governments targeting the United States. Lately the focus has shifted to the power lines and oil pipelines that crisscross the country, providing vital energy sources that could be hijacked for nefarious ends.


Defensive tactics against sophisticated cyberspies
CIO
07/08/14

Aligning security systems with intelligence gathered on groups of elite hackers working for nation states is a key defense for targeted organizations, experts say. The importance of such a strategy was highlighted this week in a report that found a particular band of Chinese hackers capable of switching targets quickly as geopolitical events changed. Defending against such flexible attackers requires a steady stream of intelligence on such groups, so rules can be updated in firewalls and intrusion detection systems (IDS) and indicators refreshed in security information and event management (SIEM) products. These constant intelligence-based adjustments are an effective way to at least stay even with attackers.


Nearly 70% of critical infrastructure providers suffered a breach
Help Net Security
07/10/14

New research finds alarming gaps in the security of the world's critical infrastructure. Nearly 70 percent of companies surveyed that are responsible for the world's power, water and other critical functions have reported at least one security breach that led to the loss of confidential information or disruption of operations in the past 12 months.


97 percent of key industries doubt security compliance can defy hackers
Next Gov
07/10/14

Only 3 percent of information technology executives at utilities and other businesses critical to society strongly believe security rules and standards decrease threats to the systems running their operations, according to a new study. The Ponemon Institute report comes amid warnings by the Department of Homeland Security about a hacker operation that already has attacked U.S. and European energy companies.


DHS’s Spaulding on cybersecurity: We’re all part of the solution
The Modern Network
07/08/14

At a recent AFCEA Cyber Symposium, Suzanne Spaulding, undersecretary for the National Protection and Programs Directorate at DHS, emphasized the physical consequences of cyber-attacks and that cybersecurity is a means to keep the cyber infrastructure safe and working for citizens and businesses. Spaulding stressed that the physical and cyber worlds are interconnected not only in terms of consequences, but also in terms of organizational infrastructure and the need for public/private partnerships to advance cybersecurity in the U.S.


Experts: Latest China hack OK under U.S. rules
Politico
07/10/14

China’s alleged efforts to hack into a trove of personal information about U.S. federal government employees seeking security clearances shows a brazen disregard for American sovereignty. But some analysts point out it’s also precisely the kind of national security-focused cyberespionage that U.S. intelligence agencies engage in against other countries — and say is well within the bounds of modern spycraft.


Israel pledges tax breaks for prospective cyber partners
Defense News
07/08/14

Israel is promising tax breaks and access to cooperative cyber programs to lure leading domestic and multinational firms to a new national cyber park in the Negev desert. Approved by the Israeli Cabinet July 6, the incentives aim to advance Israel’s drive toward global cyber power status through strategic partnerships, investment and employment expected from the high-tech hub being built in Beersheba.


Japan reports surge in cyber attacks on government systems
Business Day Live
07/10/14

Japan has seen a surge in cases of irregular access to government computer systems and cyber attacks on operators of critical social infrastructure, and Tokyo is considering ways to respond, according to a top official.


How wearables & IoT will go to work
Information Week (commentary)
07/14/14

Smartphones are alive and well, but there's a next big thing coming in mobile: wearable devices combined with the Internet of Things (IoT). ABI Research expects 90 million wearable devices to ship globally in 2014 and IDC recently predicted that the IoT market would reach $7.1 trillion by 2020.


OPM hacking attack exposes weaknesses in cyber defense
Federal Times
07/14/14

As investigators probe a March cyber attack on sensitive federal personnel databases at OPM, some are calling for more clarity over who is responsible for protecting federal networks from cyber threats. Rep. Michael McCaul (R-TX), chairman of the House Homeland Security Committee, called on Congress to streamline and enhance the government’s cybersecurity defenses and empower DHS to assume a leading role in defending federal networks. Sen. Tom Carper (D-DE), chair of the House Homeland Security & Governmental Affairs Committee, said it is critical for Congress to modernize what he said were outdated cybersecurity laws in order to help prevent attacks on critical systems in the future.


The future of GWACs
FCW
07/10/14

As the agencies that run government-wide acquisition contract providers prepare to refine and improve their offerings, officials in charge of those GWACs are thinking about how to handle some thorny issues. Among them are strategic sourcing initiatives across government, Federal Acquisition Regulation (FAR) and simply getting federal IT cultures to consider GWACs for their projects.


Agencies reset after missing the mark on cybersecurity goals
Federal News Radio
07/14/14

Despite steps forward, agencies fell short of their 2014 targets for cybersecurity, so the Obama administration is pushing chief information officers to focus on priorities of continuous monitoring, phishing and malware, and authorization processes for 2015, according to the newly released cross-agency priority goals on Performance.gov. The administration continues encouraging agencies to implement information security continuous monitoring mitigation (ISCM), which continually evaluates agency cybersecurity processes and practices, according to the report.


A brief history of federal network breaches and other information-security problems
The Washington Post
07/11/14

U.S. officials have confirmed hackers may have breached an Office of Personnel Management’s network that contains personal information about federal employees. Data breaches occur somewhat regularly within the federal government, with the GAO reporting that 25,566 information security incidents occurred last year, more than double the number from 2009. Here is a brief history of major cyber-security problems that agencies experienced dating back to the latter part of President George W. Bush’s second term.


DHS Inspector General embraces continuous monitoring
Fed Tech
07/10/14

The Department of Homeland Security’s Office of the Inspector General has one of the highest FISMA compliance scores in the federal government, in part due to its Information Security Continuous Monitoring (ISCM) Program.The office runs automated security scans on 80 to 90 percent of its IT assets every 10 days and is working to do it faster and across more devices.


Creating a standard approach to cloud SLAs
Fed Tech
07/11/14

In 2011, NIST identified the need for standard service level agreements (SLAs) as one of 10 high-priority requirements to further the government’s adoption of cloud computing. NIST is one of several organizations collaboratively developing a standard for identifying the components that should appear in an SLA, the metrics that can be used within an SLA and the requirements.


FBI explores commercial cloud capabilities
Next Gov
07/14/14

The FBI is pondering a move to online storage of criminal records, fingerprints and other biometric data, partly to expedite rap sheet searches, according to bureau contracting officers and consultants.A July 11 request for information states the FBI seeks industry feedback on deploying commercial cloud services. The document also insists the solution must be compliant with Federal Risk and Authorization Management Program (FedRAMP) controls and "only proposals from authorized [Amazon Web Services] resellers will be accepted."


Cyber operations centers of academic excellence list expands
Signal Online
07/14/14

The National Security Agency (NSA) has selected five more schools for the National Centers of Academic Excellence (CAE) in Cyber Operations Program, which is designed to cultivate more U.S. cyber professionals. These schools are now designated as Cyber Operations CAEs for the 2014-2019 academic years: New York University, Towson University, United States Military Academy, University of Cincinnati, Ohio and University of New Orleans. The program, which now has a total of 13 schools, complements the more than 100 existing centers of academic excellence in information assurance research and education jointly overseen by the NSA and DHS.


Congress is overdue in dealing with the cybersecurity threat
The Washington Post (editorial)
07/13/14

A torrent of cyberattacks — disruption, espionage, theft — is costing U.S. business and government billions of dollars. It has been clear for several years the nation needs to vastly improve protection of its private networks and only government has the sophisticated tools to do that, but Congress has balked at legislation that would ease the necessary cooperation. Thus it was encouraging to see the Senate Intelligence approve a cybersecurity bill that would begin to bridge the gap. Privacy concerns should not stand in the way of a good cybersecurity bill. Rather, it is a reason for Congress to build in workable and sufficient privacy protections and get on with passing legislation that is long overdue.


Pentagon software inventory meets requirements
FCW - News in Brief
07/09/14

The Defense Department's plan to collect inventory data meets all statutory requirements prescribed by Congress, the GAO has confirmed.The FY 2013 National Defense Authorization Act called on DoD to identify and explain software licenses it has chosen and summarize those it did not choose; offer a comparison of purchased licenses against installed licenses; describe how the department will assess its need for selected software licenses over the two fiscal years after the plan is issued; and describe how the department can achieve the greatest economies of scale and cost savings in the procurement, use and optimization of selected software licenses.


DOD acquisition reform focused on people, not processes
FCW
07/10/14

Frank Kendall, undersecretary of Defense for acquisition, technology and logistics, recently underscored the urgency for acquisition reform in light of stagnant budgets and greater demands for efficiency and savings while trying to keep pace with changing technology. He said IT "covers a huge amount of ground" in defense acquisitions, including network infrastructure, business systems, national security IT systems and IT embedded in weapons systems.


Scott Air Force Base poised for military cybersecurity boom
Government Technology
07/14/14

Scott Air Force Base in Illinois is poised to benefit enormously for many years to come from its rapidly growing role as a central hub for Pentagon cybersecurity operations. Two weeks ago the Air Force announced that Scott would get two new cybersecurity squadrons, for a total of 320 military and civilian jobs. The Air Force also will spend $16 million to remodel and expand existing buildings to house the new units. The addition of the new squadrons -- whose missions include defending military and civilian data networks, as well as probing and attacking enemy networks -- will likely be the start of a high-tech job boon at and around Scott.


Senate panel slams canceled Air Force IT program
FCW
07/09/14

About a year and half after the Air Force canceled its Expeditionary Combat Support System, the Senate Armed Services Committee has released a scathing report on the failed IT program. The ECSS, a software system for enterprise management, was a waste of $1.1 billion and the eight years spent on the project, the report concluded. The Air Force’s handling of the program revealed a "cultural resistance to change" within the service, the report said. With the ECSS debacle in mind, the committee adopted an amendment to the fiscal 2015 defense authorization bill that would require DoD to understand its existing systems before procuring a big new business system.


DOD’s biometric terrorist ID upgrade ready for another close-up
Defense Systems
07/10/14

An upgrade to the Defense Department’s biometric system for identifying terrorists, criminals, and others of interest has passed one round of tests and is ready for an operational test to determine whether it’s fit for the field. Version 1.2 of the Automated Biometric Identification System (ABIS) is capable of processing 30,000 transactions a day—twice that of Version 1.0—and will increase its storage capacity from 10 million records to 18 million. U.S. forces in theater use ABIS to gather biometric data—fingerprints, palm prints, iris and facial scans—that is linked to the FBI’s Integrated Automated Fingerprint Identification System and DHS' IDENT System to identify potential terrorists or other adversaries.


Global eID revenue to reach $54 billion, says Acuity
BiometricUpdate.com
07/10/14

According to a new study from Acuity Market Intelligence, the global market for national electronic ID (eID) programs will generate $54 billion in revenues between 2013 to 2018. The firm also estimates that the number of national eID cards in circulation will double from 1.75 billion to 3.5 billion during this same time period.


Ga. health care provider rolls out iris biometrics
Secure ID News
07/10/14

Archbold Memorial Hospital in Thomasville, Georgia has deployed an iris biometric patient identification system because it wanted an identification system that could help to prevent mix-ups, stop patient identity fraud, eliminate the creation of duplicate medical record and reduce billing errors. Administrators recognized that iris biometrics presented advantages in patient identification speed, accuracy, hygiene, real-time de-duplication search capability and data standardization.


Visa Europe: Biometrics may enable mobile payments
Secure ID News
07/14/14

In order to enable quicker and more secure payments on mobile devices, retailers are turning to different APIs that store payment card data in the cloud. This way a consumer doesn’t have to type in all the payment card information but instead just properly authenticate to the site, says an official with Visa Europe. On way that consumers may be identified is with biometrics.


Chinese hackers pursue key data on U.S. workers
The New York Times
07/09/14

In March, Chinese hackers in March broke into the government's Office of Personnel Management computer networks, which houses the personal information of all federal employees, in an apparent effort to target the files on tens of thousands of employees who have applied for top-secret security clearances. The hackers gained access to some of the OPM databases before authorities detected the threat and blocked them from the network. It is not yet clear how far the hackers penetrated the agency’s systems, in which applicants for security clearances list their foreign contacts, previous jobs and personal information like past drug use.


Big push this month for more widespread cybersecurity effort
SF Gate
07/05/14

So far, the 5-year-old National Cybersecurity and Communications Integration Center has largely occupied itself monitoring threats to government networks. Now, with backing on Capitol Hill, it is ready to bolster its role as an antihacking coordinator between banks, utilities and other companies operating the networks that millions of Americans use daily. But there is resistance to putting a federal cybercenter at the heart of antihacking efforts. Some industry officials who work with the government are skeptical the center, run by the Department of Homeland Security, has the resources to do the job.

China hackers compromise Iraq experts at national security think tanks
Threat Post
07/08/14

Computers at a number of unnamed national security think tanks were compromised by hackers linked to China trying to glean intelligence on U.S. policy in Iraq. Experts at Crowdstrike, which has a pro bono relationship with think tanks and provides them detection capabilities, said the group it calls Deep Panda began its Iraq-related operation on June 18, the same day the Islamic State of Iraq and the Levant (ISIS) took control of the Baiji oil refinery, which refines one-third of the country’s crude oil. China is the largest foreign investor in Iraq oil.


Cyber war council idea wins few backers
Gov Info Security
07/08/14

An idea to create a cyber war council, reportedly proposed by a financial services industry trade group, has not received an enthusiastic reception from cybersecurity experts, some of whom question its viability to defend against crippling cyberattacks.The Securities Industry and Financial Markets Association proposes a government-industry cyber council designed to help prevent terrorist attacks that could trigger financial panic, according to a news report the association declines to confirm.


Banks dreading computer hacks call for cyber war council
Bloomberg Business Week
07/08/14

Wall Street’s biggest trade group has proposed a government-industry cyber war council to stave off terrorist attacks that could trigger financial panic by temporarily wiping out account balances. The proposal by the Securities Industry and Financial Market Association calls for a committee of executives and deputy-level representatives from at least eight U.S. agencies. The association reports an unusually frank and pessimistic view by the industry of its readiness for attacks wielded by nation-states or terrorist groups that aim to "destroy data and machines," and says the concerns are “compounded by the dependence of financial institutions on the electric grid,” which is vulnerable to physical and cyber attack.


Cyberattacks from foreign states 'are a different kind of war'
Government Technology
07/03/14

Most of the time, power generators' industrial control systems aren't connected to unsecured public networks like the Internet. That may not be the case when operators need to install manufacturers' software upgrades or run diagnostics. Recent cyberattacks show that the sliver of time that control systems are connected to outside networks is more than enough to embed malicious software on power grids.


In fog of cyberwar, US tech is caught in crossfire
Dark Reading (commentary)
07/09/14

The disclosure of the US’s own cyber counter-terror tactics, and the reaction from around the world, has created a dangerous situation for the US economy, with technology firms particularly in the crosshairs. Distrust of the US intelligence community is eroding consumer confidence and hampering US technology firms on the global stage at a time when the sector should be showing unprecedented growth.


On CDM, avoid a 'right train, wrong track' problem
Federal Times
07/09/14 (op-ed

DHS recognizes the challenges inherent in implementing a unified agency-wide continuous monitoring program. That's why DHS' Continuous Diagnostics and Mitigation (CDM) Program isn’t just about procuring products or filling a continuous monitoring shopping list. DHS’ CDM/CMaaS blanket purchase agreement provides access to services to help agencies plan and implement CDM with the least amount of disruption, pain, and cost.


Mastering the basics of continuous diagnostics
Fed Tech
06/26/14

The Continuous Diagnostics and Mitigation program, the federal cybersecurity initiative run by the Department of Homeland Security with assistance from the General Services Administration, is certainly new. But the basics of CDM are rooted in cybersecurity best practices that agencies are well aware of and should be utilizing.


Why the government Is probably about to go on a spending spree
Next Gov
07/07/14

Agencies didn’t always save the bulk of their spending for September, but that’s how it has worked out recently – and this year, the pattern is especially pronounced, according to an analysis by Deltek. Agencies will make 35.4 percent of their 2014 purchases between this month and the end of the fiscal year on Sept. 30, with most of that occurring in September, Deltek predicted. The numbers are even higher for specific procurement types -- in the last five years, 39 percent of government information technology purchases were made in the fourth quarter.


GSA wants to add cloud category to IT Schedule 70
Federal News Radio
07/09/14

The General Services Administration is seeking to roll out a new category especially for cloud services under its massive IT Schedule 70 contracting vehicle. GSA officially posted the request-for-information to industry on FedBizOpps.gov July 9, saying the new category would help "increase visibility and access of cloud computing services to customer agencies," and would help "provide industry partners the opportunity to differentiate their cloud computing services from other IT related products and services."


IC moves toward common desktops
C4ISR& Networks
07/08/14

Uniting the entire Intelligence Community (IC) under a common desktop environment promises to help managers, analysts and other system users generate and share information more productively and efficiently.The Defense Intelligence Agency (DIA) and the National Geospatial-Intelligence-Agency (NGA) deployed the first stage of the Intelligence Community Desktop Environment (IC DTE) last summer, an now almost 4,000 users at the two agencies are taking advantage of the technology’s simpler access structure, flexible device support and sophisticated new collaboration tools. Despite the many benefits the environment is expected to provide, expanding the system across the entire IC won’t be easy.


DEA probes geospatial cloud
FCW
07/08/14

The Drug Enforcement Administration is gearing up to lead a cloud-based mapping initiative. The DEA is planning a cloud-based version of a geospatial information system dubbed eGIS, which brings together mapping tools from Google Earth Enterprise and ESRI ArcGIS mapping.


NIST goes global with cyber framework
FCW
07/03/14

In recent weeks the National Institute of Standards and Technology, the agency that helped develop the cybersecurity framework between government and critical infrastructure firms, has sent delegations to other nations carrying a message of how governments and commercial sectors can collaborate to respond to cyber threats.A NIST official says, "We view the framework … as a potential model for furthering international dialogue."


DOT CIO on cyber, shared services and 'technology that is changing constantly'
FCW
07/08/14

In his first year on the job, Department of Transportation CIO Richard McKinney has made cybersecurity a priority, opened up massive amounts of data and named an agency chief data officer.McKinney discusses the learning curve at a large and federated agency, the challenges he foresees and what he hopes to accomplish with DOT technology.


Senate panel OKs bill encouraging companies to share cyber threat data with gov't
Fierce Government IT
07/08/14

The Senate Select Committee on Intelligence July 8 easily approved a cybersecurity bill that would encourage companies to voluntarily share information about cyberattacks with the government, but the measure still faces opposition from privacy and civil liberties groups. Last year, the House approved a similar bill - the Cyber Intelligence Sharing and Protection Act (CISPA) - that privacy advocacy and civil liberties groups also said would undermine individual privacy protections.


Senate Intelligence Committee approves cyber security bill
SC Magazine
07/09/14

With the blessing of powerful financial industry proponents — and under criticism from privacy advocates — a recently revised cybersecurity bill has been approved by the Senate Intelligence Committee. The bi-partisan Cybersecurity Information Sharing Act of 2014 relies on the federal government and the private sector to voluntarily share information on cyber threats, which its detractors contend will result in information flowing mostly one way — from private industry to government agencies like the National Security Agency (NSA).


DoD seeks ideas on mobile phones of the future
FCW
07/07/14

Mobility is advancing faster than government procurement cycles, and the Mobility Program Office of the Defense Information Systems Agency (DISA) has issued a request for information to start looking for a hardware upgrade.DISA is looking to update its acquisitions processes, and in the meantime is looking to industry for help in developing a device that can meet the security demands of storing and transmitting classified data and work across the networks of multiple providers.


International partners key to DoD's new R&D strategy
C4ISR & Networks
07/08/14

The Defense Department is set to roll out a new strategy designed to make sure researchers know about ongoing technological developments around the world, and can take advantage of spending by close allies to fill gaps in capabilities and cut costs. The "International S&T Engagement Strategy" aims to use advances in big data technology to create easily searchable databases for use by the Pentagon’s "communities of interest." DoD intends to take a look at where it can do a better job of using partner investment to cut the cost of developing some technologies, and where it can take advantage of investments by allies for technologies that might fill US gaps.


Rogers: Cybersecurity is the 'ultimate team sport'
Federal Times
07/08/14

Adm. Michael Rogers, the new commander of the U.S. Cyber Command and director of the National Security Agency, discussed his initial thoughts as "the new guy" on the job as the nation’s top cyber warrior during a June 24 keynote address to a cybersecurity conference in Baltimore organized by the Armed Forces Communications and Electronics Association International.Here are excerpts from that speech.


Biometrics Institute sees rise in biometrics among mobile devices
BiometricUpdate.com
07/09/14

The Biometrics Institute has released the results of its 2014 Industry Survey, which saw a significant rise in the use of biometrics among mobile devices over the past year.


Can biometrics solve the identity management riddle?
Federal Times
07/09/14

The pressure is on the federal government to find identity management solutions as citizens increasingly demand the same easy-to-consume, online services from agencies that they get from their banks or credit card companies. That pressure forces federal officials to strike a balance between opening themselves up to risk by putting sensitive information online and meeting citizen demand for access. Are biometrics the answer to the identity management problems the government is struggling to solve?