Software assurance policies could be a foundation principle for cybersecurity at your agency in the next five years. That's a prediction from Richard Stiennon, the host of the Security Current blog, the founder of IT Harvest and the author of Surviving Cyberwar. Stiennon tells In Depth with Francis Rose he sees a cybersecurity culture shift inside the beltway.
Sen. Tom Carper (D-Del.), chairman of the Homeland Security and Governmental Affairs Committee, said Thursday the committee plans to mark up a bill on May 21 to give DHS more tools to hire cyber workers more easily.
The National Institute of Standards and Technology has launched a four-part plan to help agencies build more secure IT systems. NIST Computer Scientist Ron Ross, who guided a new publication on the issue, tells the Federal Drive with Tom Temin and Emily Kopp that the same engineering principles that apply to bridges and buildings should apply to IT. That is, security should be built in, not added later.
Rising stars in the cybersecurity field came together at the University of Massachusetts Boston recently to hone their skills.
In this edition of Inside the Reporter's Notebook, Executive Editor Jason Miller shares news and buzz about the IT and acquisition communities.
DHS says it found out about the Heartbleed vulnerability at the same time everyone else did. But unlike most other organizations, it had to wade through layers of legal negotiations before it could help federal agencies fix the cyber vulnerability in their own systems.
Agencies are getting smarter about cyber. The Homeland Security Department and General Services Administration are fine-tuning a contracting vehicle for tools that let agencies not only monitor their computer networks 24/7, but also fix things that go wrong. The umbrella term for the tools is continuous diagnostics and mitigation (CDM). Xceedium is a supplier of CDM software products. Ken Ammon, the chief strategy officer of Xceedium, told Federal Drive hosts Tom Temin and Emily Kopp what's in store for phase two of CDM.
Financial advisor Arthur Stein will answer your calls and emails about the TSP. Also, Andy Medici and Amber Corrin of the Federal Times will discuss, among other things, Public Service Recognition Week and the recently passed DATA Act. April 30, 2014
The agency that runs federal employees' (401)k-style Thrift Savings Plan needs to do a better job monitoring potential cyber incidents against its website, strengthen security at its data centers and come up with a plan for tracking all of its technology hardware. That's according to recent audits of the TSP program undertaken by the Labor Department, which were presented to the Federal Retirement Thrift Investment Board Monday.
The Securities and Exchange Commission is asking 50 registered investment advisers and broker-dealers for more information about how they protect their systems from cyber attacks.
In this edition of Inside the Reporter's Notebook, Executive Editor Jason Miller shares news and buzz about the IT and acquisition communities. GSA and SBA continue their ongoing quarrel over the Office Supplies 3 contract, and April marks the three-year anniversary of NSTIC's release.
Verizon's annual data breach report says federal employees cause nearly 60 percent of reported cyber attacks in government. And 34 percent of those breaches come from small mistakes, like emailing documents to the wrong person. Mark Forman, former administrator of the Office of e-Government and IT or the first federal CIO, is vice president for IT services and cloud initiatives at TASC. He tells In Depth with Francis Rose you and your co-workers could be the reason for a cyber breach at your agency.
"Inside the DoD's Reporter's Notebook" is biweekly feature focused on news about the Defense Department and defense community as gathered by Federal News Radio DoD Reporter Jared Serbu.
Federal Managers Association President Pat Neihaus, and Andy Medici and Nicole Blake Johnson from the Federal Times will give us an update on a number of different pay issues affecting feds. April 16, 2014
Federal cybersecurity officials are in knots over the Heartbleed threat. The vulnerability potentially affects a common data encryption system used on internet servers. Homeland Security says federal web servers are OK. Qualys has a free online SSL Server Test that can analyze a web server. Alan Paller, director of research at the cybersecurity education firm SANS Institute, explained the threat to Federal Drive hosts Tom Temin and Emily Kopp.